URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Submission: On August 14 via api from ZA — Scanned from DE

Summary

This website contacted 70 IPs in 10 countries across 49 domains to perform 400 HTTP transactions. The main IP is 2606:4700:20::ac43:4826, located in United States and belongs to CLOUDFLARENET, US. The main domain is sunnewsonline.com. The Cisco Umbrella rank of the primary domain is 603838.
TLS certificate: Issued by GTS CA 1P5 on June 23rd 2023. Valid for: 3 months.
This is the only time sunnewsonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
78 2606:4700:20:... 13335 (CLOUDFLAR...)
3 23 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a05:d014:776... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.222.208.154 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.201 16625 (AKAMAI-AS)
2 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
10 2a02:2638:d::2 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... ()
1 65.9.66.97 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 185.64.190.84 62713 (AS-PUBMATIC)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.116 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
10 52.222.253.136 16509 (AMAZON-02)
1 108.128.108.17 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
63 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
2 147.75.84.158 54825 (PACKET)
2 7 51.89.9.252 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 185.64.189.226 62713 (AS-PUBMATIC)
6 216.58.206.34 15169 (GOOGLE)
1 52.222.214.123 16509 (AMAZON-02)
2 18.66.112.41 16509 (AMAZON-02)
1 143.204.215.41 16509 (AMAZON-02)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
2 2 70.42.32.191 13789 (INTERNAP-...)
2 8 172.217.23.98 15169 (GOOGLE)
1 1 184.30.24.22 16625 (AKAMAI-AS)
2 18.177.27.67 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
2 18.193.132.164 16509 (AMAZON-02)
2 3.124.27.97 16509 (AMAZON-02)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
8 2a02:2638:d::13 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 154.59.122.79 174 (COGENT-174)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
10 3.122.125.22 16509 (AMAZON-02)
9 104.22.69.131 13335 (CLOUDFLAR...)
3 216.52.2.16 30282 (AS-INAPCD...)
1 185.89.210.101 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2404:6800:400... ()
400 70
Apex Domain
Subdomains
Transfer
88 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
2 MB
78 sunnewsonline.com
sunnewsonline.com — Cisco Umbrella Rank: 603838
648 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
pubads.g.doubleclick.net — Cisco Umbrella Rank: 431
414 KB
24 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
686 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9311
csm.eu.criteo.net — Cisco Umbrella Rank: 8962
195 KB
14 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 9569
g.ezodn.com — Cisco Umbrella Rank: 11536
bshr.ezodn.com — Cisco Umbrella Rank: 10038
241 KB
12 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
btlr.sharethrough.com — Cisco Umbrella Rank: 1307
2 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 441
68 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com — Cisco Umbrella Rank: 520
364 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 116
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1649
95 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 396
219 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6690
597 B
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 812
2 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3840
onesignal.com — Cisco Umbrella Rank: 1426
153 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 150
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2553
ads.eu.criteo.com — Cisco Umbrella Rank: 8917
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15643
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10269
55 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
282 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4345
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5752
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6091
16 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 318
179 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
ow.pubmatic.com — Cisco Umbrella Rank: 2205
t.pubmatic.com — Cisco Umbrella Rank: 2845
162 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
179 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 757
1 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1497
google-bidout-d.openx.net — Cisco Umbrella Rank: 1496
713 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245
134 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1602
26 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 354
291 B
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7797
87 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 557
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
221 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 886
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 423
26 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1285
pixel.quantserve.com — Cisco Umbrella Rank: 1026
10 KB
2 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 14258
55 KB
1 os.tc
thesunnigeria.os.tc
693 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 37401
429 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 221
864 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4443
680 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1381
668 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3044
