sunnewsonline.com Open in urlscan Pro
2606:4700:20::ac43:4826 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Submission: On August 14 via api (August 14th 2023, 10:17:48 am UTC) from ZA — Scanned from DE

Summary HTTP 400 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 70 IPs in 10 countries across 49 domains to perform 400 HTTP transactions. The main IP is 2606:4700:20::ac43:4826, located in United States and belongs to CLOUDFLARENET, US. The main domain is sunnewsonline.com. The Cisco Umbrella rank of the primary domain is 603838.
TLS certificate: Issued by GTS CA 1P5 on June 23rd 2023. Valid for: 3 months.

This is the only time sunnewsonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
78	2606:4700:20:... 2606:4700:20::ac43:4826	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 23	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700:e2:... 2606:4700:e2::ac40:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d014:776... 2a05:d014:776:a63e:931e:6ac2:944b:f27e	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:9400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:1200:a:e047:753:6381	() ()
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	185.64.190.84 185.64.190.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
1	108.128.108.17 108.128.108.17	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
63	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2 7	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	52.222.214.123 52.222.214.123	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.41 143.204.215.41	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.177.27.67 18.177.27.67	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	18.193.132.164 18.193.132.164	16509 (AMAZON-02) (AMAZON-02)
2	3.124.27.97 3.124.27.97	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
10	3.122.125.22 3.122.125.22	16509 (AMAZON-02) (AMAZON-02)
9	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:9017	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4001:809::2003	() ()
400	70

78 2606:4700:20::ac43:4826 (United States)

ASN13335 (CLOUDFLARENET, US)

sunnewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:e2::ac40:880f (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bshr.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:776:a63e:931e:6ac2:944b:f27e (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1200:a:e047:753:6381 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.84 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.108.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-108-17.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.27.67 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-27-67.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.132.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-132-164.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.27.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-97.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.122.125.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9017 (United States)

ASN13335 (CLOUDFLARENET, US)

thesunnigeria.os.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4001:809::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151	2 MB
78	sunnewsonline.com sunnewsonline.com — Cisco Umbrella Rank: 603838	648 KB
38	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 pubads.g.doubleclick.net — Cisco Umbrella Rank: 431	414 KB
24	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	686 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 617 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9311 csm.eu.criteo.net — Cisco Umbrella Rank: 8962	195 KB
14	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 9569 g.ezodn.com — Cisco Umbrella Rank: 11536 bshr.ezodn.com — Cisco Umbrella Rank: 10038	241 KB
12	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566 btlr.sharethrough.com — Cisco Umbrella Rank: 1307	2 KB
12	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441	68 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 520	364 KB
10	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 116 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1649	95 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	219 KB
9	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6690	597 B
7	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 812	2 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3840 onesignal.com — Cisco Umbrella Rank: 1426	153 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553 ads.eu.criteo.com — Cisco Umbrella Rank: 8917 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15643 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10269	55 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	282 KB
4	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4345 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5752 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6091	16 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 318	179 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 553 ow.pubmatic.com — Cisco Umbrella Rank: 2205 t.pubmatic.com — Cisco Umbrella Rank: 2845	162 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	179 KB
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 757	1 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1497 google-bidout-d.openx.net — Cisco Umbrella Rank: 1496	713 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	134 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1602	26 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478	2 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	291 B
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7797	87 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 557	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1006	221 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 886	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1285 pixel.quantserve.com — Cisco Umbrella Rank: 1026	10 KB
2	ezoic.net g.ezoic.net — Cisco Umbrella Rank: 14258	55 KB
1	os.tc thesunnigeria.os.tc	693 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 37401	429 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 221	864 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4443	680 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1381	668 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 320	125 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1558	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1617	8 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2069	255 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1242	633 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1175	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	87 KB
0	33across.com Failed lexicon.33across.com Failed
400	49

	Domain	Requested by
78	sunnewsonline.com	sunnewsonline.com static.cloudflareinsights.com
63	tpc.googlesyndication.com	sunnewsonline.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.ampproject.org s0.2mdn.net securepubads.g.doubleclick.net
23	securepubads.g.doubleclick.net	3 redirects sunnewsonline.com securepubads.g.doubleclick.net 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
20	fonts.gstatic.com	fonts.googleapis.com
19	pagead2.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com www.googletagservices.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com sunnewsonline.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
11	go.ezodn.com	sunnewsonline.com
10	btlr.sharethrough.com	go.ezodn.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	aax.amazon-adsystem.com	c.amazon-adsystem.com sunnewsonline.com
10	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
10	fonts.googleapis.com	client securepubads.g.doubleclick.net 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com sunnewsonline.com tpc.googlesyndication.com
9	prebid.smilewanted.com	go.ezodn.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	cm.g.doubleclick.net	2 redirects 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
7	onetag-sys.com	2 redirects ads.pubmatic.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com go.ezodn.com
6	www.googleadservices.com	sunnewsonline.com
6	www.google.com	3 redirects 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com sunnewsonline.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com sunnewsonline.com pagead2.googlesyndication.com
6	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com sunnewsonline.com
4	s0.2mdn.net	imasdk.googleapis.com tpc.googlesyndication.com
4	cdn.jsdelivr.net	sunnewsonline.com ads.pubmatic.com securepubads.g.doubleclick.net
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	onesignal.com	cdn.onesignal.com
3	cdn.onesignal.com	sunnewsonline.com thesunnigeria.os.tc cdn.onesignal.com
3	ap.lijit.com	go.ezodn.com
3	www.gstatic.com	sunnewsonline.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
3	cdnjs.cloudflare.com	client cdnjs.cloudflare.com ads.eu.criteo.com
2	script.4dex.io	go.ezodn.com sunnewsonline.com
2	ssum-sec.casalemedia.com	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	x.bidswitch.net	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2	match.sharethrough.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2	cc.adingo.jp	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2	b1sync.zemanta.com	2 redirects
2	onetag-geo.s-onetag.com	sunnewsonline.com
2	prebid.a-mo.net	ads.pubmatic.com go.ezodn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects sunnewsonline.com
2	ow.pubmatic.com	ads.pubmatic.com
2	bshr.ezodn.com	sunnewsonline.com
2	imasdk.googleapis.com	sunnewsonline.com imasdk.googleapis.com
2	c.amazon-adsystem.com	sunnewsonline.com c.amazon-adsystem.com
2	g.ezoic.net	sunnewsonline.com
1	csi.gstatic.com	imasdk.googleapis.com
1	thesunnigeria.os.tc	cdn.onesignal.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	imasdk.googleapis.com
1	cadmus.script.ac	script.4dex.io
1	ib.adnxs.com	go.ezodn.com
1	hb-api.omnitagjs.com	go.ezodn.com
1	ums.acuityplatform.com	1 redirects
1	dclk-match.dotomi.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1	ups.analytics.yahoo.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	ads.eu.criteo.com	5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	sunnewsonline.com
1	t.pubmatic.com	ads.pubmatic.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	sunnewsonline.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	pixel.quantserve.com	sunnewsonline.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	sunnewsonline.com
1	ads.pubmatic.com	sunnewsonline.com
1	static.cloudflareinsights.com	sunnewsonline.com
1	g.ezodn.com	sunnewsonline.com
1	www.googletagmanager.com	sunnewsonline.com
0	lexicon.33across.com Failed	ads.pubmatic.com
400	78

This site contains links to these domains. Also see Links.

Domain
thesunmediafoundation.org
www.facebook.com
twitter.com
linkedin.com
api.whatsapp.com
dollarspathway.com
www.ezoic.com
go.ezodn.com
www.instagram.com
ng.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sunnewsonline.com GTS CA 1P5	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
ezodn.com E1	`2023-07-02` - `2023-09-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
ezoic.net R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.a-mo.net R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
script.ac E1	`2023-07-05` - `2023-10-03`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Frame ID: 2ECAF78B20DA5DDA9E237565C722F5D4
Requests: 209 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: F4FFCF3884E2755A1DF241ABB1E527A4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C1FAC2D133EFB77A3B522773FC51E5F
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22A8C00CE7BEECE219E0085E3B72E686
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sunnewsonline.com&us_privacy=1---
Frame ID: 55341921173BA8B9DBB985E499702538
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 0FCD3EA1711A6C4E4427013B5EC4EAA8
Requests: 16 HTTP requests in this frame

Frame: https://go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/234x60.png
Frame ID: C94E736403B498199FF0A48B2F3F3ABB
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44C5DD3BB729AA4A7804E248707CBC37
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: CA1608390468D68AF607499CA839DA8E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1692008262405
Frame ID: B969F90E224C9086643EADC930399976
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A8D4744EF72D2AD6D8D6979903630D7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Frame ID: D9C1EC11269CEAFC1A91D88F94E1C63E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A98467E90CA94987D92BA8EC0DF2719
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Frame ID: FB40C64D278DBED051B78F071AEDD7C2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 783A388674FB32222E835E3AAD79632D
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DF6180899C44FA522C506016223F3727
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 823B33C1BDCE1B1743C65C254F196D7F
Requests: 15 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67E44BD6EF6ED49737FF861192B7DE32
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Frame ID: DB9B4635DF0ED7C7A144F18D5F446550
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D643CD552CD430703BA44E3BC0884A0
Requests: 9 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 816D89EC686EEEB26633813D7F6DE7C5
Requests: 8 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31F56E5299AA09C3FAE6C13AB3E31DD3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Frame ID: 17A9DA972340A457629B56D29BF5046E
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F29DB87C9C43E5AF7E03A1D2099EEB63
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 594B199B2654658299CF21DF175D266B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: B98A8B7FE129C903E9C2C3ACAE993F24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: FB9FDB82BECD629D6298688E12092613
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 511808E9CA896C4149C0DA587A9F0E66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9EB4E09EB7B5FB86668A7B8D2710B02
Requests: 2 HTTP requests in this frame

Frame: https://thesunnigeria.os.tc/webPushIframe
Frame ID: FD7849E21384E32F14FD81BF76C524C3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SEC yet to receive GSK’s formal scheme of arrangement – The Sun Nigeria

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

400
Requests

97 %
HTTPS

55 %
IPv6

49
Domains

78
Subdomains

70
IPs

10
Countries

6145 kB
Transfer

14347 kB
Size

31
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://thesunmediafoundation.org/
Title: The Sun Foundation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=SEC%20yet%20to%20receive%20GSK%E2%80%99s%20formal%20scheme%20of%20arrangement&url=https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?mini=true&url=https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Search URL Search Domain Scan URL

URL: https://dollarspathway.com/l/sunnewsaug2022
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://go.ezodn.com/ads/charity/proxy?p_id=50ad158f-9397-42d6-6322-c1458cac3fbf&d_id=494158&imp_id=6269529070376993&c_id=1134&l_id=10016&url=https%3A%2F%2Fvillagebookbuilders.org%2Fdonate%2F&ffid=1&co=UA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheSunNigeria/

Search URL Search Domain Scan URL

URL: https://twitter.com/thesunnigeria

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thesunnigeria

Search URL Search Domain Scan URL

URL: https://ng.linkedin.com/in/the-sun-nigeria-555874158

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@thesuntv5081

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sunnewsonline.com&sn=ChromeSyncframe&so=0&topUrl=sunnewsonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0CNhBDYh5SexBU3RML-nkBDNZ_xyun-hR7XZBZSR5MWZ2J-QehB67QvOWHhWeNj5OWdG-UafnXoiKJuUbT-MPiwb1hDZmbK8ifd-_0sZD8T_G7CkwZdPX3NYfKpMW77eLLFoMvgkJQDKr4QGhzJQCxtUX0gI0X5xqMKu7zG0IQlLr5oRHYWKK3qDmy2GAcjPt62umfSuxJihI8_FohKIh2XOWs7Ffht5JNnba0mVbcCSIdZkiZ2hli4lk8nApHPjVC8RsA8N3f07qIgmenJI2eX1Sn6SoQUOpT6aSVR7amAOXlNMtb1_fVxvEySVBvhMcNXz4cbqyWUMv4yLxZTS7RpB7KlqMcf5bdiKnVJmWoFDktMAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6OkJ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=sKoXcd4QY9I&uach_m=[UACH]&ase=2&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228630331868034220673%22}&andc=true

Request Chain 179

https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYYoZ7REI_auNeactb9pIqfJOSMxm5JVQF2An9lb6ku-TllcS5UgTy4Emz7kWMOourZOxRjhqkPsee9wXxWNLE1-Zzpobcz6g_MY8_kTBA-I1rjdGauhhpx5bGxLmK1W4HuvJPSUbIfTTvSa88MSb8IcAPmAD0Ffd-cKX-6SYe1mETHZhj8lmzeoHgHXUkEnKkhb3HwAeoWQyWjVWrS-XK5t_5s66s5VSdQCfxZmV-lTtoyryP2ezCLlohhMVxL-JY9hQTZ-5sLnfnpdOaVMe5Z-G3UCfaaW2EK40rKL4-VQ6x7OQGIRc6apzNYiGHn8RfcfqDdwYyamjv0sKnJ2D-6ZuXk4tyV53lWiLM4UndXRV2aOHa1JOT53MAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8AC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=iGmDqDBh9YY&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22332521374725464433%22}&andc=true

Request Chain 235

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_cver=1&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=

Request Chain 236

https://cs.media.net/cksync?type=g&google_gid=CAESEGfwQ0l4_BYkXerL6nvLLO4&google_cver=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=

Request Chain 240

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ34DUrVhWrlBdMO3gvC8qzXOD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ34DUrVhWrlBdMO3gvC8qzXOD HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 300

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvZenXCN8b7ebvlveAL8bQ&google_cver=1&google_push=AXcoOmTys9i7UbxR5CdVrV5qqELfKWmZWC4wxEStWkgoEhI227QoG6aDtZM2SL7ncAXPGokeGxxpNDzI7C_aGDUNmtdhDaWFvWmi4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497

Request Chain 301

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_cver=1&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ

Request Chain 304

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 318

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_U2_qEkB-0RMTv713JyC_11ew_5Jstbk2-NpqehrUEncWm6IdweWrWm8Qpp3TRrKqQ_Q9LPIInD9bv_BpxFl-gzs_KHblI0wwqIp-6-d11Y0K7C0ZNZ9GZObtiXxnJan_aWIZfFIaS4szJZktsp88xn_1qUGPybBAgXijdUiE2TQ30oxh05myjhHwF4gZm9sbljU-Ti2PicGgEexbfsx6hvtiz3ZJbwnMJA_d6BwgoxOH4X2KCS5M1Xv5NZBIljUZXFAbjI_C4CVpFGrfyX8xu5Fl5dL65h3zFStYdue7FfcVMkmxeCEJsERJIiIjUAQ8AKwW3OfwPJBf_2Ti1PhjQVN213QjDqGSyE_TriKUcZpDcnhmHORO-LrABMCw7Z7rAeAEAZIFBAgEGAGSBQQIBRgEoAYugAeEwM80qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKfAAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbnRyYXRlay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=z9mkfxIc-0U&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&template_id=531&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963387364%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210264686848108739889%22}&andc=true

400 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/ 288 KB
77 KB 37ms
16ms Document
text/html 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d6025a13063830ce34d94c1866ddcceaa1551b9ea34a0ccecb80f01a165b73

Security Headers

Name	Value
X-Content-Security-Policy	default-src 'self'; script-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2809
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7f687310e9129a05-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:41 GMT
display: pub_site_sol
expires: Sun, 13 Aug 2023 09:30:52 GMT
last-modified: Mon, 14 Aug 2023 09:30:52 GMT
link: <https://sunnewsonline.com/wp-json/>; rel="https://api.w.org/", <https://sunnewsonline.com/wp-json/wp/v2/posts/1144606>; rel="alternate"; type="application/json", <https://sunnewsonline.com/?p=1144606>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiBv%2BQ8xSghBP5ZLI7RKG3oC8jtyUqlGTB667vhyLvZY33LQcd%2BxRsmZPC9EZYhFLnwvSW836lyiJDAUKddHkjz2gg%2B6QVx7%2BFWs6gHNqJgpYMcY0pK9pKFom%2BKBhskQmmSMZwMA6LVKPzG6Q9qe"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-security-policy: default-src 'self'; script-src 'self';
x-content-type-options: nosniff
x-ez-minify-html: 5.71% 294209 / 312035
x-ez-proxy-out: true 2.4
x-ezoic-cdn: Miss
x-frame-options: SAMEORIGIN
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-sol: pub_site
x-xss-protection: 1; mode=block

GET
H2 200 sec.png
sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/05/ 18 KB
18 KB 391ms
389ms Image
image/webp 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/05/sec.png?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c8704dad51378ce4b078bd9c06cedeab80b893b5c87544d9cc083dc63afa02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-ezoic-cdn: Miss
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-ezoic-excludewebp: false
response: 200
last-modified: Mon, 15 May 2023 01:17:00 GMT
x-ez-proxy-out: true 2.4
server: cloudflare
etag: W/"0320ddab8243f3d0e531ddcc34c3c704-gzip"
x-origin-cache-control
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQvISmp%2BSCCwQszGxos1TKXfAcm36HXXdFst%2BSNFvQkeynhoSnmQnasHVz0xBrTgLmqyAF7VuHxpGmXdRyASR4lCA24BJQuHuwEo4FmHRIrNUmauxzlE8R5Qdh8ypLbQdG3jgbYPVXoY2gvkzYCh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 7f68731119459a05-FRA
x-amz-cf-id: -7INydAoe2zBtxJhAQEhkLu3fq1fbdG0RzrygupRTyH3JnzhPwq6GA==

GET
H2 200 calgary.js Show response
sunnewsonline.com/edmontonalberta/ 3 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/edmontonalberta/calgary.js?cb=16
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a972229674fe664fba6d60a4c98ed0bcdab34e1ced9197192f6ffe9cb1798268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:19:20 GMT
server: cloudflare
age: 3501
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzIkEU2GwnYxIehPyZiHbtm2YuWV3cC5KD2qCP9REQfqqaQxsStqxzteygt3bgbl1slkCPIFQ99p3nX12SxuNN5kR7BlW5Ns0tssFovs0vn0sM0TIzhoPFGoY84aDCYQXYhAu0Djqx4f975IijP8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f687311194b9a05-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 124ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe481c978a3e75baea51aaeb543cf9413b46da6ad04c2b724f6ca6874ff3ec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28457
x-xss-protection: 0
server: cafe
etag: 308 / 19583 / 31076936 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:41 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 657 KB
197 KB 66ms
37ms Script
application/javascript 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1089897
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFJuZLj5hu0iID%2FziMglB1r3dvO0dqtThrJCCwOV0Q9IKeLuoaodOe%2FQ78jHKufvEf83QjJ7AO9%2BJuqjtKTm5KS260aQUW99j8R8QAjqBHA4g3D%2BTAAR2mkEQ4HRKZfSJ%2FMeXr5SMo3N2Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f687311495c691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fads.js Show response
sunnewsonline.com/porpoiseant/ 11 KB
3 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/fads.js?gcb=195-0&cb=23
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d85713a70972104caf26f5743a07ce1f9dea914bad34651f8ef1c4c78d37eb5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680
cf-polished: origSize=11643
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 10:06:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfbDFtpplWktYyJqffqAuqkM0QgDFUmiNHerpgrwv3q2YO6EB1d0zcMLy7Sgk8Jp%2F0qW0l8wKYX%2BCr0gzCq0exca3OO1dd132bQMPepGXKiiwEIbpiQpJ%2FG2xAmQKcnNXdSOLEk5mXh3BTNgGrJa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f68731119499a05-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6DLE1C2CT8

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be519b2e13062fcf1b7c92a15a567ad785170aa56e2ac4179a04838f88afd755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 14 Aug 2023 10:17:41 GMT

GET
H2 200 classic-themes.min.css
sunnewsonline.com/wp-includes/css/ 0
488 B 17ms
16ms Stylesheet
text/css 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=15
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1880
x-ezoic-cdn: Hit ds;mm;09087e13a2531efe68e53b2e71a38aa5;2-494158-1;e7d4bb14-89dc-43aa-51e9-fe47de905788
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
content-length: 0
response: 200
last-modified: Fri, 03 Mar 2023 13:44:37 GMT
x-ez-proxy-out: true 2.4
server: cloudflare
etag: "6401f9c5-d9"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIIB5jWQXETOuQ3H1BDERq8DMO79otHnCQviAtMqYjRE2wk9UXEHt0%2FjqgtB4Ty%2BBBZ2v%2BN8itJ67oSSwtNVj7PqParYrW2Z3QEfRr2eEAwOsglmAIRXAfSEMB%2BSOAJIW95ZTTmnKpvxrsPxcCNV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7f68731119489a05-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 35ms
18ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=6.1.1

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9518476
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3TV7FMpIOcklDC%2FDa%2FqRqkQM8QKTt5O1xdXqMX%2FBV%2FBkkpsK5lWeK9eHLe7ybqjKqdcyugBqP8YlEo6WIW2aeb26XpcVIHhwRi0XlhVm5FInxepixQK4HeroAgMpEFr%2BChCgt8b6iimdHmH3cY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f6873113ca318c7-FRA

GET
H2 200 banger.js Show response
sunnewsonline.com/porpoiseant/ 58 KB
16 KB 20ms
18ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39dfdbba517c9c1a316c71c09f05a3440923ceaf1fd9d8be5a639990258e4f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397
cf-polished: origSize=59475
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 10:11:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CGIsUeg36sVmrhq9gcKGQzuFCSDk2wwEe%2Fz2MgLfIY5Tryep9tzKVH%2F5lZGcwYoi3ch28hUz%2BdYaj6xCQtc%2B8TtqbcCXro3MxSOQpzbf77AnudnqPI3x0j%2Bo5DQqTc68AkoUQq5HxXbXCuQyiCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f68731189e79a05-FRA

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea7459817efa8ba207433194fab99117f6400168658d8f37cb8143312f2cfd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 10:17:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:41 GMT

GET
H2 200 bootstrap-icons.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/ 82 KB
10 KB 31ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6409310bbfa39d9ba2badd9067f468c7ebb1d2fd7ad9b5b89e06d9bb0cc7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18164463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9847
last-modified: Mon, 14 Nov 2022 04:37:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6371c5f1-2677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZC6Tns12KuIrt7uO%2BgQPvlDzvx5JUTPDoK%2FcNZH5Q3HMdp6Nw6e20f3VltISFDtuS1yysdeQA9SRMqYzVwqLvEBHtRFxBMnGK0yrO8thXS4KearxoIB9VjXETevKwFPBM2F%2Bn8Re1mu9Papym6v82N6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f6873115fd3920e-FRA
expires: Sat, 03 Aug 2024 10:17:41 GMT

GET
H2 200 ezvideojscss.css
g.ezoic.net/ezvideo/ 44 KB
11 KB 37ms
11ms Stylesheet
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 email-decode.min.js Show response
sunnewsonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
9ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d135f1-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcUq%2BUN7vOD7VHx9HIcopf2q8mJmkyexmQcHW5Ta7%2Fn1sfliBSMbZgJqHoF3HLR67RJVVKSx6ZudCTJoPyOvOGkUnDj0PDJxdMiochyOjUjj6q8Uu3ao%2F%2BhK4jlx8LMX85cG%2Fo77We5BFnSJ%2BPSb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f68731189e49a05-FRA
expires: Wed, 16 Aug 2023 10:17:41 GMT

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 17ms
16ms Script
text/javascript 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11205475
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vlz2aFYyVELUG9b4Idp8gWD5sVcQq6n4jqsi6bgXi1vjyG%2FEs4WyxIKWmmzDRGQJYFP%2B3%2F3FK%2B17wSbifWSPdhr932VW6NYCBOhdTGzNMEMil%2FAWqJ7BbbjbZ6lEjSA6T2soUEvelh%2FzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7f68731189a9691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 augusta.js Show response
sunnewsonline.com/detroitchicago/ 2 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 10:00:27 GMT
server: cloudflare
age: 1034
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeLhj2qZ3WtPihF%2FixyiamXwSohNTKVSMwFj9gqK7EjdvwkHw68GL%2FGZk47c9Er3uNlECfRQrhYnTuVM6RW1P4tFFy4PpWX33aAA3d5xkZwNqGiwnIysMDZ10KkVLcYgI%2BurS6ap3Vhzl4HMPZQx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f68731189ea9a05-FRA

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 104ms
83ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://sunnewsonline.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f687311aed4995c-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 62ms
8ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/edmontonalberta/calgary.js?cb=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:40:03 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 21:29:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 2259
etag: W/"a7247ead77dd201b1e56acf0e565194b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: N1Di6QVX_qvdN-Ocr2qqVMDmACqXihQnsrJDZy6Q29huAuyIB8bQAA==

GET
H2 200 cmbv2.js Show response
sunnewsonline.com/detroitchicago/ 950 KB
263 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c92389936769c27c75378cc38a80b1d4063542d532ad84ebed7995f73220c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3067
cf-polished: origSize=978128
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:26:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nynML3ZFsIOsDZiezQTwSxTg%2B03MupwYJHBXeWkHTKpQveu6G%2BpZ4vfpQyjoqC%2FIQmMy%2FipEAB4Z7jFX5hciXKo4GoPR0IW9WnsgUvyBxbMth4qu4KQ%2FbT1KfyVpaW6ljNKBR2DEZN6FqqZo50fR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f68731189ee9a05-FRA

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c78e52d7a37321d07e88999606700ba950c832ec400bab7b1237b1072ebc46d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 21 KB
21 KB 50ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:33:50 GMT
x-content-type-options: nosniff
age: 189831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21076
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:42:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:33:50 GMT

GET
H3 200 bootstrap-icons.woff2
cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/fonts/ 118 KB
119 KB 25ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dc4e7c8df4ac36eba96ff23bb896db37ba80428f8b4ebabff24dee25bec409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2212491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 121296
last-modified: Thu, 22 Jun 2023 10:51:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649427c1-1d9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTC%2FbNwAa1hJYXvLFNJULpXKfdyzv36ZDxndiWY%2FPOmE%2Fv4eD4VXuCXgdLBRapYPDT3LQVZOTpsdtPwY1wbzng4QlfE0A7oJZ8jJSUg%2FFlF2ahBhS01lN8QDsOqXUF40AODcrQ9m2VPXg1gRad0YXI9L"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f687311afd5902e-FRA
expires: Sat, 03 Aug 2024 10:17:41 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 53ms
27ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:55:38 GMT
x-content-type-options: nosniff
age: 181323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 07:55:38 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 133148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:18:33 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 20 KB
20 KB 55ms
31ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:27:12 GMT
x-content-type-options: nosniff
age: 132629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:17:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:27:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 33ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:23:50 GMT
x-content-type-options: nosniff
age: 132831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:23:50 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 21 KB
21 KB 35ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

190c3fdc18618a4473729faa65a7dfd810fef1d70ce2c3fe71cb1ed843cf08cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:44:29 GMT
x-content-type-options: nosniff
age: 181992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21432
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 07:44:29 GMT

GET
H2 404 footer-bg.png
sunnewsonline.com/images/ 166 KB
166 KB 22ms
21ms Image
text/html 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sunnewsonline.com/images/footer-bg.png?ezimgfmt=ng%3Awebp%2Fngcb1

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

480d259dd24e8e20033ac2c5030ad6496e9edfa56c8d8545ef9f377513919e1a

Security Headers

Name	Value
X-Content-Security-Policy	default-src 'self'; script-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-content-security-policy: default-src 'self'; script-src 'self';
date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 107
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 404
x-xss-protection: 1; mode=block
pagespeed: off
response: 404
x-ez-proxy-out: true 2.4
server: cloudflare
x-origin-cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSUM1vb8qZQBlsbGVfxuv3ArEfo7wdORPHH6PN1GZJslHFTO0wY086qDCCzPmxdOrdXpJ0WEKc5voB6BBZUcKncAbhOYAZbGJYEwhYOhNHSiTlOsQYYrDZP84DaaaxkJTQN2pUolwY7AofZIHZyr"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687311ca459a05-FRA
link: <https://sunnewsonline.com/wp-json/>; rel="https://api.w.org/"
x-ez-minify-html: 5.35% 169846 / 179452
expires: Sun, 13 Aug 2023 10:15:54 GMT

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 35ms
34ms Image
image/png 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400
content-length: 1181
last-modified: Thu, 03 Mar 2022 21:54:00 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt33qbc5IycDd3ZBMjpXFwKGJ5g%2BhFSYw6C7vyHrHXFCINkifSFhO034zf78XXLwwGYURQm%2BpUQ%2By2HCfmy0UsT%2FndtjVZi16e1JYTQYE9UX9LYm%2BhyyBM9XGrDotZM6ngAoZjs7dCEkP4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7f687311d9ee691f-FRA
expires: Mon, 21 Aug 2023 10:17:41 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 345 KB
120 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121802
x-xss-protection: 0
expires: Mon, 14 Aug 2023 10:17:41 GMT

GET
H2 200 sidebarwall.js Show response
sunnewsonline.com/detroitchicago/ 9 KB
3 KB 19ms
15ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:26:34 GMT
server: cloudflare
age: 3067
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aui9NXTwIygTYuAS2iVmQ8mVlvOg8LfXW%2Fq5C0rQVXzAIbEOMzte66XJMaTd125%2Fp95Vu3v5YW5%2Ff8TblaeRbnCVR%2BvIaXbwQsYkDztd3ikfAdGTpcomDk9oPjfTBE6aM60VuHhGWq4naYFbBKN8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f687311daaf9a05-FRA

GET
H2 200 gateway.js Show response
sunnewsonline.com/detroitchicago/ 4 KB
2 KB 22ms
19ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/gateway.js?gcb=0&cb=18
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48e554188fedb527c79e1e45ce03da4e601fff86be63121de9a2ac8291911e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:24:39 GMT
server: cloudflare
age: 3182
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa3ffx1HQxrYNnRt1jOdrPlNu0ClqbQp9Gn4TYslCgmgpvyB3Ot4qGr%2BEqZBzhc8HOa7hbnjh9HYPi0tAkamI8nyDrYaeC5kPmJvkFu%2Bd4%2FKL9YPvMLsjzDTkwte5GX3nX%2FJl71NV39NpAH9soHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f687311dab59a05-FRA

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/162833/9311/ 519 KB
161 KB 68ms
14ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 20:34:51 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=106112
accept-ranges: bytes
content-length: 164367
expires: Tue, 15 Aug 2023 15:46:13 GMT

GET
H2 200 kenai.js Show response
sunnewsonline.com/detroitchicago/ 3 KB
1 KB 20ms
17ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/kenai.js?gcb=0&cb=6
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:29:03 GMT
server: cloudflare
age: 2918
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOzN1cEVaSngzJS5blYdIIhhRp0Q3wP%2Bl4onSz1g8aZx6gYdNqNEekoQ4i5LT1LMXcw9cVJLa4HXJqDaFZgGnV9jvouaED7sE9pLtFkSQFrRM0Gv8MPuvlCuvzHc%2Bi5TuQOOL2W%2F2As3k4u3n43v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f687311dab89a05-FRA

GET
H2 200 portland.js Show response
sunnewsonline.com/detroitchicago/ 32 KB
11 KB 22ms
20ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/portland.js?gcb=0&cb=19
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2414986b6b154e01e64fe182c526c10991d4fc4996b2b68a82837e3d51369074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3489
cf-polished: origSize=33160
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:19:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dq7IxmzLop04hgZGB4TK%2FGH12zac6UCq7H%2FHJhbimlBVL7RzDnCJ7rEnwG7D5rao6FlHNav%2F4NpmDEZ5ypf5zXO7Y7KevYXP8iiLmB4Tu2ZX6oL3SsGQ4sDi717cDg321znKgoylhtv47ZIGVi8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f687311daba9a05-FRA

OPTIONS
H2 200 /
bshr.ezodn.com/ Frame 0
0 60ms
31ms Preflight
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bshr.ezodn.com/?did=494158&bf=30000&dc=21732118914%7C1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://sunnewsonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f6873121a273a86-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 14 Aug 2023 10:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F36qFbykQMfvD3DEEvzeDLV8Mb7%2BckPeBRxR2pnSNeFbbX4%2BDk7TSjpXMXIyt4imadm%2BfeSNicrSdPAZVTigqsitcnoQdFwvV%2F4hTu139CGw5HUDpbPCzIrFm%2BlXxLrfhWuHzKHR8wHaglWK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 / Show response
bshr.ezodn.com/ 9 KB
5 KB 17ms
16ms XHR
application/json 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bshr.ezodn.com/?did=494158&bf=30000&dc=21732118914%7C1254144
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d18e690bc26692aa1bd8f4a4ca82c2618864dbe04f52685c6ab5a379b3021eb

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 757087
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Aug 2023 15:35:09 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf8
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw%2Fe3WoEFMCvsxuRM4UAHwdKk81T%2BT3ACycYL%2BZv%2FY12tjL0a7Hq2p1jeTuItlXeUNKRoseagCkQbtR008B1PyOo%2BMuOa%2FT5nUbHtFVyiYlHL1%2BUVTjzj5p9XdgO7citknHr3Dine2U%2BDPKOog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=1209600
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7f6873125a653a86-FRA
access-control-allow-headers: Content-Type

GET
H2 200 nmash.js
sunnewsonline.com/porpoiseant/ 64 KB
23 KB 18ms
18ms Other
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/nmash.js?v=252
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c5b84d90cee4b14b226a7e9c4dd96156905b9458db28da5446eccd1702a5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1197
cf-polished: origSize=65887
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:57:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKhI4gilMNEnet1bo%2B1S5WTvoSz7%2BNMO%2BrWfUIOnNa7T61jdHds4ce%2Bnu%2BYOSO5INKH0zgF3VMsjng%2B3o1l14MhjCkw6yNt76uct%2FReIKHK3scF2mhLjaxXXGi%2FU%2BT8vtySHQ5NHQXudY5mlG6MP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, public
x-robots-tag: noindex
cf-ray: 7f6873121b2a9a05-FRA

POST
H2 200 imp.gif
sunnewsonline.com/detroitchicago/ 43 B
535 B 21ms
21ms Ping
image/gif 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/imp.gif
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfBZUwzqC%2BIEJy1MMW0SsU456JdsvnCzR2rnJwUNo7j3xXoeHWvsqD%2Fn3qYvFx5UoycKmHYAs0bqu7qr70Twvxjjr5Wf2AlLJy6IWWNMJ8FL1CXmwi8Hfmj84dJcK18VHheQqNFB0xLybmCYW0Qg"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 7f6873122b449a05-FRA
access-control-allow-headers: Content-Type
expires: Sun, 13 Aug 2023 10:17:41 GMT

POST
H2 200 xtra.gif
sunnewsonline.com/detroitchicago/ 43 B
342 B 26ms
23ms Ping
image/gif 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/xtra.gif
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZhg2UivWalxvxb7ywMTnHJVl9OKLtQByDv%2Biz7vIlKbgxTbZJfIbbV40dKHAeDzGmjieLGnODjHVylMaWqOnpEZF5WUuluIDNX6RiH5tlXavGrVln8AnJfL%2Bji%2BAlqk3tr17nqEfTzj%2FvZ%2BEDkJ"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 7f6873123b4d9a05-FRA
access-control-allow-headers: Content-Type
expires: Sun, 13 Aug 2023 10:17:41 GMT

POST
H2 200 xtra.gif
sunnewsonline.com/detroitchicago/ 43 B
356 B 22ms
20ms Ping
image/gif 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/xtra.gif
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fzs4yrTNNwhgqLtS%2FfbMx99CZikJxC9uL%2F7aN0xaP%2BTkgU9wzRz9IzVwgd2WOKkiQiNfkKjznbPeONWez3JQ8Zc6cTeOB4a%2BfFlgf9JAOC%2FFHirjfzGUpZ1brrVp%2F0%2BgrlIfjEsLhU1oT7TNg6z"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 7f6873123b509a05-FRA
access-control-allow-headers: Content-Type
expires: Sun, 13 Aug 2023 10:17:41 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 35ms
8ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 21 Aug 2023 10:17:41 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 classic-themes.min.css
sunnewsonline.com/wp-includes/css/ 0
632 B 17ms
16ms Image
text/css 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sunnewsonline.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=15
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1880
x-ezoic-cdn: Hit ds;mm;09087e13a2531efe68e53b2e71a38aa5;2-494158-1;e7d4bb14-89dc-43aa-51e9-fe47de905788
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
content-length: 0
response: 200
last-modified: Fri, 03 Mar 2023 13:44:37 GMT
x-ez-proxy-out: true 2.4
server: cloudflare
etag: "6401f9c5-d9"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j3hiNrRi%2FAWzQFzoO1KlOblrfJ9Q5qOzPfNQc9pRVzja8CCJ6QMlKpj8sN901tPAIq6mNfa4iAR75NCxp1N4ywuMG0wI0ygCX4buy6fC7s7QZW1Kkv%2Fd3KcA%2FGxvlOcxeVtqDei36sKaM1bVpnE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7f6873125b849a05-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
152 KB 20ms
18ms Image
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=6.1.1

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9518476
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Sms%2BKGs4Zg5M9dJZ3%2Fi7ASSBOhkOL3qdebY8%2BiybBx%2BCJ5YSAKfjjVAojjcvfK1RSWiYvrIq%2B%2FkqT4mUAjebb3gmNgX6RmgW0w8Ul6xSrth0ZX%2BXtXgzeNXojX9J3xjHDtv5vk0Syj58jUfA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f6873125e7518c7-FRA

GET
H2 200 ezvideojscss.css
g.ezoic.net/ezvideo/ 44 KB
44 KB 12ms
11ms Image
text/css 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 cmbdv2.js Show response
sunnewsonline.com/detroitchicago/ 38 KB
11 KB 17ms
16ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1d-5y17-3y5e-22&cmbcb=177&sj=x03x0cx1dx17x5e
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15ebe4f5e37b6fd6776826b284ef40c338f0fe14c2eee158b1a18aeb0f1cabe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3067
cf-polished: origSize=39200
x-middleton-display: sol-js
cf-bgj: minify
last-modified: Mon, 14 Aug 2023 09:26:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlJ7OsFJ%2Ftq%2BS7X9d%2BOZS4zy%2FwxHwnJrt%2FJ1dyOYtIdG7lpun2ZdBf2hXfnKgNQrlLCgLA6IUQk2uBnsiyHxBrm7shofrrEteoHTrKwn%2BtQSEGRCRpNOmrY3rTUFxVR3JUxO8jneZHYx31jvMyXw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7f6873125b869a05-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/ 400 KB
126 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81976
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129241
x-xss-protection: 0
server: cafe
etag: 14615361730175754207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 12 Aug 2024 11:31:25 GMT