104 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 320
125 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1558
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1617
8 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069
255 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1242
633 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
87 KB
0 33across.com Failed
lexicon.33across.com Failed
400 49
Domain Requested by
78 sunnewsonline.com sunnewsonline.com
static.cloudflareinsights.com
63 tpc.googlesyndication.com sunnewsonline.com
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
securepubads.g.doubleclick.net
23 securepubads.g.doubleclick.net 3 redirects sunnewsonline.com
securepubads.g.doubleclick.net
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
20 fonts.gstatic.com fonts.googleapis.com
19 pagead2.googlesyndication.com imasdk.googleapis.com
tpc.googlesyndication.com
www.googletagservices.com
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
sunnewsonline.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
11 go.ezodn.com sunnewsonline.com
10 btlr.sharethrough.com go.ezodn.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 aax.amazon-adsystem.com c.amazon-adsystem.com
sunnewsonline.com
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
10 fonts.googleapis.com client
securepubads.g.doubleclick.net
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
sunnewsonline.com
tpc.googlesyndication.com
9 prebid.smilewanted.com go.ezodn.com
8 imageproxy.eu.criteo.net ads.eu.criteo.com
8 cm.g.doubleclick.net 2 redirects 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
7 onetag-sys.com 2 redirects ads.pubmatic.com
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
go.ezodn.com
6 www.googleadservices.com sunnewsonline.com
6 www.google.com 3 redirects 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
sunnewsonline.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
sunnewsonline.com
pagead2.googlesyndication.com
6 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.googletagservices.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
sunnewsonline.com
4 s0.2mdn.net imasdk.googleapis.com
tpc.googlesyndication.com
4 cdn.jsdelivr.net sunnewsonline.com
ads.pubmatic.com
securepubads.g.doubleclick.net
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 onesignal.com cdn.onesignal.com
3 cdn.onesignal.com sunnewsonline.com
thesunnigeria.os.tc
cdn.onesignal.com
3 ap.lijit.com go.ezodn.com
3 www.gstatic.com sunnewsonline.com
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
3 cdnjs.cloudflare.com client
cdnjs.cloudflare.com
ads.eu.criteo.com
2 script.4dex.io go.ezodn.com
sunnewsonline.com
2 ssum-sec.casalemedia.com 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 x.bidswitch.net 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2 match.sharethrough.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2 cc.adingo.jp 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
2 b1sync.zemanta.com 2 redirects
2 onetag-geo.s-onetag.com sunnewsonline.com
2 prebid.a-mo.net ads.pubmatic.com
go.ezodn.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects sunnewsonline.com
2 ow.pubmatic.com ads.pubmatic.com
2 bshr.ezodn.com sunnewsonline.com
2 imasdk.googleapis.com sunnewsonline.com
imasdk.googleapis.com
2 c.amazon-adsystem.com sunnewsonline.com
c.amazon-adsystem.com
2 g.ezoic.net sunnewsonline.com
1 csi.gstatic.com imasdk.googleapis.com
1 thesunnigeria.os.tc cdn.onesignal.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 adservice.google.com imasdk.googleapis.com
1 cadmus.script.ac script.4dex.io
1 ib.adnxs.com go.ezodn.com
1 hb-api.omnitagjs.com go.ezodn.com
1 ums.acuityplatform.com 1 redirects
1 dclk-match.dotomi.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1 ups.analytics.yahoo.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 ads.eu.criteo.com 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 get.s-onetag.com sunnewsonline.com
1 t.pubmatic.com ads.pubmatic.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com sunnewsonline.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 pixel.quantserve.com sunnewsonline.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com sunnewsonline.com
1 ads.pubmatic.com sunnewsonline.com
1 static.cloudflareinsights.com sunnewsonline.com
1 g.ezodn.com sunnewsonline.com
1 www.googletagmanager.com sunnewsonline.com
0 lexicon.33across.com Failed ads.pubmatic.com
400 78
Subject Issuer Validity Valid
sunnewsonline.com
GTS CA 1P5
2023-06-23 -
2023-09-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
ezodn.com
E1
2023-07-02 -
2023-09-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
ezoic.net
R3
2023-07-19 -
2023-10-17
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
quantserve.com
R3
2023-06-13 -
2023-09-11
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-07-27 -
2023-10-25
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-08-10 -
2023-11-08
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.a-mo.net
R3
2023-08-07 -
2023-11-05
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01
2023-02-23 -
2024-01-02
10 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-21
3 months crt.sh
*.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M01
2023-02-13 -
2023-11-11
9 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-29
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-08 -
2023-11-08
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
script.ac
E1
2023-07-05 -
2023-10-03
3 months crt.sh

This page contains 30 frames:

Primary Page: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Frame ID: 2ECAF78B20DA5DDA9E237565C722F5D4
Requests: 209 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: F4FFCF3884E2755A1DF241ABB1E527A4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C1FAC2D133EFB77A3B522773FC51E5F
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22A8C00CE7BEECE219E0085E3B72E686
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sunnewsonline.com&us_privacy=1---
Frame ID: 55341921173BA8B9DBB985E499702538
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 0FCD3EA1711A6C4E4427013B5EC4EAA8
Requests: 16 HTTP requests in this frame

Frame: https://go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/234x60.png
Frame ID: C94E736403B498199FF0A48B2F3F3ABB
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44C5DD3BB729AA4A7804E248707CBC37
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: CA1608390468D68AF607499CA839DA8E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1692008262405
Frame ID: B969F90E224C9086643EADC930399976
Requests: 1 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A8D4744EF72D2AD6D8D6979903630D7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Frame ID: D9C1EC11269CEAFC1A91D88F94E1C63E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A98467E90CA94987D92BA8EC0DF2719
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Frame ID: FB40C64D278DBED051B78F071AEDD7C2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 783A388674FB32222E835E3AAD79632D
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DF6180899C44FA522C506016223F3727
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 823B33C1BDCE1B1743C65C254F196D7F
Requests: 15 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67E44BD6EF6ED49737FF861192B7DE32
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Frame ID: DB9B4635DF0ED7C7A144F18D5F446550
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D643CD552CD430703BA44E3BC0884A0
Requests: 9 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 816D89EC686EEEB26633813D7F6DE7C5
Requests: 8 HTTP requests in this frame

Frame: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31F56E5299AA09C3FAE6C13AB3E31DD3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Frame ID: 17A9DA972340A457629B56D29BF5046E
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F29DB87C9C43E5AF7E03A1D2099EEB63
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 594B199B2654658299CF21DF175D266B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: B98A8B7FE129C903E9C2C3ACAE993F24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: FB9FDB82BECD629D6298688E12092613
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 511808E9CA896C4149C0DA587A9F0E66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9EB4E09EB7B5FB86668A7B8D2710B02
Requests: 2 HTTP requests in this frame

Frame: https://thesunnigeria.os.tc/webPushIframe
Frame ID: FD7849E21384E32F14FD81BF76C524C3
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