GET
H2 200 sun_logo1.jpg
sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/03/ 2 KB
3 KB 17ms
16ms Image
image/webp 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/03/sun_logo1.jpg?ezimgfmt=rs:106x70/rscb1/ngcb1/notWebP
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b15fd492c04d389e35990f791fd8a000c945bbe4afffb1a66760d7e3d67a97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1828
display: staticcontent_sol
x-amz-server-side-encryption: AES256
x-amz-cf-pop: FRA60-P1
x-ezoic-cdn: Hit ds;mm;f667be932826966523c94fb4dbe738a4;2-494158-1;3bda186a-ae14-497b-51a3-e3dfa30df239
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 29 Mar 2023 10:34:42 GMT
x-ez-proxy-out: true 2.4
server: cloudflare
etag: W/"c2cf4614da2f839cb37f2f50ac00f7ce-gzip"
x-origin-cache-control
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aliqrYlz%2BsvIKXJeZqF9IsvEwsWX%2F3uNHxVT0tg1MxyU3yZ2C8yE9%2B7ek%2FICobFpidDy7uR5jz2kASUaKjuNF888JuP0%2FvIood8nV6xH2I2doFt7RRKE48Fh39N0Cy%2BpyviQ%2F1xZYSx8tEVhjy1M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 7f687312cc0a9a05-FRA
x-amz-cf-id: qowai0xEYccHTbw17Y8hc86pcAjglIL4iZpc3XoxdHWtyIxNEqcVXA==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
8ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
date: Mon, 14 Aug 2023 06:42:12 GMT
x-amz-cf-pop: FRA56-P3
age: 13129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kQG6xRNrMxmFNPKRjBk50jtCidVie3KwAV-4JFes5VjPKjTbLN5kXw==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 23ms
13ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230814

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f089ff18270a2a9149fecfab2a8f182b1c6040ac452353af115688a0571553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22608
x-jsd-version: 1.0.1781
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1638-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-5NHVACoI785mIkqgqLleeqzW2lQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91sADgXcaEXaMT9iXQpNSuaTpDvvSvXK4nVeQf58ckSxqo6QcR2mt%2FW2ZWMeGsu2%2F5nWEMAYCdtSTLnUxhnyn5DFLNdYlLCSGT7KonA18aeK69i6I%2BOP58pDfPqh1wv6kQ3kcRBcaJrHua1Gon0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f68731389fa363f-FRA

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
633 B 33ms
7ms Script
application/javascript 2600:9000:223c:9400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:11:29 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: nHa_APxO7Tyl_1ocEFVxU9Jv_uVxMJQnm6EAYWj-sNzHp9dQh4RqaQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 50ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6DLE1C2CT8&gtm=45je3890&_p=958966010&cid=302229331.1692008262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692008261&sct=1&seg=0&dl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&dt=SEC%20yet%20to%20receive%20GSK%E2%80%99s%20formal%20scheme%20of%20arrangement%20%E2%80%93%20The%20Sun%20Nigeria&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6DLE1C2CT8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 78ms
32ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:17:41 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 28ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 02:29:26 GMT
content-encoding: gzip
age: 1496895
x-guploader-uploadid: ADPycdtgQcQ5-IXNGnj-bizVFPypnO5rWXUHHepVnzEiAeMz7KZUZ57OqZuzfW-lDA7aFwUvM3c09LWW8P8XbazHPZIusw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 27 Jul 2024 02:29:26 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 22ms
21ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25082
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLlxDvFATbIjvyMc3Z1P0%2B9Lv6W0e7s%2BfPPCeTdoCcq6ExM%2Bdm5%2BaWnP5D80MBvsLcMCpu11tLX2IyPIMHu5lzo%2B7oka6ISMMTzQ4xn0EYm9X2Ucyb5%2Fny7vPt%2FBRp%2FxzvKfjZFWDCi1RHJ9DbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f687313dab33801-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 47ms
18ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: 9JD2PVWRNGH6W9D6
age: 1262
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f6873140d99922c-FRA
x-amz-id-2: C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 35ms
7ms Script
text/javascript 2600:9000:2250:1200:a:e047:753:6381

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1200:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 14 Aug 2023 05:08:18 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 18564
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: M-veJ_DNTPHaT4A12mV2IjlxvSa8U7mW83DVmfY4Jghm4tGwengPMQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 42ms
6ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 12:15:10 GMT
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79352
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: vLriCFTSNiWKgYEpCqQgC5qKfW5OdBU793mVZbjrUi3eDbIBc9cgAg==

GET
H2 200 pixel;r=948603800;labels=Domain.sunnewsonline_com%2CDomainId.494158;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F;uht=2;fpan=1...
pixel.quantserve.com/ 35 B
372 B 18ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=948603800;labels=Domain.sunnewsonline_com%2CDomainId.494158;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F;uht=2;fpan=1;fpa=P0-1444484022-1692008261674;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=sunnewsonline.com;dst=1;et=1692008261733;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.SEC%20yet%20to%20receive%20GSK%E2%80%99s%20formal%20scheme%20of%20arrangement%20%E2%80%93%20The%20Sun%20Nigeria%2Cdescription.Following%20the%20decision%20of%20GSK%20Nigeria%20to%20wind%20up%20its%20Nigerian%20operations%252C%20the%20Se%2Curl.https%3A%2F%2Fsunnewsonline%252Ecom%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F%2Csite_name.The%20Sun%20Nigeria%2Cimage.https%3A%2F%2Fassets%252Esunnewsonline%252Ecom%2Fwp-content%2Fuploads%2F2023%2F05%2Fsec%252Epng%2Cimage%3Awidth.1280%2Cimage%3Aheight.720%2Cimage%3Atype.image%2Fpng;ses=f10cd885-0f2c-4b72-a67d-bffefed8abcd;mdl=

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bridge3.584.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame F4FF 718 KB
231 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 235822
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 03:56:19 GMT
expires: Tue, 13 Aug 2024 03:56:19 GMT
last-modified: Tue, 08 Aug 2023 13:51:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 578ms
22ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H2 200 ez-vasts Show response
sunnewsonline.com/ 2 KB
1 KB 38ms
37ms Fetch
application/json 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/ez-vasts?ads_enabled=4&autoplay=1&content_id=5808405400381437885-outstream&floating=1&pageview_id=50ad158f-9397-42d6-6322-c1458cac3fbf&player_id=ez-o&position_id=0&ad_index=1
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a292ae9407e29e3971e2bda864a9d5d57ebcd001526e66fc51f7f74150d79f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Aug 2023 10:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP3yGeDHVW8y4S0EkfNtPsLGQuc0b9IokehfHefAOdPp2aMKuuzNesHg1N7y41gkL%2FWxVUJ7faJOcfx5%2FCvAA0LAoS1DsCcuRnFrbvg3bCJa6ak%2BhFr4ao9y2Z%2FklPRFeTd0mrwmTjNiheV7d0rl"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf8
cache-control: no-cache
x-robots-tag: noindex, nofollow
cf-ray: 7f6873144db19a05-FRA

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C1F 40 KB
14 KB 542ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Aug 2023 11:07:30 GMT

POST
H2 400 / Show response
ow.pubmatic.com/cookie_sync/ 120 B
265 B 470ms
20ms XHR
text/plain 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL

https://ow.pubmatic.com/cookie_sync/?sec=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

Resource Hash

b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:42 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-length: 120
content-type: text/plain; charset=utf-8

POST
H2 200 auction Show response
ow.pubmatic.com/pbs/openrtb2/ 246 B
331 B 483ms
40ms XHR
application/json 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d8a4c09c4cab076cb115cccbcd249135aa49db05f1866c21117124bc85cec1ba

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:42 GMT
access-control-allow-credentials: true
content-length: 246
content-type: application/json

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1

85 B
202 B

114ms
113ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b785d3dba9e3f3958deaee29992c96dfd7d9ff6c5f737d3a30de235eec2a8939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-UrkGJc2UbW5yhDckKtb0csC44E4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 14 Aug 2023 10:17:42 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://sunnewsonline.com
location: /esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 372ms
9ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
47 KB 417ms
416ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=1646887890885244&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=1&didk=3810045895&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008261994&lmt=1691998252&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D439915758341646%26eid%3D439915758341646%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dsunnewsonline_com-edge-1-439915758341646%26eb_br%3D5123967dad9631f0d2a57fa9c3237b87%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D16%26br2%3D8%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1493151707

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac92f2ab44e0a91a3d177c0c3f010dd98c6763aed54206817979ee9e5888e6e8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHorPv124ADFZlSHQkdrI4EXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHorPv124ADFZlSHQkdrI4EXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
date: Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48136
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22A8 6 KB
3 KB 73ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 130 KB
47 KB 449ms
449ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=646373478023605&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=2&didk=3810044878&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262009&lmt=1691998252&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D7107777058415121%26eid%3D7107777058415121%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dsunnewsonline_com-edge-2-7107777058415121%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=990695581

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b424dd043d9e2e1f5898f7792e3f2010d5b88611db52b1f3d3c5f36ea6f53b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnyrPv124ADFVhPHQkd-5AI_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnyrPv124ADFVhPHQkd-5AI_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
date: Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48022
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 376ms
376ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=3463737686962421&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=525369788&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262014&lmt=1691998252&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D3381836678336844%26eid%3D3381836678336844%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsunnewsonline_com-medrectangle-2-3381836678336844%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1690571843

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716aae8840c3f69c5b8b19d6e95258776cb5e847e9e890378d31cd92ee2c9ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14147
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5534 15 KB
6 KB 53ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sunnewsonline.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 329579
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 359ms
48ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-2-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-2%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: W7SRXAJ692W9XEN19P6M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Yvku4enUbz3dqU04oHuzlyStuKKDipLMns3M8Zim28b-zP4dx5YA3A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 361ms
54ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=1&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-3-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-3%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: EY05ZX5QYGC4X6KHVDJW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VnRL7FDA4zCNZg5INgpBVpOeoSSn0C1Ggh5tQlIq526lLLLY3elaIA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 344ms
42ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=2&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-1-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-1%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 420JR7MXYQWNSCZNDAZA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eFYpcJmeN_5m9jT44b4lIWCsBydAWuNwbQOl60ATWCj4z8fCi8WN4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 346ms
47ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=3&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-large-leaderboard-1-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-large-leaderboard-1%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: ZW8JA79XTP8PBGMQCPK6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0HB3d3gWyZtc4LRve65ZcGUkmQnbtc5IeNah8CeYGAxHKhAfQv8rKg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 345ms
51ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=4&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-medrectangle-3-0%22%2C%22s%22%3A%5B%22580x400%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-medrectangle-3%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: VBBVZ69Z9BMZR1VG83XX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: K8FDFnLTvu8mxOVvFBgt3R9LhZyqzO5hYBgBffla-876Gpy-TZuILA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 324ms
34ms Fetch
image/gif 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: C2P8P17Y4XK7E5QPJACT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: irVShq4Wn-s0GpixqSwESkEegboqBDBPLLeQE7sIPANljc5TVitqHQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 326ms
38ms Fetch
image/gif 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: SDRNPA20ZHMZFCKHK5VF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 10fp82veIwjH0NvxTCVlCtEgy4qtXY612Ggl04YzQKxAtCgw6Uy4xg==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 322ms
36ms Fetch
image/gif 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: MDYSYHGFW24NXAGE25XS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: HHCp9M4Fq5YOj-1zbrE0uF1Vxlf-K0sNW4Yjv7EQ6fEsySAl11Dj3A==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 291ms
31ms XHR
application/json 108.128.108.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-108-17.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ee07267c1822a8cc487be07e4a98e9fc72df31487aacd84b75abdde61e982a73

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache
x-server: 10.45.1.171
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 654 B
309 B 259ms
258ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C120x600%7C160x600&ifi=4&didk=3507128232&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262104&lmt=1691998252&adxs=1146&adys=1077&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=298x264&msz=298x250&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D6269529070376993%26eid%3D6269529070376993%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1035%26sap%3D1540%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D35%26al%3D1035%26compid%3D0%26tap%3Dsunnewsonline_com-large-leaderboard-1-6269529070376993%26eb_br%3De4959d004f77f2c50c86f631c5e35273%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1723501267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47471f57023b9b1c6a0594c18276bd6734732ef55163adde406ed4771c52d7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
309 B 473ms
473ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=5&didk=2986460386&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262107&lmt=1691998252&adxs=152&adys=-76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1605142702403209%26eid%3D1605142702403209%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsunnewsonline_com-box-2-1605142702403209%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1280361889

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

333e6370faaa522f8ed12b6f9a2a2e545e21a6163e086700e28720783001b147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
16 KB 837ms
837ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=6&didk=2986459369&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262110&lmt=1691998252&adxs=1170&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=298x264&msz=250x250&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D5582903590373166%26eid%3D5582903590373166%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1000%26sap%3D1200%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsunnewsonline_com-box-1-5582903590373166%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=525480102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28b03de5c4bf4cd77ea0dd9ac54c8afae5c82c587bfee473ea70ce4e490693b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16061
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 639 B
303 B 936ms
936ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&didk=2986461563&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262114&lmt=1691998252&adxs=381&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=746x90&msz=728x90&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1904956736383823%26eid%3D1904956736383823%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsunnewsonline_com-box-3-1904956736383823%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1905174598

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0d9f3812f7d2be3cf7ce8bfbeb9f8ea0e227c94ed0c810e8d81b5f6e64aedb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 greenoaks.gif
sunnewsonline.com/detroitchicago/ 0
449 B 21ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTA2MiJ9XX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzeTWti%2F5FntmV%2BgXKmSky7TL56tKY24S6ZILc8MypEE5U6C9iuIq4Pg0FeOWh2ZkB0PwcfPlO2x9%2BDOOKI5I7xS1wK6ScqFy%2BQeCBlPseECSG6HMzOZWkEJzJVi%2Be8WkHQY3GkBZa%2FDkJFWcpbD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687317da979a05-FRA
expires: Sun, 13 Aug 2023 10:17:41 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
282 B 30ms
29ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxMDYyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjnhqLUhU7LpwRsK7obIlUm6zy7AD106cHfu8H1NAvOH505wF1KnlqEJPMMlbfEU3cL1uwQ0V67ARKsUZZL1yRrTpm0ECbr7xLdgNdleoU1LwMLgqmfZYc%2FN6zTOB%2FuJ2SwbJLBiUIHGML0UDHaW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687317da9a9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
263 B 21ms
21ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0scg2%2BIbcT98bImLDZGH6ZHMqJmriNGN22uhC4KWtuZ1%2BMr73uzaX%2BvUNPdD5AAoWUMow3R%2FtsWM5kM4Xcp2egLbJiyC6Zyiixzi%2F2e%2BAakyE66K9gh11Ke0YE9H8m4%2Bsx6TS9M4vkUsqk0naRKp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687317eaba9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 fetch Show response
go.ezodn.com/ads/charity/ 297 B
775 B 29ms
29ms XHR
application/json 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/ads/charity/fetch?country=UA&size=234x60
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b762fda73b9cb3a384563cc8ff52e2a4772a287115f1370c2ae705bbc36f796d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvqVvXkvUNf7qpUqLj1o7gdQITiqCi6APyF2vZPHuImEkpNUunf7HLz82p9%2Fhy9aW7Cfc2n6CGuQ6TPDqJrn7Cth86wfbJTw0qnvJkan0uRg89Qsk8xQH75%2BEsCRxvPIRX3nH0b7fOm%2BcdA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7f687317ebab8ffa-FRA
access-control-allow-headers: Content-Type

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 0FCD 222 KB
62 KB 69ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 433050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD 15 KB
5 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 433051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD 94 KB
28 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 03:23:10 GMT
age: 197672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 03:23:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD 5 KB
2 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 433051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD 40 KB
13 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 433050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0FCD 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:44:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD 2 KB
3 KB 50ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:50:07 GMT
x-content-type-options: nosniff
server: cafe
age: 70055
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Mon, 14 Aug 2023 14:50:07 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD 295 B
664 B 49ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 45428
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 21:40:34 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
259 B 18ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTEyMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsjFxltl9DLe1Zk2WjQjK93qJBCACTtmwVQdSbD1JVyqrYLFFRimvZm9kqQzXD8SCmrxxXkLSulrG%2BnxoqcZUkzsOWcOVKZbIluLUcBX12ePj991955HvCTqGaj8UQE0F0grbxiuMgYVUseIkTO8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873183b129a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 935 B
467 B 337ms
336ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=3888467933526110&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&didk=2484510057&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D60c2c02d481e19ec%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYMQ5_i3fpfTOfkZuEFGZ_3zt3ZPw&gpic=UID%3D00000c86adeb93ab%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MZSk3D_Mezj2OUGUcryX_zz5XsRhA&abxe=1&dt=1692008262438&lmt=1691998252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=bvr%3D0%26ap%3D9999%26reft%3Dn%26avc%3D100%26ga%3D5302779%26bra%3Dmod1-c%26al%3D1006%26ic%3D1%26ezoic%3D1%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%26tap%3Dsunnewsonline_com-pixel1-4033684138378932%26d%3D494158%26br1%3D160%26br2%3D100%26iid1%3D4033684138378932&adks=1275092041

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e009ede96c0b8ed18aab7dc087a358d47e82fdfc126c3fed4006db8777156615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/ 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl_page_level_ads.js?cb=31076936

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5511af087f41165d36f925af79689b5a091d3a8f0a61b0fbef1088409c41c669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5974
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13171
x-xss-protection: 0
server: cafe
etag: 8515395243987812700
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 08:38:08 GMT

GET
DATA 200
OK truncated
/ Frame 0FCD 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0FCD 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06cf2bb6e5e539d54cdc7615429461cff1dd5f88c7de81f9916f3e267a3e7a10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5534
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sunnewsonline.com&sn=ChromeSyncframe&so=0&topUrl=sunnewsonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2...

467 B
673 B

83ms
24ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

30ccd95dc6d8b22d1fb3a57aa9774c2274cb41d7a07c4bf26ca647f6af8c76dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1132598
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 250599
content-length: 0
expires: 0

GET
H3 200 234x60.png Show response
go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/ Frame C94E 29 KB
30 KB 22ms
19ms Document
image/png 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/234x60.png
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5b9c85cde1df497209909e666e29159ec43ee0197727ecb4a5a0cf6c1a7625

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2872
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f6873187db33647-FRA
content-type: image/png
date: Mon, 14 Aug 2023 10:17:42 GMT
etag: W/"f5632097bf631e71004091d01bc39fc8-gzip"
last-modified: Mon, 15 May 2023 22:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyCBHVUab%2Bnhpm576tACBNRh9m%2FYFwZNsaNcc7ZqUMp5AlYoNBwUOHec7kXz0iwTvAePZc0nXErvjCXqc4ebxTaKiFroV7fnZoT%2BCCuyBx4SqI0Y1hla6QcR2%2FqmJF590uO5%2FEkzuNKGt8c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: n5vNO5BkpYcAldfNX2QoX1Z9AjF1F9L91JSAQ7zrHRcC88TLCKpEyUALVHzSI4zEwKimYUDZ4yA=
x-amz-request-id: EN54DEM3XVAYAVCJ
x-amz-server-side-encryption: AES256

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
266 B 29ms
27ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MTEzMDMsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiIxMTMwMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMDM1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjExMzQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYyNjk1MjkwNzAzNzY5OTMiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIxMDAxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QgCFaY6kJogVyksEzvWR3iUpZG6JJv8p%2F%2FdVy7pMb2UiPQOCHEiFcoVeptJhCZaYHVxeGEi%2FKINqUspLR3JU3GT%2FTd0dmt0b3KtTzOMf2EdNDRmjyt1bUN8N%2FWfPE%2By%2FgayQNsGG5bxXVUnOPMR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873187b5b9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 greenoaks.gif
sunnewsonline.com/detroitchicago/ 0
261 B 24ms
23ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjExNjYifV19XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MqMFkvRwkY%2FTyz3PEEaVYdiVViaHDz0uCbQxCYrrC996K8NT9IL02jd6BLaxa%2BUQnHT59947xagOpZ2bNFARvl%2B76FJDJShVSCKft4OSIU8yZmrzJ9F6mkhtv14I9yvbw9rUhDnbRnVIpgRNRnM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873187b649a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
264 B 23ms
23ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJmMDlkNGZlZjM4MTYxYTI3ZDAyOGNmZjZlZWJmNDNhYSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4ODk4ODgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAk%2FwBKGknkzaKIcthtHq6M1qNknIiAXUf61ixat5KpVPhWSDycweCcWZZcIfuBNV%2BRfm1Iwzro%2BBbP9BEsJn0cT5Wsh7MdzHQz%2BjxRFr22D1bezbJgBJ2n3VnZLbE9TZGG9kVhe9M%2FqHWCS1aZ%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873188b719a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 4974889888 Show response
go.ezodn.com/dac/ 0
572 B 26ms
26ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974889888
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 09:34:36 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MWg2I5596Wg7h5QtXndD3abD0JWDb9wH8vOKhf40kLaYUlfleC0QgGytPO2Dfc2I%2BD9TnoBWw3CK0HuF%2FZgoZQNzP8a0OuTpJdxzUj5oKS7jdtj6EO7dBBbuIG3TVLtkRoYA7U0UKgvIdM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f6873188c4b8ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
261 B 25ms
25ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcMV3Ps6JPDiJYd%2F4E6HUFIixsXmrCEqDp%2BTZIGeABKHJFLbpbpHGNLWDTLQn3nwdyaYTHkL2wtNBjVRyf7zBUyhJlM5cekSFOsWNxDkYOgUKn25sv4v2SR2oZ%2Boje7zwqmnZ47tjqevkdz0Cc2e"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873188b749a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
268 B 27ms
27ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYyLCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6NiwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDEzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4fV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOjOf0sznK56pTU0sBW%2BKfJmWdn9aQrL0dCTwX9gACnxL%2B0eSAPFs%2Ftns2nr83yNaLl%2BcLUz84vut%2Boz%2B2XddX9swrNwNx1tjy%2F3bDzawVvM4lFQZN06d9EB1GLT%2BUwkFz9wMwfLaTa5TU7NQB8%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873188b779a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0FCD 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 443040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H2 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44C5 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
276 B 27ms
27ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTIxMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPHDXyjhb4vlSego84Sxl7RPP1gG5J%2BOd7oG9j73%2BsLSB04HT3BU6Y9Ha1%2B2jYpZvWMeNKXOPE39IohuDnNvHFWU%2FuuwNplSCjjSn5K%2FZK4o8tmdmnamqboYP3TTKYdziRIJAefo5%2BWL0gbnP518"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687318cbe09a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H2 204 isyn
prebid.a-mo.net/ Frame CA16 0
0 77ms
17ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 14 Aug 2023 10:17:41 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 204 /
onetag-sys.com/usync/ Frame B969 0
0 41ms
19ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1692008262405

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
281 B 34ms
33ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI1MTIzOTY3ZGFkOTYzMWYwZDJhNTdmYTljMzIzN2I4NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxNiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4ODk4ODgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIbtXYMFQJkgYiA5bdN7aqoQ02j7fllpjpN5vP4taYVEekgzuJoECbvlqNcuxmaNqOL0X%2BrWj3ONVVoL5WVqQMOVATiGP87BSCcnu4su9Idr2YV6QhuV75LSjRM%2B8cOWll4ZhHBiQthBEvjw7tvE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687318ebff9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 4974889888 Show response
go.ezodn.com/dac/ 0
581 B 22ms
21ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974889888
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 09:34:36 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug4I1glae2dkLrmF1tQlmPU0XLd%2BjmkQzRUrqU9I7nZk%2BDVBcCnwc5%2Ff028BEJZ%2FrFMCoNSblHyC%2Fk06%2FQoxlrf3nykU4S8No1SWo%2BbUdvJtVJIFKU34RBhqzowIWjxjWoVLDJ9O2lSwlkQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f687318ecc18ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
447 B 33ms
32ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEVY6gbRfT0m2%2FNdFxoRITK%2FBqFz3rYYYlIJnbQZU8JkrT67ZCXtmuhu0aqu0XkMepOkBLuq3ATi8Qp7ubSVBOpX%2BKyYGzeB98cMZkHfaubK5dQ8WZ1rUHoUDJaP7ETmDWaXUUZwIr8IfjQIdT36"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687318ec019a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
259 B 33ms
33ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYzLCJhZF9wb3NpdGlvbiI6MTEwMSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNiwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE2LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1MTgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODh9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M4IxoCbDOQvhwRcGDlUTzLeFe1JYIYSYDgnUQEUI8%2FCDMCDvPgiRRxgriqbzldXD8WcNsXs4PixFux8PwEcUGeBDo1fEtf9%2F1gKSeIikMlNECizd577PcDjaSUsodsD6wZDXAu5hQeBPzzdmhOB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687318ec039a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A8D 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
264 B 22ms
21ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjEyNDYifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHlD67wdluPcpZ8Yqd3K4DLDjAJJJxpd%2FTH%2FfHotE345CPQuJ4rRwUifPq1yZnDP4NNCXSOzg0%2Fj5%2FTx7onaTQ8iAojZNXBpiMjygO1YTYJO%2BOdasoJSoGso7J5i2ZmYvgrSvR2%2BTRp24lXJiAdT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687318fc1c9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
284 B 27ms
26ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjA2M2E3NzA1ZDVhOWQ1MWJjNDZlMGE4N2ZiYTI4YTg5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MTA3Nzc3MDU4NDE1MTIxIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk3NDkwMzUwMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbq%2BE3oIW7wSJxbfM5q5tklhGxGfqigN7qdMQvwRbstpwPiRchQqqhzX82y6z%2FQ5yT5z7L4c5ZNORPoioWvqEyP%2B%2B8WIo7bdISqXfBzqXiqAl4GG5O14t7qLpO82jTPbizEmEx5WmLnh5cnnal5s"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873191c3d9a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H3 200 4974903501 Show response
go.ezodn.com/dac/ 0
573 B 23ms
22ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974903501
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 10:10:07 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bead8SPf8sDb4bVZ04v7im9sH%2FVnb%2FKhsoJ14I1iIdEwyV7zyoVozmscoBgjenl%2B7xHGJXiNo9usLBMDRcjZMCA2dSSpWEkYWnAfA8U1o9LOTpST6rnIqx%2FAqY3JsZ01UJlOziy5y0hnqr0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f6873191cf28ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
265 B 25ms
24ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wOC0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOlkteZE%2BlNlHxQwb4LNXr8ANp7M%2FYtPT%2BpSaB3ojE7WqGWgCkpdY%2FZqpDxx%2B%2FNCTQrGtpD7bnzmEme57YdkAa8xJOKNQYyWuWallwNreENd7FmHRBaALES23f7N1IGgNlUV8iSYTwonDfahBWcO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873191c3f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
260 B 25ms
25ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYXVjdGlvbl9lcG9jaCI6MTY5MjAwODI2MywiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjQsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUzOSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ati0694N8f5hexIvgF7LvZCeIs1xeHb8L%2B3%2BSTAvdF6J%2BGmhuvlNfzBl%2Bo1FSyDKd4QhpEBQGdiWLO5rlwVPhTPVmjqo6ZEouwsKdBvb1QnJzBATMlnllidnn708gnpiTic5Mwnny8h2mL4R7X4v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873191c429a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame D9C1 3 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 451847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1296
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Aug 2023 04:46:55 GMT
expires: Thu, 08 Aug 2024 04:46:55 GMT
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 44C5 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A98 143 B
383 B 35ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 44C5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:49:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 44C5 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame FB40 3 KB
1 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 451847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1296
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Aug 2023 04:46:55 GMT
expires: Thu, 08 Aug 2024 04:46:55 GMT
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1A8D 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 783A 143 B
200 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A8D 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:49:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A8D 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
262 B 19ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTM2MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9xRPqrQxStCMc92ex3Xn4uJxt8y08Y497CcNVaGYZRwsMFVRfzII8nV0T0jTbHx1SNQ%2FI9uInykLgIamFRDbzgZo37bPQg4%2FmT%2F6riMT99mS6UgWqM8x%2BCrwg46dTAbHqLSidIDX9hRpaETUcHi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687319bd2f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D9C1 6 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Aug 2023 02:43:30 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D9C1 34 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Aug 2023 02:43:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D9C1 236 KB
63 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H3 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame D9C1 139 KB
29 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:30:01 GMT
age: 362861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30078
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 05:30:01 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0FCD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

26ms
25ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H3
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:50:07 GMT
x-content-type-options: nosniff
server: cafe
age: 70055
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Mon, 14 Aug 2023 14:50:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD 295 B
319 B 9ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 45428
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 21:40:34 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FB40 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Aug 2023 02:43:30 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FB40 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Aug 2023 02:43:30 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FB40 236 KB
63 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H3 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame FB40 139 KB
29 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 05:30:01 GMT
age: 362861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30078
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 05:30:01 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame DF61 0
176 B 43ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 14 Aug 2023 10:17:42 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A98
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Mon, 14 Aug 2023 10:17:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44C5 179 KB
57 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 783A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
19ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Mon, 14 Aug 2023 10:17:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6586268f23462317fde292bc9eea870a562b7a52c314a25fb420921b2dbaecf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A8D 179 KB
56 KB 82ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0FCD 0
0 53ms
52ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C66KfRv_ZZMHhBNKYlgTa6bWABL6Q5PVxs8_K_7EQh8eysIwsEAEgpczXamCV4pCCoAegAavVtLsCyAEB4AIAqAMByAMKqgStAk_QPKh1d5mPuJsGQjMeXTIkwAJmXxEgi_TbnlHdyOx8j8NNnEd1FcQmbGi21GD3qo32oRiK3XmyeEZCiP02jEumngCBxiIgCLXsMkGLJyUw9XsqTtwo2kWQQYwdL7X2YK5t_aVdO5n8hf2qkbTbeGy42xI9Y1ymHpV5dcHS1wUjxj6sBiivILTd8qNj0KtTPsegmCjIgg_1SbE3W7hs6gwHvCYX8GbwXa9Vb6NoebQyezMdTwR484OPeUVcuOg688aLRsnlyAomR_hl0HKS2-tsCk6BwUmHKRJ50jwrMofdV7B00ltR2lN1yoBo1CIZi-XYhT-j-jgAC7jMCWKUgGYh1CdqOtHNl2ruo-1yQsyiarcl9qj_VoZHAuT-pTu9DNO26zaQDjX7Juhb4V7ABI3-2O3xAuAEAZIFBAgEGAGSBQQIBRgEgAfFtJPJAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIGAC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXFodHRwczovL3d3dy5nbG9iYWxpemF0aW9uLXBhcnRuZXJzLmNvbS9yZXNvdXJjZXMvZWJvb2steW91ci1nbG9iYWwtY29tcGxpYW5jZS1wbGF5Ym9vay1vbmJvYXJkaW5nLWJlc3QtcHJhY3RpY2VzL4AKA8gLAaIMCCoGCgTDsLEC2BMMiBQF0BUBgBcBshceChwIABIUcHViLTkwMjMyMzIxMDkwOTE1MTIY79Ft&sigh=2abPp1wpS5I&uach_m=[]&ase=2&cid=CAQSSwBpAlJWmklCxWJYoQ6QY0ga1CwkoJe9yg1ZQLmmHwy1K5031YjW16x32RkOPXPsV1hKCTACuc56333MsG-AYmk91kDCX2ZTf6iKgBgB&cbvp=2
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
295 B 18ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTUwOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV21XeZkaV%2FfePhSrdVx%2B9osF9MHLQUmJBA2GwihN%2BEZxu1jtqf%2FD4jeKvbhsY2VgvFiLj%2BjAPeR1REmExXUkvTlHv%2BWa6e%2FTEG1NQXHELLgyZKPHv7%2FJ4%2BHqVyNO%2BDuGxk3%2BALTpoii8o1s4196"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731a9eb19a05-FRA
expires: Sun, 13 Aug 2023 10:17:46 GMT

GET
DATA 200
OK truncated
/ Frame 1A8D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df9f434e59e9780ddb17b762f31662be256993c082c2b2a4d91fdd2e870ca321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 5 KB
6 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Bg.jpg?1671344294922

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5605
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 Bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 5 KB
6 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Bg.jpg?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5605
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 Component.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 25 KB
25 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Component.png?1671344294922

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25132
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 Component.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 25 KB
25 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Component.png?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25132
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
183 B 74ms
23ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=162833
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame FB40 37 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3 200 Reflections.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 11 KB
11 KB 11ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Reflections.png?1671344294922

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11601
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 59ms
42ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0CNhBDYh5SexBU3RML-nkBDNZ_xyun-hR7XZBZSR5MWZ2J-QehB67QvOWHhWeNj5OWdG-UafnXoiKJuUbT-MPiwb1hDZmbK8ifd-_0sZD8T_G7CkwZdPX3NYfKpMW77eLLFoMvgkJQDKr4QGhzJQCxtUX0gI0X5xqMKu7zG0IQlLr5oRHYWKK3qDmy2GAcjPt62umfSuxJihI8_FohKIh2XOWs7Ffht5JNnba0mVbcCSIdZkiZ2hli4lk8nApHPjVC8RsA8N3f07qIgmenJI2eX1Sn6SoQUOpT6aSVR7amAOXlNMtb1_fVxvEySVBvhMcNXz4cbqyWUMv4yLxZTS7RpB7KlqMcf5bdiKnVJmWoFDktMAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6OkJ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=sKoXcd4QY9I&uach_m=[UACH]&ase=2&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 44C5
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%2...

0
0

58ms
41ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228630331868034220673%22}&andc=true

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9056396149430539393","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"8630331868034220673"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 10:17:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9056396149430539393","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"8630331868034220673"}&andc=true
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame D9C1 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 823B 222 KB
61 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 433051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B 15 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 433052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B 94 KB
28 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 03:23:10 GMT
age: 197673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 03:23:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B 5 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 433052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B 40 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 433051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 823B 4 KB
655 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:48:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 823B 295 B
319 B 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 45429
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 21:40:34 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 823B 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 46244
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Aug 2023 21:26:59 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
298 B 20ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTcyOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr5akmuzbXYjTe%2FTGP1k3nhAcFdhOrNOTBh0%2BFa2TV3W1NwB2x69Z4B6GuIfMs%2Fbol3noZycluYfCjjTfXtO%2B2TrvXDmXqJ2l6wgpVozdS43xgI%2BpqTptBGSpPQ2t4KbfTCcFzENQjQubBsZwRGC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731c08c49a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H3 200 Reflections.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 11 KB
11 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Reflections.png?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11601
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 Shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 15 KB
15 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Shadow.png?1671344294922

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15370
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1A8D
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%2...

0
0

40ms
40ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22332521374725464433%22}&andc=true

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9136109555235701958","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"332521374725464433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 10:17:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9136109555235701958","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"332521374725464433"}&andc=true
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 45ms
42ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYYoZ7REI_auNeactb9pIqfJOSMxm5JVQF2An9lb6ku-TllcS5UgTy4Emz7kWMOourZOxRjhqkPsee9wXxWNLE1-Zzpobcz6g_MY8_kTBA-I1rjdGauhhpx5bGxLmK1W4HuvJPSUbIfTTvSa88MSb8IcAPmAD0Ffd-cKX-6SYe1mETHZhj8lmzeoHgHXUkEnKkhb3HwAeoWQyWjVWrS-XK5t_5s66s5VSdQCfxZmV-lTtoyryP2ezCLlohhMVxL-JY9hQTZ-5sLnfnpdOaVMe5Z-G3UCfaaW2EK40rKL4-VQ6x7OQGIRc6apzNYiGHn8RfcfqDdwYyamjv0sKnJ2D-6ZuXk4tyV53lWiLM4UndXRV2aOHa1JOT53MAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8AC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=iGmDqDBh9YY&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9475812989225975413/ Frame 823B 20 KB
20 KB 15ms
9ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9475812989225975413/14763004658117789537?w=400&h=209

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc95ac2a5f05d0dc555fece0ff68b373fdabafdef7c37b3dbe7ec24d795309f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:00:58 GMT
x-content-type-options: nosniff
age: 181005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20197
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 17:09:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 08:00:58 GMT

GET
DATA 200
OK truncated
/ Frame 823B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 823B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03dc8844bc7e372b67d32f1475a1aa0fe6a3c875d441062059bc2190cfe9eca2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
263 B 21ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJmMDlkNGZlZjM4MTYxYTI3ZDAyOGNmZjZlZWJmNDNhYSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNiwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA1MjcxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ5MDUyNzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To3DS54PmT9xQuUQsvGgcPeOjNqbQyFU%2FFZSbYW4UhMiqEfFlQ8W857ym8VvhILrc3l%2F8%2BSIsz4sg9g1xuzDCaHO7zEKTtNBsYDlYKNaWEz23s3NnmD%2BnJ583iJDv6BMFTgNuYft%2BnUQCVQoGfHk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731c18e69a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H3 200 4974905271 Show response
go.ezodn.com/dac/ 0
570 B 24ms
22ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974905271
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 09:27:29 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=expMo09yVSwR4l1WIa5ADpGsagaHdSCu2GIbTC5ZQro8X6i8rKjo3n98llJKYtHFnhiq6gPp2tpbbi4TQQYANe7GKaT7gFnmRTh1OSboMgHOg%2FBLSBvc5s8FFbxd9VrYTGfXeRiQ7XoPPKI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f68731c18bd8ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
264 B 20ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDP7F19Betig06JF1E9Kqk98XW2FIjHYAoW%2FUXnS7uG%2F4K7QW2EcKjQbw3x8G5R5v7ycAxFiflhcba3DZZCJgXfbQIItC5xH09ZsrdC%2FZo2fQIGBH%2BtT0hk3n68KzwyZfITTpX8LK7P7ekxEX%2Bvh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731c18eb9a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
423 B 18ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYzLCJhZF9wb3NpdGlvbiI6MTAwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6NiwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6OTIxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0OTA1MjcxfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXI4dKC2YrJxVDPYtI2OsuAcgKUZ5D55GjhAhCMRw9%2BeJunCOPF13Edt2%2F47qFPEe%2FZ2KbOmBV626AjzsJb1jRgIoSg5%2Bj19wb46zc%2BbSYsKfEPahP0w1qcx8jE6qYmLjA4ScqoQYG4Sb68bFSKx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731c18ed9a05-FRA
expires: Sun, 13 Aug 2023 10:17:42 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
262 B 18ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTc5NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnxGPzFOtizoEF7NYYJHt0eyUpj7orwNwxAW%2FZ5qMD224dK1ihHUjxdnlPOIRE9RXaWX%2F3eN1I5aaB1MHpzbGwEnXuy2QVtRsawoza%2BhSOES9rGHGyC3cPvpkvYNeVkwyAgcKwDawnRcyHnSql%2BH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731c69459a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 77ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 15 KB
15 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Shadow.png?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15370
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 823B 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 492689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 17:26:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 823B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 389367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
H3 200 Table.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 30 KB
30 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Table.png?1671344294922

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30764
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 53ms
53ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=5&ws=1600x1200&v=23.725.1446&t=15000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A450%2C%22id%22%3A%22Outstream2%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: R3HPY5EXBT65SVW7AV3V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9etefH_HyrJFLPQl0dJ_HLefXfhF23ZFoNS7ZRtisfwOD-LghZF4mQ==

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
42ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Table.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 30 KB
30 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Table.png?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30764
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 Track.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40 18 KB
18 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Track.png?1671344294922

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18531
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