SEC yet to receive GSK’s formal scheme of arrangement – The Sun Nigeria

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

400
Requests

97 %
HTTPS

55 %
IPv6

49
Domains

78
Subdomains

70
IPs

10
Countries

6145 kB
Transfer

14347 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
Request Chain 104
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=sunnewsonline.com&sn=ChromeSyncframe&so=0&topUrl=sunnewsonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2
Request Chain 142
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 150
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 152
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 166
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0CNhBDYh5SexBU3RML-nkBDNZ_xyun-hR7XZBZSR5MWZ2J-QehB67QvOWHhWeNj5OWdG-UafnXoiKJuUbT-MPiwb1hDZmbK8ifd-_0sZD8T_G7CkwZdPX3NYfKpMW77eLLFoMvgkJQDKr4QGhzJQCxtUX0gI0X5xqMKu7zG0IQlLr5oRHYWKK3qDmy2GAcjPt62umfSuxJihI8_FohKIh2XOWs7Ffht5JNnba0mVbcCSIdZkiZ2hli4lk8nApHPjVC8RsA8N3f07qIgmenJI2eX1Sn6SoQUOpT6aSVR7amAOXlNMtb1_fVxvEySVBvhMcNXz4cbqyWUMv4yLxZTS7RpB7KlqMcf5bdiKnVJmWoFDktMAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6OkJ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=sKoXcd4QY9I&uach_m=[UACH]&ase=2&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228630331868034220673%22}&andc=true
Request Chain 179
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYYoZ7REI_auNeactb9pIqfJOSMxm5JVQF2An9lb6ku-TllcS5UgTy4Emz7kWMOourZOxRjhqkPsee9wXxWNLE1-Zzpobcz6g_MY8_kTBA-I1rjdGauhhpx5bGxLmK1W4HuvJPSUbIfTTvSa88MSb8IcAPmAD0Ffd-cKX-6SYe1mETHZhj8lmzeoHgHXUkEnKkhb3HwAeoWQyWjVWrS-XK5t_5s66s5VSdQCfxZmV-lTtoyryP2ezCLlohhMVxL-JY9hQTZ-5sLnfnpdOaVMe5Z-G3UCfaaW2EK40rKL4-VQ6x7OQGIRc6apzNYiGHn8RfcfqDdwYyamjv0sKnJ2D-6ZuXk4tyV53lWiLM4UndXRV2aOHa1JOT53MAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8AC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=iGmDqDBh9YY&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22332521374725464433%22}&andc=true
Request Chain 235
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_cver=1&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=
Request Chain 236
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGfwQ0l4_BYkXerL6nvLLO4&google_cver=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=
Request Chain 240
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ34DUrVhWrlBdMO3gvC8qzXOD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ34DUrVhWrlBdMO3gvC8qzXOD HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 300
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvZenXCN8b7ebvlveAL8bQ&google_cver=1&google_push=AXcoOmTys9i7UbxR5CdVrV5qqELfKWmZWC4wxEStWkgoEhI227QoG6aDtZM2SL7ncAXPGokeGxxpNDzI7C_aGDUNmtdhDaWFvWmi4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497
Request Chain 301
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_cver=1&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ
Request Chain 304
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 318
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_U2_qEkB-0RMTv713JyC_11ew_5Jstbk2-NpqehrUEncWm6IdweWrWm8Qpp3TRrKqQ_Q9LPIInD9bv_BpxFl-gzs_KHblI0wwqIp-6-d11Y0K7C0ZNZ9GZObtiXxnJan_aWIZfFIaS4szJZktsp88xn_1qUGPybBAgXijdUiE2TQ30oxh05myjhHwF4gZm9sbljU-Ti2PicGgEexbfsx6hvtiz3ZJbwnMJA_d6BwgoxOH4X2KCS5M1Xv5NZBIljUZXFAbjI_C4CVpFGrfyX8xu5Fl5dL65h3zFStYdue7FfcVMkmxeCEJsERJIiIjUAQ8AKwW3OfwPJBf_2Ti1PhjQVN213QjDqGSyE_TriKUcZpDcnhmHORO-LrABMCw7Z7rAeAEAZIFBAgEGAGSBQQIBRgEoAYugAeEwM80qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKfAAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbnRyYXRlay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=z9mkfxIc-0U&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&template_id=531&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963387364%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210264686848108739889%22}&andc=true