POST
H2 204 greenoaks.gif
sunnewsonline.com/detroitchicago/ 0
259 B 20ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt7aVT7VcdYWZN85%2FROg6HYdiwMuF2yEUV3uR0OlA2NvlGoMkLKNbZA2TSFGbgfsLHWvkaZxld8ZSNtfONLpGYW9FFnNtwUsBOnfeXjTWLAdFBkOhQgcXM2uYElunkrUiR21tupZPOwf4pPMb48%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731d0a0c9a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/ 18 KB
6 KB 32ms
6ms Script
text/javascript 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: SHNpl_8wt2p1PJfKLDG5Nc7BxQDTckiK
content-encoding: gzip
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Mon, 14 Aug 2023 03:17:36 GMT
last-modified: Wed, 19 Oct 2022 18:09:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 25208
x-amz-server-side-encryption: AES256
etag: W/"32d4340999995f7e75434869149ee50c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: u5It02nPylW8h7GUBcmut_ZQ1TvhO8DIeVMmIeSFr9fJ5ieexO3KsQ==

GET
H3 200 Track.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1 18 KB
18 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Track.png?1671344294922

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options: nosniff
age: 20740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18531
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:23:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 04:32:03 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 823B 0
0 51ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTuDYRv_ZZI2FI5mGlgSHioWoDfKV2-tu2a_ftugNmeuIlBUQASClzNdqYJXikIKgB6AB4JOrlwPIAQmpAqg9X-FuXrI-4AIAqAMByAMKqgSnAk_Q7TfqTisU8UPGO_Wa-dMRdhT0nx4zrvYFOQc1xU0MyMlaAblybYSkwbfkMPF5F1Jy2FI6aGW_j1pKj6d_u9o3gx6Q31fDU6cTpcCc9SI8sUHhJE2ZyXV2LI-iLAMKwD_xzPcRNQeTlsQMCRPsH_AwQJwvkig2iq-Z-stU0zKquTPGxuESd8LSebBKjObRGtBG0VbuXAMfqlz9fwddZPJ9SgEtfw30bM6j8xParawDNkDougmzYE9glI0_bMFOm5tPnUNkLcGFt0h12rQQy0y56dmVdik-tgT_Slxfn9FuVcTdPRWhZZf2fInR22PPJUie-I1Gysg9i5dyoIxFdFca1pJhe6wb5AgAxH65m63MtaGKrj1TK8fHBGCj4BtRVJfyOI9gOuvABPuXgJa3AeAEAaAGLoAHiOzUaKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMfcA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbWJpcGFjay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTA9AVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=dTJZXlRNrKY&uach_m=[]&ase=2&cid=CAQSSwBpAlJWkCoPH2eXJzikbRazndM2xR-AxS27ulVfPwv975GndPyixXnp_KxNBRMDjWi0XjPhQ3MO9ivZYse6vsAAAJgfCkMSgl-8BhgB&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
963 B 355ms
327ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 613f346e-c755-484d-ab06-728c6d282342
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: JpTTOETJCYcFh7Q=
content-length: 555
x-amz-cf-id: DkEl2b86Zw-VekUwVc0cXm5qRG1hqhVk2jmDErRpz7eTC6Lrqn1Tlw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 53ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date: Mon, 14 Aug 2023 06:08:57 GMT
last-modified: Tue, 13 Jun 2023 14:58:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 14927
x-amz-server-side-encryption: AES256
etag: W/"565eb88b90415391668a5cb7cfb4557a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: GbAeCopvqyBo7zS2iIJPOhr-hTau2uK8YX9zCZE3rNVM79UtRuvo8A==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
962 B 297ms
297ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 613f346e-c755-484d-ab06-728c6d282342
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: JpTTOETJCYcFh7Q=
content-length: 555
x-amz-cf-id: PBdhDoyOK-uuW9-9aC4Z84C2K3OIJpcCxk4BK_hqLeCfADGFvAUIFw==

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
261 B 20ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6%2FdM%2FcOd7exHBBEMY8ufkgeXoPY7vBYaoOsQ0gxvJDApglBhqceb%2BX%2FRe6iD8uIhx8ihjg14iMG7F2F%2FZUiIAwcuCufKkpeuP7kBpx2PyQzI6Qaab7AYV71oObw3odGShhc9MQ1zJVABXEgifwC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68731ecc9e9a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0FCD 42 B
64 B 113ms
113ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse5VxOqzTIAiov6_Smtk5PNm66iYrWd62nT_BFO7VO7czUCtKXWQTT4uwonZYAk1i2FhoFJPwsohZrKwLUL--5g3w5KTVlztlp4jmFNr4NbqY0uozMXoVCbQ5BsiH3Z3OyuqVTexWDesoc&sai=AMfl-YSwUbPK785BNUyhcO_hpRsI_UpP8zbFZEql6sKRGeb28jEcm-tszyWr_tWRNpoahEymff419o85u7YxajR1mLeCO_KYFFKaoEfFqXg-Sn0ltpDclGOEZLW5-8vz60dPzUZWjC5ZKVFNh1dZ&sig=Cg0ArKJSzB8oUcETUWtSEAE&cid=CAQSSwBpAlJWmklCxWJYoQ6QY0ga1CwkoJe9yg1ZQLmmHwy1K5031YjW16x32RkOPXPsV1hKCTACuc56333MsG-AYmk91kDCX2ZTf6iKgBgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=358&tls=1358&g=100&h=100&tt=1358&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
293 B 26ms
25ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzgxODM2Njc4MzM2ODQ0IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzgxODM2Njc4MzM2ODQ0IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq7kHKHIptjXwLPn%2BnrAt9GeTlKU86EVwy%2B2UAPUH8sDWNPJXeqTQf4LgcX%2BZU45E0LoE%2FhuUBcx%2FyDvZik7qPh1nKMBDTGakDJpQOFeEdkYCY7SWXf%2Fxl64Cy040U5MImhE9%2BLumhA%2FCZGTnoz5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687321987c9a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44C5 42 B
64 B 130ms
114ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPy-Y-GiL-wEPWn5rxHu-6xMVW84NoYziYK7kbUAcgaToTuUCreOtl36LTZv5hiLAEEh_MBSV38FwTgnyLvFszCeWis4L4nFhUtsJE0pQIST0rI0tMlXsKIIN5ZSLCTPb9pkrRrgxsEb_K&sai=AMfl-YT1femCCy7w4drydKPRJTRHlmk7Dmt_xJKEGaX3HP25csw7J1UjPFRwVQJwb5_2kEe9D9cFBc3HSZSfd0RdCPBxQ9eRKRyM9qmLH_5VDg&sig=Cg0ArKJSzGlqW5TWdL-5EAE&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&id=lidar2&mcvt=1000&p=302,0,902,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1493151707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008262512&rpt=414&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A8D 42 B
64 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueo_g9FyWv_LfzHX5jCeQqZeslG5v5tCg7IH3AkPMZv1prj-7Bt8YAqh0FDpCBT23OFPCCYzXVJqB2xgklQq8l70XcNBls95_ZyudsbjBAqhNnem29qN7fricrWGy-X0jM6uYZLYDwJckx&sai=AMfl-YSFhyiOZ0-376u6MVjuAMN1grvCqRB_2mjgYDLInXM7nqE7DGx1LG0WicuqnFDdl0pymDkjyb5xPeWWN5AyLIZ8YP3XKvfy80rm9jBsn82vu60viSfOwrx6CrHtq-v1r0HCOfh-TfuXYy_kFw&sig=Cg0ArKJSzF10sgaPgpCMEAE&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&id=lidar2&mcvt=1000&p=302,1440,902,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=990695581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008262547&rpt=444&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
285 B 16ms
16ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4F4ciYR2SpLM51D4sTrm1PLw8JPbMRlWni9QMng7V%2BE0GT9OZRLqaLHcfvU0b4mPkI6X6fZtMZk5ChrrZjUijvono4tIIG%2FQcuIrEjw7bBYa9YSAA709DznLDr%2FkMNDD374CRDK46QlntVMP75%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732229139a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
263 B 16ms
16ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLiOCI1TC2qXmJgr6%2BEi%2FV1Lvb38rSAiDeTT3Kp1M95DRL2SQswhBA6P8PgV1CZHvEdNM0rXuC5ErDH3kKCn0gaI1Hz0FgzPz0G%2FZTfefjqv9kLHXDQJoe%2BF14mP9Hjlvpm8J9as%2FrD1y5lqHGIh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732249319a05-FRA
expires: Sun, 13 Aug 2023 10:17:43 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
420 B 18ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZs5nG151NYu21UfWYdCFVH0BkqBOCC7eiZRMH0DXgfwC%2B0CT7v65FVmxHJ1zy8v5SzUAgazipP8TIPrknnnO155QUBq%2B%2BHMRyfsb69aD26W1Gac4n6jd9LAmVkjPvMLrd30tfjEJ09KKv1vIoM0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687322594d9a05-FRA
expires: Sun, 13 Aug 2023 10:17:44 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
294 B 17ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imHJ1GeqTa%2BORXkmjxnoijIKhSfzPjczyTf1H99NXtRAoJUF3dhc9cdurrHLJvYyiHU10woKDs8UZ0rH16PLQpzdLbvJpzcFo%2BBNKbLBhuVlNIyiSN%2BdF5Wur2vmCmEAGqznCo29MoZyouOcScqZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687322594f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:44 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
259 B 17ms
16ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MTA3Nzc3MDU4NDE1MTIxIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZqW89m6Nf11Qw5QKFKW%2FNWYvonLqkrGbI4IKnaM27v96yZ7s5uEpKWbTHeEIcT9zcJwyBf7VZ%2F6DKqcX4nrxcBuaCVNhrNwRZ4BoOom2nXy4xpsOPSMlprhl5NB8oXQs05NOmr0jmRSXPKkGqN3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732259559a05-FRA
expires: Sun, 13 Aug 2023 10:17:44 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 823B 42 B
64 B 115ms
115ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHyqYKGNAqCki0ifGT54xGeuaPBQFokCvmUjJ6UBmmFIJFbHbAq1JPaTkg8as3yPDtcRypq9mwk1Ej6OZFef8CP-heDOfdfWJrVa0Yn3mxBomN3e36lBtWBe9VGl2SlO_qEgdp7UCtcm8hkjKiciClrrW6B-E4M32Weq3R-X_rb3eWcTP_FZtc2VWsSYpq8rf76jsi9mi-VeSEwehosOoORPtzmO25xxagbQ7yfWVO0sSeWmbpX6U2DiyYWFSnVkgXBO-KbkVLHei7IacOGjmM39F1Vj0d2W9NApY8oK-Rimk2ofXNUVcQ8QS4Swe8EELBpeVUQeUJsiyOQD-NaiMuyjBwfR1MVJKKQk7i-9w_0OMzUHQo79QrkSbl0UAhKZYkwpP4Gh7UCOdDU0Cnbkx1iixUjCSorgGXEPaFD5g3-oksg_lQ1ybwD5mRGKZ--cBxgeoeB9BnjzYF8QxDYL5BvKNf2xmL75LjXaDgJBhbQZtTMUREg-dZzk3XNzPkFPen61Iy7hG6DjgFPA0vRDyYNuqdiXwuHc7WFoWkE0u3teCels3mjGcIhY4L0uuqk1TLAz2aUv6GgER9aG4uruUxkxnteXBjxosGTH5KaKoR3PXGiUPtyZvkHeK-PeiAJNUgdmzvrqkvJSM2YLVIXVOLmA_Vr8HljgdSrAh98Lvd0PjTsMUMbYrkAZmfcyAKCFX3YqyR_IOh14vcAMaqCelzYRCViB-PoqzpH86UjsdgYBw896zRiFtQ7HMAJKs_77lK0-N7_OW7YQ1TimJmGl_sXa5Og8Kb2kpUxZZoi5yzKmkKdQegFOgfD5HbISaH9h-7I_R61u4fLdS9z6Llya5fhcP9vrrYb8LCHztDaK9YpN03zdQt9qxv4Nj790o_GRsLOK-TMAKPEwyK9tnCXzXVXUXaa8Bjkx5QOr5dWrYnlDBv34OHcY7Vcp-8JU2-1hzITYpqX4DxVWKgLamkCdd45QKxs08RssQPViKf0kTzrxJ9n_GP_bExsJuTDPZLGi9vfB_rmdCout1A0_7slZJFBFp79JvvNTCkawQvuJx8nHDiMdyz7K65TWnB9HXriE2K0ZopuMJl-dM61_noV6NeSLWUDiJj_Zgl1qeqkNa608TkTxUpnLtYJ21Y6lMC4vI7cykGBVvJYqRstyJ2rKbw-wGMXi3ASCPBQq317JwI0jzsJWbML1pNhHN0RxiKSNkk8KLgcXe7LQ3s3xNeQOWFqFmJ7Q&sai=AMfl-YTCPCuBsF1qm7ZrjFg9PKcxG7haDpjUgPgxEX6Y9hUO3cB3MUHKNKN8UiABT_q15q62B62E8o6DDDuw37rPl0Owuj2oWRvP4f5aWbJaGCPR7iZ4XG3soCrwrn9GRigBScvzfbz_e1fJigX3410Gi-6HGegUfn9v2A&sig=Cg0ArKJSzIIo5Y-Od8mOEAE&cid=CAQSSwBpAlJWkCoPH2eXJzikbRazndM2xR-AxS27ulVfPwv975GndPyixXnp_KxNBRMDjWi0XjPhQ3MO9ivZYse6vsAAAJgfCkMSgl-8BhgB&id=ampim&o=1170,184&d=250,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=228&tls=1228&g=100&h=100&tt=1228&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET envelope
lexicon.33across.com/v1/ 0
0

GET
H2 200 vpp.gif
sunnewsonline.com/detroitchicago/ 43 B
397 B 22ms
21ms Image
image/gif 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sunnewsonline.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F%22%2C%22pageview_id%22%3A%2250ad158f-9397-42d6-6322-c1458cac3fbf%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A494158%2C%22media_src%22%3A%22%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Aug 2023 10:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XyiIYinHNFu9EiBhuaJ5tJiCUX2EXc7e4wL7Wmj2Muec6SNxl%2BxwwdrlZdpeEm0y6JYyw4bBBOq0qZ1nuJGmTATr7QvJUosD2o6sgLv7y0nVISix8MFLhgqb%2Br0JCIHyl1WjCElGhn1KDpxtfRC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 7f6873251df59a05-FRA
content-length: 43
expires: Sun, 13 Aug 2023 10:17:47 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
260 B 27ms
27ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsyNTAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k%2FMLC1fqgEsdnLE5V8NJC2IFY7fgqF8BUHwvjBJMHXAClgN3vKpcwX63eqvNZ4uaByDzQBQU8k1%2BKneps0F4aVPKB6PBa9IpbJWssNM8n3Z1z%2BO5KdyFrAEts7KuilgBtX80JyDNy5rLB6AL9sQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873255e489a05-FRA
expires: Sun, 13 Aug 2023 10:17:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 168 KB
49 KB 525ms
525ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=2957142219926825&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&didk=2484510054&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265086&lmt=1691998252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=bvr%3D0%26ap%3D9999%26reft%3Dn%26avc%3D100%26ga%3D5302779%26bra%3Dmod1-c%26al%3D1006%26ic%3D2%26ezoic%3D1%26eb_br%3Dzero%26tap%3Dsunnewsonline_com-pixel1-4033684138378932%26d%3D494158%26br1%3D0%26br2%3D100%26iid1%3D4033684138378932%26lb%3D160%26at%3Dbf%26ss38%3D1%26ss9%3D1&adks=1275092040

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

286eb2dfdf1c0eb9501552e21ee1634e9513501bb80328ad67d9ce007e9f3211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50458
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
50 KB 456ms
455ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=1587830402806144&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&didk=2986461563&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265093&lmt=1691998252&adxs=381&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=746x90&msz=728x90&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&cbidsp=CmoIARIRCgNhbXgQ8gMgAjgCUgNhbXgSFwoGb25ldGFnEPIDIAI4AlIGb25ldGFnGAIiJDA4YzNlMDc2LTRiNzgtNGIwZC1hM2QzLTdlMWY5YmVmZWFkNCoECAMgADIHdjcuMzkuMED6AUoA&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1904956736383823%26eid%3D1904956736383823%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsunnewsonline_com-box-3-1904956736383823%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%2C9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D6%26reqt%3D1692008265076&adks=1905174598

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aaba30f4e01b26d401ec15b0434295e8d9704363067aeae067cecec1070d2e3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIr85_z124ADFYNRHQkdo8gHOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8742889927508434617/728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIr85_z124ADFYNRHQkdo8gHOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8742889927508434617/728x90/index.html
date: Mon, 14 Aug 2023 10:17:45 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50943
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 285ms
284ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=4120316588790327&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=11&didk=2986460386&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265097&lmt=1691998252&adxs=152&adys=-76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&cbidsp=CmoIARIRCgNhbXgQ8gMgAjgCUgNhbXgSFwoGb25ldGFnEPIDIAI4AlIGb25ldGFnGAIiJDVkODcwZTcyLTQyM2UtNDkxMS1iYTdmLWYwZDVjOWM2ZTMzMioECAMgADIHdjcuMzkuMED6AUoA&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1605142702403209%26eid%3D1605142702403209%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsunnewsonline_com-box-2-1605142702403209%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%2C9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D6%26reqt%3D1692008265087&adks=1280361889

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e413ba64dd1ffdef501fce63182552cec4740604ab9bb697303204a79a2902f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16127
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67E4 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
282 B 21ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIwNjNhNzcwNWQ1YTlkNTFiYzQ2ZTBhODdmYmEyOGE4OSw5YzNlNGVlOGVhZTdmMTQzM2NiMmZlNjliMTMyNjYwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDAwNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ5MDM1MDEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3Vgb6CHIpX3SLOPGNK6nJ3lhb7ARWR6hLyitmFr64jlzW2CdKwGKyePY2yeAcJV4y%2FPrwhz6r5bzBtA2BDHmQUretcyJ8EK4vL%2FYjp4IRprWm%2B6CEjGbCB825uzjIWgDcL22uNaJk5Nq8YeP261"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732adec99a05-FRA
expires: Sun, 13 Aug 2023 10:17:46 GMT

GET
H3 200 4974903501 Show response
go.ezodn.com/dac/ 0
578 B 13ms
12ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974903501
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 10:10:07 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32lhrOaUeDI7xJv893FwbvrdAHxEPOlg%2BXgPiowCV4cjqFc8ubEGrXz%2BZvFyYj5n1ysdS6EYGMEJ5oVfEubkP%2FpCJHCwKGhCaXUk5Ych9pvqKCaRB3lmcRbnSFO17wpvCFKe2aEvYC2hCCc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f68732ad89d8ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
311 B 19ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCyGY5WdHZ1eqkbzyqR6jLULo%2B3%2BCAY0IqBk9SRkq0eQGxXuvGp83wc%2Bl%2FxpwbeBEdaRUwKmhENzQxhelmYV6EiCjjlB30c6gwl6ieQ%2FGVYaOuJmJtSpbqf7%2FSWk8BxDK9pzuJl6ROSPKfeSEyJf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732adecb9a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
260 B 20ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY1LCJhZF9wb3NpdGlvbiI6MTkwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6NiwiYmlkX2Zsb29yX2ZpbGxlZCI6NCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzA1LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SXAolalx4gD9n%2BJsyXVOsI0FhSYCvjLkadaVVWENKQntmAxsqIIqnIRmZenGcatHwNkoRDDYsXqvxd6r5rWlAoyZBvnpblJryyoQebKmD3yef03XbAjTzLD6i%2BLACqCNQNaFeLsXC%2BRSuejXtWW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732adecc9a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DB9B 139 KB
48 KB 111ms
66ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a92be692159a60cd21ae2433e35968793165ac283b9f2e1ab11dcdb60cb9c7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rJmUDvvJxnxh3FlwjuipSUjl6W3omwdjdRBdyg5dpy2RyYZ4VIg1xQuu2Js9fjgqIQFkg7X2SJ7hGrR501Ni0l2DdIhptZOcJ_0YEMi1ybCdknbPVEqbD9sZZNYVVBJHO_Wu2y2tTN3YMzLxDmcrZ06Fx2nRwP6Td1lozUmwVQhsnqy9nJqe2w8cPnxIdprNdmfkqvXgEP7EKlsO5xi2tdQ5Y3N7I7ulqDKMafoJxwGyijmMTEr0Wy8-hHpBIvk5tEfFwA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 45615841
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 67E4 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:49:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8D64 1 KB
643 B 15ms
8ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 67E4 20 KB
8 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 67E4 0
0 23ms
16ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1RX20Qi42WP0zaPGFM3jG1F7Jg4HGsxF3yHj9VofgxsMURB1hO_23QZHysgyfObaY0gVpt-flp-Y_CrGqEX-BwsxQog
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 67E4 24 KB
6 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Aug 2024 21:54:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67E4 179 KB
56 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
DATA 200
OK truncated
/ Frame 67E4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 996f6cb7c72eb4dcd0e008a3f3c7c21f637a168b0fe7d14a11900f088e0f8e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D64
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_cver=1&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxT...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxT...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1...

170 B
188 B

18ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 10:17:45 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 279
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8D64
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEGfwQ0l4_BYkXerL6nvLLO4&google_cver=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrd...

170 B
243 B

23ms
21ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 10:17:45 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 8D64 0
44 B 749ms
245ms Image
text/plain 18.177.27.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEDqGehgHo83xbyHrQ24gfpU&google_cver=1&google_push=AXcoOmTCHG9tU-SUo2h1cc9e2_VKHleL58mm7-SB5jJpY_FXDdeIyDkSB-gLLQiK6QEpXfM7RY3uy0iuYFxwJkPrFpTBIxFsK1oyrhjDLMygX7LCORkr3dpKf_JWEKZ2z_6-bmzo7Pa0-FE
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.27.67 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-27-67.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
server: awselb/2.0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 8D64 0
125 B 55ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKWzrYNS4lQCvKlRP-MU5Qk&google_cver=1&google_push=AXcoOmQZCz2rPk5BJaQoyBn5ptI2tTW2ekbYg7JKry_jpcEgMGSHDYkh3LXzLPaqBEqDkZvolaXSKv_WpSV_wSGPyzGg5BxdXm60nGbBost9GQsFtr-oyiso6c9NTIatL9Vf50EHmXX_drwT

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 8D64 0
35 B 48ms
8ms Image
text/plain 18.193.132.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAMD0xSSernMS2log6YmLWc&google_cver=1&google_push=AXcoOmSHpXVNkmq6yvHb05jO5JbNfVG9EyGAyOvrwBIqmlAPlA_Jk-5nctfo_FBnURQD1Izo65dByWe1jTs4JvW3CfefQmRUk68HUM60IuaXA2ZeBu2td0QmnurKq5CxDoftDVuSZfNDH4Y
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.132.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-132-164.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 8D64
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 8D64 43 B
146 B 37ms
8ms Image
image/gif 3.124.27.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEsM-8rEVM8b3aQ5kcP78S4&google_cver=1&google_push=AXcoOmQZ4TNLXsBgmdnd7d4URaZ3kzWANtc9Z5gq5_LegXXSVYxQWPzlJZrwUNW1Qlxq9RtHRZwyHhTQFZwpiZktC9rNVJHoyHvluU2mYShHNRd_QXeDn9yDzRN7nnltNst2HynzHvMXycrC
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8D64 0
139 B 51ms
14ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7eDaBdDDBIMLhGIhzcwgJVtG4EfLLmFiyrPssqjRUWyZDNDtPdQej2dpt6UpwmHPqTp_XEh8sqg

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 67E4 0
0 51ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAa6sSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS1Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPxUsdvls5ciTz0j6PdotkF1T7IoZLJ3a9Qtx8s3Sw3FajkFnXRHeeAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTAyMDgzMjg1MzAyNzc5GO_RbQ&sigh=HZGTfn8utOs&uach_m=[UACH]&cid=CAQSOwBpAlJWB_q11-I8i9lZhCFr5WD_8H0tMYZPW2Gt3j3n-0xMUbx8HLJ2I5BG50p6l9cZg90SKSWLRpuJGAE&cbvp=2&vis=1
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 67E4 0
126 B 58ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EOv_CsoH-gGdg2ICAgAAAGp7O3ahItx6EEj_2WQw1BYJfsySXKmtAAASAAAKCkFRVUJEd0VCRHc&wp=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&cbvp=2

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 148428
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DB9B 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DB9B 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DB9B 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DB9B 293 B
621 B 23ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame DB9B 43 B
348 B 61ms
21ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=msnSS4Ty4VFAMzisviB6BuIPbblhzwX9iiW0MItv7-PuScHMYrGczJUuSFoQ4ykoeNEL3rdKbhrzz2NTHWq8gAijXaKjLqvvfd_l2mwrGKj9Lq18IhCivWYRO_1YcGuCEJv7b6GXvWUgEz0lOvnhBHbub4kSHtmJXMG-JDD38EJZtm4JkD3QH2p9wNuSm7IKsrky7_qnfRfbGu5JbyGFM1j4h9SAlePPrTPcI3b6grZoMKi1hRA2oHOvaLFBathyQlkp1X7vyATf52xOrFUFBL6JzsL7mtTDpK5Fkf014rOk8Y6p2Kvz-hluBrz-HOuJ207cJTcN5XMFsn0KpsXM2tT1jYfHZDnmjdOWqDYA7Yoo51e2y9wDfcQA6N08kz_-XuQIccfWgoMXa4Co_M0q4KuJelO3cL6hKWwm2o4LFast3hMEqvDwdjckQiLIjWxDaXspERb9xP0-FdcYBi5xlcnzA8MoywT2-JHT9i5qNfRSLGW8eiya67_fYT6ccr27_5RGbFYhf8DJwEltb0asilh6dYg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2313423
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DB9B 12 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 404904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SalZIFMiaerS4Mwu99FLr%2F%2FkprOHyN694L5ZTsg12vg1se%2BA8BmiCrHyY%2BR0ONDJnH4yCidyEmRAWPXENC1LDgo2MuksBItEuZEZ3p6jRoRyAOKG9WyIAgEvYPBHkb53IZuVQsvWQUrIcalj48CpKbK4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f68732bbc95920e-FRA
expires: Sat, 03 Aug 2024 10:17:45 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame DB9B 46 KB
46 KB 64ms
32ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame DB9B 38 KB
38 KB 71ms
39ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DB9B 12 KB
6 KB 20ms
19ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 7 KB
8 KB 64ms
18ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=356&s=yOLdXwaCMkcxaq_rOXtE0yBw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9dc07161decfae4c07e5e99d3633bc19dff5757aaa09610cca838aa657806d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 7636
expires: Tue, 30 Jul 2024 03:15:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 32 KB
32 KB 80ms
35ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837267%2Fd2f99b26a5134d288032a3a72fddcdbe_img_horizontal_1.jpg&v=3&w=1200&s=sk1ojweIacrKNqxUEUB-M-bU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 33034
expires: Mon, 05 Aug 2024 07:44:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 26 KB
27 KB 92ms
47ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22260635-7adsE4KX.jpg&v=3&w=400&s=WVZjV4m8revebR3sozjJV66z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1ad352a0e77efa7a61e986d8962eb4e52566a40da7625fb409c0106ffdb9fdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 26964
expires: Tue, 15 Aug 2023 02:53:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 361 B
551 B 86ms
42ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=DhGSqk--HTA2FgdhSuA8CMfm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 361
expires: Thu, 01 Aug 2024 20:09:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 3 KB
3 KB 98ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23085056-ytni4k28.jpg&v=3&w=400&s=lOuIbfHVQDqDte3NizZ80lWy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81d987b56fbf0398e43894d6e7e13a56c6b5bf6eb5f511377d2cec956469fadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 2946
expires: Thu, 17 Aug 2023 14:30:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 1 KB
2 KB 96ms
52ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=DAuhO2VZsOVWSNtKtkvA_rLO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Thu, 01 Aug 2024 18:38:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 311 B
501 B 54ms
54ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=hCw2w88S8ZJ6SetJTMIWstBG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 311
expires: Wed, 31 Jul 2024 13:59:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DB9B 12 KB
13 KB 55ms
55ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23124921-Zs3dUJU2.jpg&v=3&w=400&s=SkLbQi2LtN1TbUbgfJBvmpeQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6bf3cefb40d063a294cb2ab53d0484e1baa70713c0de168812eca71817a86090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12638
expires: Sat, 19 Aug 2023 16:25:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DB9B 0
128 B 65ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rJmUDvvJxnxh3FlwjuipSUjl6W3omwdjdRBdyg5dpy2RyYZ4VIg1xQuu2Js9fjgqIQFkg7X2SJ7hGrR501Ni0l2DdIhptZOcJ_0YEMi1ybCdknbPVEqbD9sZZNYVVBJHO_Wu2y2tTN3YMzLxDmcrZ06Fx2nRwP6Td1lozUmwVQhsnqy9nJqe2w8cPnxIdprNdmfkqvXgEP7EKlsO5xi2tdQ5Y3N7I7ulqDKMafoJxwGyijmMTEr0Wy8-hHpBIvk5tEfFwA&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DB9B 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DB9B 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:17:45 GMT

GET
H3 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 816D 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31F5 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:42 GMT
expires: Tue, 13 Aug 2024 10:17:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
261 B 20ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIwNjNhNzcwNWQ1YTlkNTFiYzQ2ZTBhODdmYmEyOGE4OSw5YzNlNGVlOGVhZTdmMTQzM2NiMmZlNjliMTMyNjYwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDAwNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4OTA2MTEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIcykGESYfu6xODRrJEEZDbNVm3tpOQQ4nfRDfZAGD4uPKhXpMvDd3fqNT5U0Cc58oKLTXWZWCKzx1d5hwarXHEyAS9g4bzhCJ1d8X46eENnY0DNj%2FtzmCYiKjOC6AAJM7965WMdmY8%2BZUlCJrej"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732ca92f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:44 GMT

GET
H3 200 4974890611 Show response
go.ezodn.com/dac/ 0
577 B 16ms
13ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4974890611
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1925
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 09:37:15 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNGpusIWmCPddrMpbtiR%2F6pxrLaxftcPvf7tRK6OesEaSoRMjKCgiKf5OKbzHT15TTbGa6CX9bnuTi0%2BfPOEwvlmJafi1AQtj3BP%2FAa1ZtyN1INTsEuwFon50x2Z1L0JytyBiII3OwhQMlU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f68732caaa68ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
310 B 20ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKQH6E%2Bxuck6KG%2FaX2yyopz5gQge1kEuExAlzYaXNxJ56LD4u%2BqPFZpSt%2FkClgt3bL%2BmS%2FsX7t9%2BEmMdCcZKwqY5%2FL8vfnqQQ%2FhTylz%2BwA7liZnMK0rUS4FI9%2B68r8Ar6XHdOoAHdWIH1%2FCozGfC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732ca9369a05-FRA
expires: Sun, 13 Aug 2023 10:17:48 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
308 B 200ms
200ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY2LCJhZF9wb3NpdGlvbiI6MTkwMSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6NiwiYmlkX2Zsb29yX2ZpbGxlZCI6NCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTI4LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn5Vq8aoULt%2Fyb%2BMVEQbjSPDq80brd74eY6sacV4F18m8c2V%2BAzgUnqttqn0y9o%2F8QrAsO7icZnJ934zha57z3JJXbmjhBQr88lbqFaSYb5hZWZHch8rZh7jZnwNtq6OGzkI7IK5WhkdTZgQZl%2Fm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732ca9379a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
260 B 25ms
24ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Inplcm8ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDE2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDU0NDYxMDUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDgwOTE0ODA2MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CddKrS9To3LWHquJSF8WwmWV%2F%2FakWvw9DiM4JAzWLWdDAlzr1KfGSclsWAcul7xHQpSovg2M6YkTnTYmnkOK0ytamLtWKaFGt6rMnd0uc3KVJOY89Yq%2B%2FJILeWAb30r4zDJlYV3QRsLi4Fcy7Vma"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732cd9639a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

GET
H3 200 4809148062 Show response
go.ezodn.com/dac/ 0
574 B 20ms
20ms XHR
text/plain 2606:4700:e2::ac40:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4809148062
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 14 Aug 2023 10:04:17 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sunnewsonline.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE39bMQotRHCSx1sX11SSo6eHc0aruXhWWUzLLc0Hl823dPC0jA2Dr%2BBaadygbEbnS198l2%2BQdxMEYJUWh6ji4cAX42PkDGJpoVXCtZgjz29TS7%2FWTjGsyU8jBiXo5l8knN3IYZIPdu1%2BwE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7f68732cdac78ffa-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
405 B 19ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wOC0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GagTooP6zgEIWSZoDU5uf%2B2UxTMgZ0mf%2F9hN2Y7mMwAjJWDYlD%2FtIXJ8XjvnA7jz4ZWKftv6U3Nj9giLCDzCAr%2FQNc59%2FW%2BjDD5pfSJ1elPcNGNUU4O0u1cPnIHX5govj%2FQAXiwar8ZeK%2BlQdlFv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732cd9649a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
265 B 19ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY2LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNjAsImJpZF9mbG9vcl9wcmV2IjoxNjAsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU3NiwibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDgwOTE0ODA2Mn1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=215OD%2BKoOAkTp60VJB9HD1XXQXEguTlwYyl%2FC6v8H4Dm2qJ4ugR86Pf2VuOkn%2BbXnir9zPkNt8Uj%2FNFCC4GEd1Vbcr4E482F9%2FIWWd4GGGD53kNjr4aFLXR8IKK%2FV9V7IFOufxbLA5rtVP3Xoatt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732cd9659a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
266 B 29ms
28ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0Mzk5MTU3NTgzNDE2NDYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjA1MTQyNzAyNDAzMjA5IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTUyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItNzYifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzgxIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDIzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a68R%2BbvHFzT2KN2sHTyuUJgBmooz4gEhTwVTLmDPprRVFbCAvb%2FLMkliyYHb7%2BYG%2FrFHd5N9aFVZ5WgIDGoqCUnkBqEPng2ggOc3ZDv3ik9eKAbN5ybI7nM9lsoUwha%2B%2FjccFUYIBD%2FgQxzuS6rq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732cd96c9a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
261 B 21ms
20ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExNzAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE4NCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYyNjk1MjkwNzAzNzY5OTMiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTQ2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDc3In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VeNmwgLXtGTE97HJk%2F%2FrKmF9t0meXhh5vUNbtMRNRFytuIEdd2Zg708py06tWHkdd%2B4Bvcz9nwQK8C6%2BsSYfe0NYyp11fEavHsJ0Kw5pLjOGbhD0pBByoJiH098qtNgEXbhyhU1ebIZeQiU%2Fjx6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68732cd96f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 159 KB
26 KB 9ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e18f8ba641c416c6a0e85afbc654421975853ba9c705d4e886e2d06d6d461cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26863
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 05:12:07 GMT
expires: Tue, 13 Aug 2024 05:12:07 GMT
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 816D 23 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 816D 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:49:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 816D 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 31F5 4 KB
671 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 09:35:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F29D 14 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:25:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D 2 KB
903 B 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame F29D 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:49:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 594B 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F29D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRt0-Vrkl0XO00kUdVaoR1vn3UvZdeZbOc17d_98lGQmb__yIlJ9HSQ0AX-xf9gRNRJNdIt-Xnx5HW4AbX5y7SAZ2rRHg
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F29D 179 KB
56 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame F29D 33 KB
14 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 31F5 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 23:58:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31F5 205 B
296 B 27ms
9ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 13:24:11 GMT
x-content-type-options: nosniff
age: 161614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Aug 2024 13:24:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31F5 604 B
920 B 26ms
8ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:55:52 GMT
x-content-type-options: nosniff
age: 184913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Aug 2024 06:55:52 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17A9 16 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 14 Aug 2023 14:28:22 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17A9 34 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Aug 2023 02:43:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 17A9 27 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 09:01:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 17A9 25 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 09:17:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 17A9 109 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 594B 0
104 B 250ms
23ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECaqE9tkVGnvsFUOwx9L8vg&google_cver=1&google_push=AXcoOmSCv1L8OtQ5iltnwWuGAL_PFLdzOZyhJFJcm2xEAAVXRDUe0VCNeVMm9vn0SalAqiKdTxcouTJaELQlp0Y4Z0V6FQOhvtisgQ
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594B
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvZenXCN8b7ebvlveAL8bQ&google_cver=1&google_push=AXcoOmTys9i7UbxR5CdVrV5qqELfKWmZWC4wxEStWkgoEhI227QoG6aDtZM2SL7ncAXPGokeGxxpNDzI7C_aGDUNmtdhDaWFv...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497

170 B
188 B

18ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uW...

170 B
188 B

19ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 10:17:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 594B 0
43 B 291ms
246ms Image
text/plain 18.177.27.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEDqGehgHo83xbyHrQ24gfpU&google_cver=1&google_push=AXcoOmQ4UcOiYmz6cZa_MwShVpB9k2lKPaDMyN_-lS8dD6mVd4A_ofyjN6voMLfuydTLnWmsE8wsrotSPhrc-oVnrjqpIsfuzy4Sxg
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.27.67 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-27-67.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
server: awselb/2.0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 594B 0
34 B 8ms
7ms Image
text/plain 18.193.132.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAMD0xSSernMS2log6YmLWc&google_cver=1&google_push=AXcoOmTVaIeBuhvucn-eppyIzvDYrjUO2yjcC3NANkMG5hTvxGT3kKdwFaWAP8HUBNoFk6R01hn7cR11SrWuI5I5lPFyLBRaPvjsaE8
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.132.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-132-164.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 594B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4S...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 594B 43 B
145 B 9ms
8ms Image
image/gif 3.124.27.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEsM-8rEVM8b3aQ5kcP78S4&google_cver=1&google_push=AXcoOmTBkvrovWhUDBVqPfy0Wu-HR9unTI3fdssn3IEff_4-Kj06UUjfXC6sKB3CuzSPiwkrSc6sY28XGagntIlk_ir0lC3cg461bQ
Requested by: Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 594B 0
12 B 17ms
16ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFQbkk0_woZTTTZ1G4kcqjmMqLtTktrmXLUjiFTlAALFUGDxyh5c8WZv253E6XTW2JRVQl606r

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 816D 179 KB
56 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:45 GMT

GET
DATA 200
OK truncated
/ Frame 816D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc354a17172ca1ddf6ac00ee5d8a85409131ec971a0e4b6c8733087027f1d4de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5ca31272300d4f00153cbd24.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd24.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cea2e35a6f1f78612f22784ea30df602c2b355ee11c9dd29f6bf0bc7bbcf84e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options: nosniff
age: 18338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3370
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:12:07 GMT

GET
H3 200 5ca31272300d4f00153cbd63.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 17 KB
17 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd63.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43535b7d5458d1f0eeac8a113a7d2a5daf4c61db789cd3bc0df24cf473c80b70

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options: nosniff
age: 18338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17256
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:12:07 GMT

GET
H3 200 5ca31272300d4f00153cbd60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd60.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fd1a7046a6b844c6f067d83ba2831c7bace97aae1b15b87cf5e22917b7b4395

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options: nosniff
age: 18338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2469
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:12:07 GMT

GET
H3 200 5ca31272300d4f00153cbd5f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd5f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380bd839d157729a3699c4e4288d490d73f80409d4ecf0f8037ff7911a804e51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options: nosniff
age: 18338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2475
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:12:07 GMT

GET
H3 200 5ca31272300d4f00153cbd5e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd5e.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c1ade20dac38fabbfffc1588045a7aacdf8e00a9c6fb1e8b2b77c8b83b7786

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options: nosniff
age: 18338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1823
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 07:46:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:12:07 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9 47 KB
47 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17A9 15 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 169768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 11:08:17 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame B98A 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 43ms
42ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_U2_qEkB-0RMTv713JyC_11ew_5Jstbk2-NpqehrUEncWm6IdweWrWm8Qpp3TRrKqQ_Q9LPIInD9bv_BpxFl-gzs_KHblI0wwqIp-6-d11Y0K7C0ZNZ9GZObtiXxnJan_aWIZfFIaS4szJZktsp88xn_1qUGPybBAgXijdUiE2TQ30oxh05myjhHwF4gZm9sbljU-Ti2PicGgEexbfsx6hvtiz3ZJbwnMJA_d6BwgoxOH4X2KCS5M1Xv5NZBIljUZXFAbjI_C4CVpFGrfyX8xu5Fl5dL65h3zFStYdue7FfcVMkmxeCEJsERJIiIjUAQ8AKwW3OfwPJBf_2Ti1PhjQVN213QjDqGSyE_TriKUcZpDcnhmHORO-LrABMCw7Z7rAeAEAZIFBAgEGAGSBQQIBRgEoAYugAeEwM80qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKfAAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbnRyYXRlay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=z9mkfxIc-0U&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&template_id=531&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 816D
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%...