400 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
288 KB
77 KB
Document
General
Full URL
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d6025a13063830ce34d94c1866ddcceaa1551b9ea34a0ccecb80f01a165b73
Security Headers
Name Value
X-Content-Security-Policy default-src 'self'; script-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2809
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
HIT
cf-ray
7f687310e9129a05-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:41 GMT
display
pub_site_sol
expires
Sun, 13 Aug 2023 09:30:52 GMT
last-modified
Mon, 14 Aug 2023 09:30:52 GMT
link
<https://sunnewsonline.com/wp-json/>; rel="https://api.w.org/", <https://sunnewsonline.com/wp-json/wp/v2/posts/1144606>; rel="alternate"; type="application/json", <https://sunnewsonline.com/?p=1144606>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiBv%2BQ8xSghBP5ZLI7RKG3oC8jtyUqlGTB667vhyLvZY33LQcd%2BxRsmZPC9EZYhFLnwvSW836lyiJDAUKddHkjz2gg%2B6QVx7%2BFWs6gHNqJgpYMcY0pK9pKFom%2BKBhskQmmSMZwMA6LVKPzG6Q9qe"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-security-policy
default-src 'self'; script-src 'self';
x-content-type-options
nosniff
x-ez-minify-html
5.71% 294209 / 312035
x-ez-proxy-out
true 2.4
x-ezoic-cdn
Miss
x-frame-options
SAMEORIGIN
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
pub_site
x-xss-protection
1; mode=block
sec.png
sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/05/
18 KB
18 KB
Image
General
Full URL
https://sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/05/sec.png?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c8704dad51378ce4b078bd9c06cedeab80b893b5c87544d9cc083dc63afa02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-ezoic-cdn
Miss
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 15 May 2023 01:17:00 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
etag
W/"0320ddab8243f3d0e531ddcc34c3c704-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQvISmp%2BSCCwQszGxos1TKXfAcm36HXXdFst%2BSNFvQkeynhoSnmQnasHVz0xBrTgLmqyAF7VuHxpGmXdRyASR4lCA24BJQuHuwEo4FmHRIrNUmauxzlE8R5Qdh8ypLbQdG3jgbYPVXoY2gvkzYCh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
cf-ray
7f68731119459a05-FRA
x-amz-cf-id
-7INydAoe2zBtxJhAQEhkLu3fq1fbdG0RzrygupRTyH3JnzhPwq6GA==
calgary.js
sunnewsonline.com/edmontonalberta/
3 KB
2 KB
Script
General
Full URL
https://sunnewsonline.com/edmontonalberta/calgary.js?cb=16
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a972229674fe664fba6d60a4c98ed0bcdab34e1ced9197192f6ffe9cb1798268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:19:20 GMT
server
cloudflare
age
3501
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzIkEU2GwnYxIehPyZiHbtm2YuWV3cC5KD2qCP9REQfqqaQxsStqxzteygt3bgbl1slkCPIFQ99p3nX12SxuNN5kR7BlW5Ns0tssFovs0vn0sM0TIzhoPFGoY84aDCYQXYhAu0Djqx4f975IijP8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f687311194b9a05-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
84 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe481c978a3e75baea51aaeb543cf9413b46da6ad04c2b724f6ca6874ff3ec38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28457
x-xss-protection
0
server
cafe
etag
308 / 19583 / 31076936 / config-hash: 9566803040182507923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:41 GMT
dall.js
go.ezodn.com/hb/
657 KB
197 KB
Script
General
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-0-60
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:32:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1089897
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFJuZLj5hu0iID%2FziMglB1r3dvO0dqtThrJCCwOV0Q9IKeLuoaodOe%2FQ78jHKufvEf83QjJ7AO9%2BJuqjtKTm5KS260aQUW99j8R8QAjqBHA4g3D%2BTAAR2mkEQ4HRKZfSJ%2FMeXr5SMo3N2Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7f687311495c691f-FRA
alt-svc
h3=":443"; ma=86400
fads.js
sunnewsonline.com/porpoiseant/
11 KB
3 KB
Script
General
Full URL
https://sunnewsonline.com/porpoiseant/fads.js?gcb=195-0&cb=23
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85713a70972104caf26f5743a07ce1f9dea914bad34651f8ef1c4c78d37eb5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680
cf-polished
origSize=11643
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 10:06:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfbDFtpplWktYyJqffqAuqkM0QgDFUmiNHerpgrwv3q2YO6EB1d0zcMLy7Sgk8Jp%2F0qW0l8wKYX%2BCr0gzCq0exca3OO1dd132bQMPepGXKiiwEIbpiQpJ%2FG2xAmQKcnNXdSOLEk5mXh3BTNgGrJa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f68731119499a05-FRA
js
www.googletagmanager.com/gtag/
260 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6DLE1C2CT8
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be519b2e13062fcf1b7c92a15a567ad785170aa56e2ac4179a04838f88afd755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88878
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 14 Aug 2023 10:17:41 GMT
classic-themes.min.css