0
0

42ms
41ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963387364%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210264686848108739889%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10158936968576537821","debug_reporting":true,"destination":"https://antratek.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963387364"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10264686848108739889"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 10:17:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10158936968576537821","debug_reporting":true,"destination":"https://antratek.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963387364"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10264686848108739889"}&andc=true
access-control-allow-origin: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 17A9 27 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 10:09:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 17A9 25 KB
1 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:46 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 17A9 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3 200 13154442590092961218
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 109 KB
109 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13154442590092961218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111311
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:54:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H3 200 15523862232680885101
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 172 KB
172 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15523862232680885101

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175878
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:53:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H3 200 9855172732615812524
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 78 KB
79 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9855172732615812524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80355
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:53:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H3 200 5646848704537305550
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 144 KB
144 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/5646848704537305550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:00:28 GMT
x-content-type-options: nosniff
age: 19038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147762
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:51:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:00:28 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9 47 KB
47 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17A9 15 KB
16 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 169769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 11:08:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 10:17:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 17A9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 5646848704537305550
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 144 KB
144 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/5646848704537305550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:00:28 GMT
x-content-type-options: nosniff
age: 19038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147762
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:51:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:00:28 GMT

GET
H3 200 9855172732615812524
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 78 KB
79 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9855172732615812524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80355
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:53:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H3 200 15523862232680885101
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 172 KB
172 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15523862232680885101

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175878
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:53:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H3 200 13154442590092961218
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9 109 KB
109 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13154442590092961218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options: nosniff
age: 18803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111311
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:54:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 05:04:23 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 59ms
19ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 253111
ETag: W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE9Q9sEwXg49G69ZYGW4FiTsYj%2F6sqT5rVg6fkfp2zbUf%2FJltdb0mNKlRd8Grr2Hb27sk2hxwaaRugKpxoY0DeFLDEpcaAm2ofq6k3nCaUrIzUtcz0cxFlViohbW%2FjLofrIM%2FAdevbgnzoP%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7f6873311bc53611-FRA

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
221 B 239ms
239ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 224
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
680 B 152ms
104ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&PageUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&PageReferrer=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&CanonicalUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

ac05737d0a376a3e361ef8bc8dc1a44acfcfdc146d989283014d07bc78d41887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 88
content-length: 324
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 90ms
43ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 177ms
131ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 108ms
61ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 202ms
156ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 158ms
112ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 82ms
36ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 83ms
38ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
159 B 63ms
18ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 66ms
36ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f68733128871e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 68ms
38ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f68733128881e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 64ms
35ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f68733128891e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 60ms
30ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f687331288c1e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 60ms
31ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f687331288d1e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 62ms
33ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f687331288e1e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 59ms
31ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f687331288f1e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 65ms
37ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f68733138921e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
310 B 58ms
30ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f68733128911e56-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
501 B 203ms
162ms XHR
application/json 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 588400cc0c4cd8f38dfbdec8c009ec29dcceb922d1611fcc4ac181d7a1925132

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://sunnewsonline.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 694 B
864 B 53ms
14ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f525cf91c9aef80308c7e783f71964d7cef1b6bd5dd503c9123e653beac1dd2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
an-x-request-uuid: d5d2c1cd-afcc-4ab2-a844-e1c5bf829297
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.81; 146.70.117.81; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
429 B 49ms
14ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
last-modified: Mon, 14 Aug 2023 07:48:25 GMT
server: cloudflare
age: 0
etag: W/"066195180890d01d0abfa967058b42d0dc6beb79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 7f6873317e4a1945-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 40ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 243686
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
Server: cloudflare
ETag: W/"9d36e722f929b1726cf2a9cba00af489"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnJIIHrN40gTVyy7Sy6blFeQwdrWltsoJ83kJ8oqy2aC65wYfZjqDv2zG7p0iCFsSvjnfCCVF%2FLpIZ8XW0ErujHKa4Z3nd1m03aIX1QDYgWBNdlZnYfVp9%2F2mv866u%2F0hPYHFHDCLd3jGDC%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7f6873316a3735f0-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
sunnewsonline.com/ezossp/https/cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 18ms
17ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/ezossp/https/cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?screx=1&sxcb=1a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71cf1ec33dc40728e5cb98f96e6133e17d60c624ec30bd3765c7ac8cf54c982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1142
x-jsd-version: 5.0.2
x-ezoic-cdn: Hit ds;mm;e7364416041a996264772fb515112cbb;2-494158-1;2c6de4e9-ad2b-4c09-71cb-aa4b298545f7
x-cache: HIT, HIT
x-middleton-display: staticcontent_sol
content-encoding: br
cross-origin-resource-policy: cross-origin
x-middleton-response: 200
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
x-ez-proxy-out: true 2.4
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0-gzip"
x-origin-cache-control: public, max-age=31536000, s-maxage=31536000, immutable
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tUvKGfVSPKvQYL11Di91FMDFweMEbMTKzB%2BZDESXpFPHNA6qJaqo5Ep0MwA4wwK1KEfLynaZzcgsl33ReunaXz2DpV8Bh1zG9EifrIEqtM%2F%2B7sjwPuZ7EwwAmUwPPiGsiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f6873318fa69a05-FRA

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 11ms
10ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
404 B 45ms
16ms XHR
application/json 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: c234175c5f5b9de19b11bc87cadb32a7f9bac475313ad503d77c479cf9adf29c

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Aug 2023 10:17:46 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://sunnewsonline.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 9ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sunnewsonline.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67E4 42 B
64 B 114ms
113ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnTvfEqSn_lKjuzvlMUBzOR2eM7KdLxfSNvLGwFO4WjaXt7I1b5zNmIwgLwUHl23DrrYrzKA9rrnwqotEjKockKzqF1PPSCT6UgK0&sig=Cg0ArKJSzBeYoy9VHIMBEAE&id=lidar2&mcvt=1019&p=-76,152,174,1122&mtos=0,0,1019,1019,1019&tos=0,0,1019,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&vu=1&app=0&itpl=20&adk=1280361889&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008265396&rpt=105&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalSDK.js Show response
sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/ 9 KB
3 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=1a&ver=6.1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60a0075b20f03e1eb4d5bf21b0000203d4c0146443e53fbc3066221cd23e1087

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2362
cf-polished: origSize=9204
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
content-encoding: br
x-middleton-response: 200
cf-bgj: minify
x-ez-proxy-out: true 2.4
server: cloudflare
etag: W/"2a3bbde818bef34d53a0df862ead5d5f-gzip"
x-origin-cache-control: public, max-age=259200
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX0L%2BxSIVJY5U1t%2BvsPhuse0ouPhrAYRmM0aZuPzq7zTrP9off4RGUshByqNpEHR67wkGe78yJz1UKSqbhgsy4SkQ5vbKNeg4giokrnQBz%2Bftacemh%2FjIDpR2ykICUOI%2BvXk9GesXU8wyBITy6%2Fp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f687331e8289a05-FRA
access-control-allow-headers: OneSignal-Subscription-Id
expires: Thu, 17 Aug 2023 09:23:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 56ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 46ms
26ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=1a&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3483
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f68733238304d1f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 10:17:46 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130

Requested by

Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

365706ed65f6f70bbe6f27258bbce108ffc315e4569ce25c48bd78cf9cc9edff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50926
x-xss-protection: 0
server: cafe
etag: 8148960412261372420
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 65ms
64ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308070102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f6a8f7973c62a5ea235fb030d76a014f9334f1e465f7f17d39af8da993757e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0

POST
H2 204 rum Show response
sunnewsonline.com/cdn-cgi/ 0
160 B 23ms
23ms XHR
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sunnewsonline.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f68733238c59a05-FRA

POST
H2 204 rum Show response
sunnewsonline.com/cdn-cgi/ 0
37 B 28ms
15ms XHR
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sunnewsonline.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sunnewsonline.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f68733248e29a05-FRA

GET
H2 200 web Show response
onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/ 6 KB
2 KB 89ms
84ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c2d8106f-f338-42b7-8d59-eefc3cc29fa7
x-runtime: 0.038705
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"eb7dbc47e9da03bd9d667762848d702b"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7f687332b8b14d1f-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 14 Aug 2023 11:17:46 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F4FF 156 B
676 B 355ms
300ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=3772014631507434&description_url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22890767690%2Fsunnewsonline_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D494158%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26ft%3D0%26ic%3D1%26iid1%3D9054216318418685%26plat%3D1%26t%3D0%26tap%3Dsunnewsonline_com-outstream-video-1-9054216318418685&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2645563086&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=4E1DA656-1BDD-4423-9085-DADEDED7F40E&a3p=EhwKDWNyd2RjbnRybC5uZXQY39C0nJ8xSABSAghkEhkKCnB1YmNpZC5vcmcY2tK0nJ8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7QtJyfMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2laRGhyZFV0c2NVUlVTRk0wUVdwRGVXOXZVbnBRZHowOUluMD0Yxti0nJ8xSAASGQoKdWlkYXBpLmNvbRjf0LScnzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNvVtJyfMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44785453%2C44788275&top=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&loc=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&dlt=1692008261284&idt=810&dt=1692008266664&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&scor=3393534142546643&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:17:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 372 KB
125 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6321061981120130&plah=sunnewsonline.com&bust=31076963

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92ab417f1156e4bac9e638a184ced6c49b98aab5546a6c119e60c753287a5e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128452
x-xss-protection: 0
server: cafe
etag: 9024885359166795094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 10:17:46 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame FB9F 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:01:55 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 10:01:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame DB9B 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5118 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:04:59 GMT
expires: Tue, 13 Aug 2024 10:04:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9EB 831 B
555 B 19ms
19ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e451954323c536ecfa566e734c3574ec6bb6b697573ad73270a843e8cba4317c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mgqgmEUxVTkCHJVfOfkKrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-mgqgmEUxVTkCHJVfOfkKrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 10:17:46 GMT
expires: Mon, 14 Aug 2023 10:17:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 webPushIframe Show response
thesunnigeria.os.tc/ Frame FD78 519 B
693 B 38ms
16ms Document
text/html 2606:4700::6810:9017
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thesunnigeria.os.tc/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:9017 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9406890e304597206481a853d1d33e927dcf1abffb13b6c6a2d55f3eace6d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sunnewsonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2784
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f6873338f1b900d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 10:17:46 GMT
expires: Mon, 14 Aug 2023 11:17:46 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 1db46302-490d-413f-a3b5-1feff40e0433
x-runtime: 0.009008
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9EB 0
0 117ms
116ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308070102&jk=3164377482340889&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 5118 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame FD78 9 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: thesunnigeria.os.tc
URL: https://thesunnigeria.os.tc/webPushIframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesunnigeria.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3492
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f687333b9f14d1f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 10:17:46 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame FD78 284 KB
68 KB 27ms
26ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesunnigeria.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1990
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f687333ecaf361e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 10:17:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5118 0
12 B 9ms
8ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_5PnaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
357 B 18ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQBlpIimETpj7JOXBhMSPG%2FYG9MH1KLVIYueGybhHIXagez9TRT2AQ%2FOv8vv9wnSvQzi7qwAlWMRK3xC9zoByhk4iUUrHcxBXB8%2ByhZ6TZztl8ZZy%2B8gxVzTt3I1%2FwU58p1g5ZfItgoPr%2Fv0vM93"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873345b7e9a05-FRA
expires: Sun, 13 Aug 2023 10:17:46 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/ Frame FD78 6 KB
2 KB 72ms
71ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesunnigeria.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5cf85e81-56f8-43c9-8863-9ab51bb747bc
x-runtime: 0.037009
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"eb7dbc47e9da03bd9d667762848d702b"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7f6873345d30361e-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 14 Aug 2023 11:17:46 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
306 B 18ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCHYcvG1MwipbLki0uGe0lf0o6GLbKIw3RiBYSi1LeD61fCiPmz%2F3xrbYekjdGMwD9tLUUcpcYE%2Flhx%2BvKlpeTEnZwJyt9YQjwmkTawYjOy1RFhbqsOUvIX5FfUqnkQvpLdwp5gouAfPqfOZPXdA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f6873346b9f9a05-FRA
expires: Sun, 13 Aug 2023 10:17:47 GMT

GET
H2 200 ca-pub-6321061981120130 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 76ms
53ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6321061981120130?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6321061981120130&plah=sunnewsonline.com&bust=31076963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5941a4da3ef8ce99baf131646c3214256dd253c86a13530161830c9b23186b0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QhSzzR2bk4lVGMz8nrVUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QhSzzR2bk4lVGMz8nrVUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F4FF 0
225 B 952ms
314ms Ping
image/gif 2404:6800:4001:809::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llaq16j8&c=3558999887168&slotId=1779499943584&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:809::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 12ms
11ms XHR
text/plain 3.122.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sunnewsonline.com
date: Mon, 14 Aug 2023 10:17:47 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
404 B 23ms
23ms XHR
application/json 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 08d5a3211aa11639d5a88c665f051c70dcc8d5113f654c9f48b94244064c5a0f

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Aug 2023 10:17:47 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://sunnewsonline.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 8ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sunnewsonline.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 816D 42 B
64 B 121ms
121ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEN4A3T95Kbv8ueAeZbcWDqzGIgYiji2GvnIxjkdFAPf6BbQ2tgJkD7ttEQwM1Dkvl6t-wjKTD9r0NJMgaR0yl1qqP9XqzQfjPsO6c4UrLol1TNLjru3xYSmmcpgDolb0UH9xQIN4qUdniM3cpCLlmYjPh-tpkuxV45H9rCkE&sai=AMfl-YRthYS-Q5eq-jmHJK-Uke18ATb6l7Qm9fymG6dZG3NwRxEeu1_HBeKOtMEObCnl5YloS-osg3FYhUDWY_K_efWzUUra5J8no0Vcbg5XjW9uM_dmwHfxA6QlhiY&sig=Cg0ArKJSzAP3kazB9mEPEAE&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&id=lidar2&mcvt=1005&p=1023,381,1113,1109&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1905174598&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008265618&rpt=458&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 10:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWRnqxZZFZMwTcxjwtliNwv1itoPw9B20kFqjJpAP66gfB-0_stFlcckwbSypvJnSTWYpjiRGjJ2o6NwqYQyXLnQ89vTBiFyT4xM4CL_8oXUIP8_MKdekMsowfiy8cyg0Lh0Z8aBg== Show response
fundingchoicesmessages.google.com/f/ 270 KB
43 KB 98ms
98ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWRnqxZZFZMwTcxjwtliNwv1itoPw9B20kFqjJpAP66gfB-0_stFlcckwbSypvJnSTWYpjiRGjJ2o6NwqYQyXLnQ89vTBiFyT4xM4CL_8oXUIP8_MKdekMsowfiy8cyg0Lh0Z8aBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyMDA4MjY3LDEyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdW5uZXdzb25saW5lLmNvbS9zZWMteWV0LXRvLXJlY2VpdmUtZ3Nrcy1mb3JtYWwtc2NoZW1lLW9mLWFycmFuZ2VtZW50LyIsbnVsbCxbWzgsIkh4UkhnV055UzVRIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

688fc12a17fe599172d804d23b443f1c039ded595c854d40e9470f743e8ab5eb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--5ru277CDaFXkdliX7wS7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--5ru277CDaFXkdliX7wS7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
283 B 17ms
17ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAJJiDPnlo4vVGTKs2QdkEdLrdvdOnoqkeMcrZQJh3HCh%2B9%2FOQFwqYmL6c1MbkjXE%2BtEhneB0vudee1TAensqnRoE5IvaMTb3i8kHmN3sY7lSyaHsl0XbG6Zwfn2ZgFqINJ4KoBe9sYI1OsdFsT%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687335bd769a05-FRA
expires: Sun, 13 Aug 2023 10:17:46 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
257 B 19ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERed4R31GQN1EkgdfwinHeCe6V10glYJHpYWY9qr6TOOa91JbMSYfLuanKUiZkPZS5BAd6GSMtcO8xp3AoKE%2FICK0XstGJ4L0e8dlqUBRsBaF0ifE5xqblZwtpicjDj4UZYakiXnFcv7KC91NY%2BD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687335cd9c9a05-FRA
expires: Sun, 13 Aug 2023 10:17:47 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1137
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f687335ef2f361e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Sep 2023 10:17:47 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
265 B 18ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzh%2FIwOa4KmJmDKzRmnGKqLz7SvpFrvun5uhJsGaLTlu5Y5gGFe%2F2%2B3%2BIiNh%2BEusHwW2wezsp9YHQ2W8%2BgfJloTl5igqpKcn7wSI2l6N8QVm0URsg4EA6elF3J8unM7aWwixHQKvfz%2FrP6zH9CzN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f687335edc39a05-FRA
expires: Sun, 13 Aug 2023 10:17:47 GMT

GET
H3 200 css
fonts.googleapis.com/ 69 KB
4 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d61260c6c74dd9bed84e1dbc7e04e98c91fad783ece1cdce4e07de3970df6866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 10:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 10:17:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 10:17:47 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:27:00 GMT
x-content-type-options: nosniff
age: 132647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:27:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 389371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 268951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 07:35:16 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sunnewsonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 209564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

POST
H3 204 AGSKWxUuYJ1mdn2LvMCeQAXXHCgD8OmrQ_5N7b22MDUlum8Q6DJDCaj8-JcO6qJx67t_jgP1kX8Y8UtHof4SeDpZyslKopEBuiA5CsT5eyXqQgN0ed79cRmQBd-H6cSimgNcW4zpqR5P0Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
25ms XHR
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUuYJ1mdn2LvMCeQAXXHCgD8OmrQ_5N7b22MDUlum8Q6DJDCaj8-JcO6qJx67t_jgP1kX8Y8UtHof4SeDpZyslKopEBuiA5CsT5eyXqQgN0ed79cRmQBd-H6cSimgNcW4zpqR5P0Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FrgmdspJ-CtTnyhOm0sXlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sunnewsonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FrgmdspJ-CtTnyhOm0sXlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sunnewsonline.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
112ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308070102&jk=3164377482340889&bg=!AwClAFTNAAaiGN5Pghg7ADkAdvg8Wg875AKB2xx6-yHGTJiWQPEWXfTdpyk2NWDAw4zucmifrGORW2Q_Mb6KhvRnzjnCe8X7l44CAAAAf1IAAAAKaAEHCgALAXwez69HK-sMTXWZAryBOdHhKoZkChqR3ty_aXOh6y8CA0AU3F25VC7rFDJu73Ay74R68379ZLIQ1EKIIa69b5dTCwydgQPIkdgVI94VqCnSCZ4l5zhHR6Qnh0-MkbS9JaDw0iYMWQNYyvkNWudnhOZTtFKubmTiMm0TTVFajT7VdI41-rhZCsWK_YsD4UQOuT5ZF8xEBOaTFfLfvERW5IAfeAa6FjgmArI4UA6McPPtbkj0IGAbXN0PSY-TSSm6ggvlUt8llBBDrmP1QELybnb1svk5bm_5egtndNcXWeRtnhBmnAKy_NTcCSI3RZ8Q8lzdMbRd03WarZrmwPhxeaZNcOBasdjfo2qsc-MgnLJxWlKeq6pWinqkqdBZlwilgjU_nTmDWd1t0pO17aK2EvyuUVdUiEXr33rZfNMm2nbQgwPAguXEXFwqoI7hoN1dnOtmWPL49K-L9c9oeDlo5wcbBzgtfEUAyQpY30CuguvjLMrN623-mTYceweff-n7UDKmVCCyMOOkcvvskgI-NQqfz5hfkakzayPt9iWgyi1zj7J-8ocZ07Y2iY0JxwhAnjhPWdt75q5UuTZKFhQ53EaQiK7FGv6UDjFgR-SEdOXZv5wayHoW3rFICHZwbCM9OSIvn8CtuWhbDS_P14mFLTbumMW-5vmmP1Fq-3ovhR9QBEJj9PPuVdEU4AVd1YoGn92AOrX5LdgDt2o8Ovsm9NlnDHbulUs50makwvK6PRcS8PvgLRfUqZIRjElfa7NKzm7wwITqZC0WYuSNWrjzchmrYnxjkAcRr93PzciAmM7iJrh4lS3Dgxkv0t7qOs7Pfgv-wVb1X4RzpVQ--FUCt66z3KIPNrRtw8YQ_vl26gaCifsVHfXWD_Cu7A3YuX42jUK4mYhJhzR6lLv5VD7tGOYEEeiWIk_VpudF8D9Be-actga5mEPNYhmh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 40ms
40ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=6&ws=1600x1200&v=23.725.1446&t=15000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A350%2C%22id%22%3A%22Outstream2%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: CNZ1VW9W2DYZK9C5A81V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sunnewsonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DFeIMLaHewFT4OkeqU8MY9A_RHlYETQVqgR-E3dzikDt_E-zuOCIAA==

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
308 B 19ms
18ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjM0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0Mzk5MTU3NTgzNDE2NDYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjM0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjA1MTQyNzAyNDAzMjA5IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6Ii00MTI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI1NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHWjsvnEWHR5vDjyC1r6QDM%2BqAY%2Fx4KIjpJ5YLUEj3Rn3AIOFiNFfEpEH2cU5prRXeozqwHIVQdLB64F3bmI3ZaJr%2FkiLa3TdS6nuXN66ePcVLZKw5c7BFC4sAw7Lo3U90XGQPnetTwz0n%2FAYLHi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68733cee7b9a05-FRA
expires: Sun, 13 Aug 2023 10:17:48 GMT

POST
H2 204 army.gif
sunnewsonline.com/porpoiseant/ 0
264 B 19ms
19ms Ping
text/plain 2606:4700:20::ac43:4826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMDM1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOTEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 10:17:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpWoFgYAd032iMLmRyHOEOv%2BXdvSOp8j6S4BGCTggkAjcx5q0WzOx36rRsGWEY2cBL1SBQ8OFjmbfqEreDABS%2F5rMiP%2F%2B3eYlzhNjdio6a6PcmPG%2FGqC0MOtpOiZocrYJM3seeZjJN%2B7aLDaAHDW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://sunnewsonline.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7f68733cee7d9a05-FRA
expires: Sun, 13 Aug 2023 10:17:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0

Verdicts & Comments Add Verdict or Comment

509 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sunnewsonline.com/	1970-01-20 23:36:08	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
sunnewsonline.com/	1970-01-20 23:36:08	Name: ezohw Value: w%3D1600%2Ch%3D1200
sunnewsonline.com/	1970-01-20 14:43:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sunnewsonline.com/	1970-01-20 23:36:08	Name: _ga_6DLE1C2CT8 Value: GS1.1.1692008261.1.0.1692008261.0.0.0
.sunnewsonline.com/	1970-01-20 23:36:08	Name: _ga Value: GA1.1.302229331.1692008262
.quantserve.com/	1970-01-20 23:30:22	Name: mc Value: 64d9ff45-b72a9-c61f9-ad369
.sunnewsonline.com/	1970-01-20 23:24:37	Name: __qca Value: P0-1444484022-1692008261674
.criteo.com/	1970-01-20 23:21:44	Name: uid Value: 95561a1b-4275-4fff-a14f-7c84354401c7
.openx.net/	1970-01-20 22:45:44	Name: i Value: 77c92e2a-5a83-4c74-b802-30b2a284733f\|1692008262
sunnewsonline.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 16
.sunnewsonline.com/	1970-01-20 23:21:44	Name: cto_bundle Value: xPRCoV9JSDhOVVIwa3VjJTJGc0t3T2RVaEJMWXVOYmxCSFRMZiUyRnNrRHY1dCUyRnRuYUs5d0VBTW83bDBVTWF1U2VwMm4xOTJPMFlWclIwRXZGUVpyTE9taGZGNzE1Vm9RUGg0OHZ6WWF2T2VNbVFHQlAzMUhLdlk5eUZCdUx5cUdCck1uJTJCVEFqa0tvVU03Z1NLTGxMTjlnJTJCJTJGTDNlY1lteVVLU2NTbHY0JTJGZkMlMkJ4ODZCcjVVJTNE
.doubleclick.net/	1970-01-20 14:00:11	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:21:44	Name: IDE Value: AHWqTUmfEZNqGwGkzX7fs7OJ4mm9piyZrBj-XGRp1ozMl5Rcu7IrpyKEmsNofiHrXjw
.doubleclick.net/	1970-01-20 14:00:09	Name: test_cookie Value: CheckForPermission
.sunnewsonline.com/	1970-01-20 23:21:44	Name: __gads Value: ID=415f40155e016708:T=1692008262:RT=1692008262:S=ALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA
.sunnewsonline.com/	1970-01-20 23:21:44	Name: __gpi Value: UID=00000c86ad6b76c4:T=1692008262:RT=1692008262:S=ALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA
.googleadservices.com/	1970-01-20 16:09:44	Name: ar_debug Value: 1
.media.net/	1970-01-20 22:45:44	Name: visitor-id Value: 3350098659108935000V10
.media.net/	1970-01-20 14:20:17	Name: data-g Value: CAESEGfwQ0l4_BYkXerL6nvLLO4~~3
sunnewsonline.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 40
sunnewsonline.com/	1969-12-31 23:59:59	Name: ezouspva Value: 7
.zemanta.com/	1970-01-20 22:45:44	Name: zuid Value: Ik758XqK5pcbnnl0O5DY
.acuityplatform.com/	1970-01-20 22:45:44	Name: auid Value: 813683914497
.acuityplatform.com/	1970-01-20 22:45:44	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRHxxU0e8mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR8cVNHvI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTnZaZW5YQ044YjdlYnZsdmVBTDhiUfv7hnZlcnNpb27C+w=="
.casalemedia.com/	1970-01-20 22:45:44	Name: CMID Value: ZNn-Sf.PNkGG5BcLklItzQAA
.casalemedia.com/	1970-01-20 16:09:44	Name: CMPS Value: 2235
.casalemedia.com/	1970-01-20 16:09:44	Name: CMPRO Value: 2235
.script.ac/	1970-01-20 14:00:10	Name: __cf_bm Value: lotRGc8.OPPzgG7Z4KonHjWgevJwrqZbmbmuo_aCci8-1692008266-0-AaZiio9yjMWEGzC8+GjyIUeP93a6GuNrYwZz2k30n3h1ix/aMysPe3uw8B8x6tejV1i97blo403K3lY9nxt8ntA=
sunnewsonline.com/	1970-01-20 22:45:44	Name: ezux_lpl_494158 Value: 1692008266583\|50ad158f-9397-42d6-6322-c1458cac3fbf\|false
.onesignal.com/	1970-01-20 14:00:10	Name: __cf_bm Value: HyJmzOD2vAKtGT1iJb36bWL_thB7sdwauC127aj9wWA-1692008266-0-AfOa1dwgZcHd7aDehElNUG/0HbQJ11u+XAxmpGy/iHkE2S9A/3IFtPRgynClzN7tukc4WxJ5Xj1QwXRzTiE0zZI=
.prebid.a-mo.net/	1970-01-20 22:45:44	Name: __amc Value: 1_1692008266_1692008266

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sunnewsonline.com/images/footer-bg.png?ezimgfmt=ng%3Awebp%2Fngcb1 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4' from origin 'https://sunnewsonline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4 Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://ow.pubmatic.com/cookie_sync/?sec=1 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8742889927508434617/728x90/index.html".
deprecation	warning	URL: https://script.4dex.io/localstore.js Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Security-Policy	default-src 'self'; script-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bshr.ezodn.com
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezodn.com
g.ezoic.net
get.s-onetag.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
lexicon.33across.com
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-geo.s-onetag.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rules.quantcount.com
s0.2mdn.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
sunnewsonline.com
t.pubmatic.com
tags.crwdcntrl.net
thesunnigeria.os.tc
tpc.googlesyndication.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
c.amazon-adsystem.com
lexicon.33across.com
104.22.69.131
108.128.108.17
143.204.215.41
147.75.84.158
154.59.122.79
162.19.138.116
172.217.23.98
178.250.1.11
178.250.7.9
18.177.27.67
18.193.132.164
18.66.112.41
184.30.24.22
185.255.84.151
185.64.189.226
185.64.190.84
185.80.39.216
185.89.210.101
2001:4860:4802:34::36
216.52.2.16
216.58.206.34
23.35.236.201
2404:6800:4001:809::2003
2600:9000:223c:9400:6:44e3:f8c0:93a1
2600:9000:2250:1200:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::681a:8a9
2606:4700:20::ac43:4826
2606:4700::6810:3965
2606:4700::6810:5614
2606:4700::6810:9017
2606:4700::6811:180e
2606:4700::6812:1791
2606:4700::6812:d73b
2606:4700:e2::ac40:880f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a02:2638:3::1a
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a05:d014:776:a63e:931e:6ac2:944b:f27e
3.122.125.22
3.124.27.97
3.75.62.37
34.102.146.192
34.120.135.53
35.244.159.8
51.89.9.252
52.222.208.154
52.222.214.123
52.222.253.136
65.9.66.97
70.42.32.191
03dc8844bc7e372b67d32f1475a1aa0fe6a3c875d441062059bc2190cfe9eca2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cf2bb6e5e539d54cdc7615429461cff1dd5f88c7de81f9916f3e267a3e7a10
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d5a3211aa11639d5a88c665f051c70dcc8d5113f654c9f48b94244064c5a0f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875
17c1ade20dac38fabbfffc1588045a7aacdf8e00a9c6fb1e8b2b77c8b83b7786
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
190c3fdc18618a4473729faa65a7dfd810fef1d70ce2c3fe71cb1ed843cf08cb
1ad352a0e77efa7a61e986d8962eb4e52566a40da7625fb409c0106ffdb9fdd4
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1f6a8f7973c62a5ea235fb030d76a014f9334f1e465f7f17d39af8da993757e9
2414986b6b154e01e64fe182c526c10991d4fc4996b2b68a82837e3d51369074
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
286eb2dfdf1c0eb9501552e21ee1634e9513501bb80328ad67d9ce007e9f3211
28b03de5c4bf4cd77ea0dd9ac54c8afae5c82c587bfee473ea70ce4e490693b0
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e18f8ba641c416c6a0e85afbc654421975853ba9c705d4e886e2d06d6d461cf
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
30ccd95dc6d8b22d1fb3a57aa9774c2274cb41d7a07c4bf26ca647f6af8c76dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333e6370faaa522f8ed12b6f9a2a2e545e21a6163e086700e28720783001b147
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365706ed65f6f70bbe6f27258bbce108ffc315e4569ce25c48bd78cf9cc9edff
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
380bd839d157729a3699c4e4288d490d73f80409d4ecf0f8037ff7911a804e51
39dfdbba517c9c1a316c71c09f05a3440923ceaf1fd9d8be5a639990258e4f6d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
43535b7d5458d1f0eeac8a113a7d2a5daf4c61db789cd3bc0df24cf473c80b70
4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609
45d6025a13063830ce34d94c1866ddcceaa1551b9ea34a0ccecb80f01a165b73
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
47471f57023b9b1c6a0594c18276bd6734732ef55163adde406ed4771c52d7f7
480d259dd24e8e20033ac2c5030ad6496e9edfa56c8d8545ef9f377513919e1a
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39
4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5511af087f41165d36f925af79689b5a091d3a8f0a61b0fbef1088409c41c669
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588400cc0c4cd8f38dfbdec8c009ec29dcceb922d1611fcc4ac181d7a1925132
5a5b9c85cde1df497209909e666e29159ec43ee0197727ecb4a5a0cf6c1a7625
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d18e690bc26692aa1bd8f4a4ca82c2618864dbe04f52685c6ab5a379b3021eb
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60a0075b20f03e1eb4d5bf21b0000203d4c0146443e53fbc3066221cd23e1087
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
688fc12a17fe599172d804d23b443f1c039ded595c854d40e9470f743e8ab5eb
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6bf3cefb40d063a294cb2ab53d0484e1baa70713c0de168812eca71817a86090
6dc4e7c8df4ac36eba96ff23bb896db37ba80428f8b4ebabff24dee25bec409f
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933
716aae8840c3f69c5b8b19d6e95258776cb5e847e9e890378d31cd92ee2c9ce8
718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
7a292ae9407e29e3971e2bda864a9d5d57ebcd001526e66fc51f7f74150d79f8
7aaba30f4e01b26d401ec15b0434295e8d9704363067aeae067cecec1070d2e3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cc95ac2a5f05d0dc555fece0ff68b373fdabafdef7c37b3dbe7ec24d795309f
7cea2e35a6f1f78612f22784ea30df602c2b355ee11c9dd29f6bf0bc7bbcf84e
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81d987b56fbf0398e43894d6e7e13a56c6b5bf6eb5f511377d2cec956469fadf
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84c8704dad51378ce4b078bd9c06cedeab80b893b5c87544d9cc083dc63afa02
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b15fd492c04d389e35990f791fd8a000c945bbe4afffb1a66760d7e3d67a97e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731
92ab417f1156e4bac9e638a184ced6c49b98aab5546a6c119e60c753287a5e13
954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e
996f6cb7c72eb4dcd0e008a3f3c7c21f637a168b0fe7d14a11900f088e0f8e55
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6409310bbfa39d9ba2badd9067f468c7ebb1d2fd7ad9b5b89e06d9bb0cc7ec
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9dc07161decfae4c07e5e99d3633bc19dff5757aaa09610cca838aa657806d0b
9e413ba64dd1ffdef501fce63182552cec4740604ab9bb697303204a79a2902f
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
9fd1a7046a6b844c6f067d83ba2831c7bace97aae1b15b87cf5e22917b7b4395
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48e554188fedb527c79e1e45ce03da4e601fff86be63121de9a2ac8291911e1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b424dd043d9e2e1f5898f7792e3f2010d5b88611db52b1f3d3c5f36ea6f53b
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71cf1ec33dc40728e5cb98f96e6133e17d60c624ec30bd3765c7ac8cf54c982
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a92be692159a60cd21ae2433e35968793165ac283b9f2e1ab11dcdb60cb9c7f1
a972229674fe664fba6d60a4c98ed0bcdab34e1ced9197192f6ffe9cb1798268
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
ac05737d0a376a3e361ef8bc8dc1a44acfcfdc146d989283014d07bc78d41887
ac92f2ab44e0a91a3d177c0c3f010dd98c6763aed54206817979ee9e5888e6e8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b0d9f3812f7d2be3cf7ce8bfbeb9f8ea0e227c94ed0c810e8d81b5f6e64aedb2
b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4
b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b
b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc
b762fda73b9cb3a384563cc8ff52e2a4772a287115f1370c2ae705bbc36f796d
b785d3dba9e3f3958deaee29992c96dfd7d9ff6c5f737d3a30de235eec2a8939
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be519b2e13062fcf1b7c92a15a567ad785170aa56e2ac4179a04838f88afd755
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c234175c5f5b9de19b11bc87cadb32a7f9bac475313ad503d77c479cf9adf29c
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e
c5941a4da3ef8ce99baf131646c3214256dd253c86a13530161830c9b23186b0
c78e52d7a37321d07e88999606700ba950c832ec400bab7b1237b1072ebc46d4
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15ebe4f5e37b6fd6776826b284ef40c338f0fe14c2eee158b1a18aeb0f1cabe
d3c5b84d90cee4b14b226a7e9c4dd96156905b9458db28da5446eccd1702a5ae
d61260c6c74dd9bed84e1dbc7e04e98c91fad783ece1cdce4e07de3970df6866
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d85713a70972104caf26f5743a07ce1f9dea914bad34651f8ef1c4c78d37eb5b
d8a4c09c4cab076cb115cccbcd249135aa49db05f1866c21117124bc85cec1ba
d9406890e304597206481a853d1d33e927dcf1abffb13b6c6a2d55f3eace6d21
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc354a17172ca1ddf6ac00ee5d8a85409131ec971a0e4b6c8733087027f1d4de
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df9f434e59e9780ddb17b762f31662be256993c082c2b2a4d91fdd2e870ca321
e009ede96c0b8ed18aab7dc087a358d47e82fdfc126c3fed4006db8777156615
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477
e451954323c536ecfa566e734c3574ec6bb6b697573ad73270a843e8cba4317c
e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978
ea7459817efa8ba207433194fab99117f6400168658d8f37cb8143312f2cfd3c
eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405
ee07267c1822a8cc487be07e4a98e9fc72df31487aacd84b75abdde61e982a73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f525cf91c9aef80308c7e783f71964d7cef1b6bd5dd503c9123e653beac1dd2b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c92389936769c27c75378cc38a80b1d4063542d532ad84ebed7995f73220c3
f6586268f23462317fde292bc9eea870a562b7a52c314a25fb420921b2dbaecf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f089ff18270a2a9149fecfab2a8f182b1c6040ac452353af115688a0571553
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688
fe481c978a3e75baea51aaeb543cf9413b46da6ad04c2b724f6ca6874ff3ec38
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745

sunnewsonline.com Open in urlscan Pro 2606:4700:20::ac43:4826 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

400 Requests

97 %HTTPS

55 %IPv6

49 Domains

78 Subdomains

70 IPs

10 Countries

6145 kBTransfer

14347 kBSize

31 Cookies

13 Outgoing links

Redirected requests

400 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sunnewsonline.com Open in urlscan Pro
2606:4700:20::ac43:4826 Public Scan

Screenshot
Live screenshot

Full Image

400
Requests

97 %
HTTPS

55 %
IPv6

49
Domains

78
Subdomains

70
IPs

10
Countries

6145 kB
Transfer

14347 kB
Size

31
Cookies

400 HTTP transactions
12 data transactions