sunnewsonline.com/wp-includes/css/
0
488 B
Stylesheet
General
Full URL
https://sunnewsonline.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=15
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1880
x-ezoic-cdn
Hit ds;mm;09087e13a2531efe68e53b2e71a38aa5;2-494158-1;e7d4bb14-89dc-43aa-51e9-fe47de905788
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Fri, 03 Mar 2023 13:44:37 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
etag
"6401f9c5-d9"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIIB5jWQXETOuQ3H1BDERq8DMO79otHnCQviAtMqYjRE2wk9UXEHt0%2FjqgtB4Ty%2BBBZ2v%2BN8itJ67oSSwtNVj7PqParYrW2Z3QEfRr2eEAwOsglmAIRXAfSEMB%2BSOAJIW95ZTTmnKpvxrsPxcCNV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
7f68731119489a05-FRA
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=6.1.1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9518476
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3TV7FMpIOcklDC%2FDa%2FqRqkQM8QKTt5O1xdXqMX%2FBV%2FBkkpsK5lWeK9eHLe7ybqjKqdcyugBqP8YlEo6WIW2aeb26XpcVIHhwRi0XlhVm5FInxepixQK4HeroAgMpEFr%2BChCgt8b6iimdHmH3cY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7f6873113ca318c7-FRA
banger.js
sunnewsonline.com/porpoiseant/
58 KB
16 KB
Script
General
Full URL
https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39dfdbba517c9c1a316c71c09f05a3440923ceaf1fd9d8be5a639990258e4f6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
397
cf-polished
origSize=59475
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 10:11:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CGIsUeg36sVmrhq9gcKGQzuFCSDk2wwEe%2Fz2MgLfIY5Tryep9tzKVH%2F5lZGcwYoi3ch28hUz%2BdYaj6xCQtc%2B8TtqbcCXro3MxSOQpzbf77AnudnqPI3x0j%2Bo5DQqTc68AkoUQq5HxXbXCuQyiCJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f68731189e79a05-FRA
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea7459817efa8ba207433194fab99117f6400168658d8f37cb8143312f2cfd3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 10:17:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:41 GMT
bootstrap-icons.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/
82 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6409310bbfa39d9ba2badd9067f468c7ebb1d2fd7ad9b5b89e06d9bb0cc7ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
18164463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9847
last-modified
Mon, 14 Nov 2022 04:37:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6371c5f1-2677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZC6Tns12KuIrt7uO%2BgQPvlDzvx5JUTPDoK%2FcNZH5Q3HMdp6Nw6e20f3VltISFDtuS1yysdeQA9SRMqYzVwqLvEBHtRFxBMnGK0yrO8thXS4KearxoIB9VjXETevKwFPBM2F%2Bn8Re1mu9Papym6v82N6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f6873115fd3920e-FRA
expires
Sat, 03 Aug 2024 10:17:41 GMT
ezvideojscss.css
g.ezoic.net/ezvideo/
44 KB
11 KB
Stylesheet
General
Full URL
https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cache-control
private, max-age: 2628000
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
text/css; charset=utf8
email-decode.min.js
sunnewsonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://sunnewsonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Aug 2023 18:20:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d135f1-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcUq%2BUN7vOD7VHx9HIcopf2q8mJmkyexmQcHW5Ta7%2Fn1sfliBSMbZgJqHoF3HLR67RJVVKSx6ZudCTJoPyOvOGkUnDj0PDJxdMiochyOjUjj6q8Uu3ao%2F%2BhK4jlx8LMX85cG%2Fo77We5BFnSJ%2BPSb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f68731189e49a05-FRA
expires
Wed, 16 Aug 2023 10:17:41 GMT
v.js
g.ezodn.com/cmp/v2/
5 KB
2 KB
Script
General
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11205475
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vlz2aFYyVELUG9b4Idp8gWD5sVcQq6n4jqsi6bgXi1vjyG%2FEs4WyxIKWmmzDRGQJYFP%2B3%2F3FK%2B17wSbifWSPdhr932VW6NYCBOhdTGzNMEMil%2FAWqJ7BbbjbZ6lEjSA6T2soUEvelh%2FzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7f68731189a9691f-FRA
alt-svc
h3=":443"; ma=86400
augusta.js
sunnewsonline.com/detroitchicago/
2 KB
1 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 10:00:27 GMT
server
cloudflare
age
1034
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeLhj2qZ3WtPihF%2FixyiamXwSohNTKVSMwFj9gqK7EjdvwkHw68GL%2FGZk47c9Er3uNlECfRQrhYnTuVM6RW1P4tFFy4PpWX33aAA3d5xkZwNqGiwnIysMDZ10KkVLcYgI%2BurS6ap3Vhzl4HMPZQx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f68731189ea9a05-FRA
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://sunnewsonline.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f687311aed4995c-FRA
apstag.js
c.amazon-adsystem.com/aax2/
246 KB
60 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/edmontonalberta/calgary.js?cb=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:40:03 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 21:29:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2259
etag
W/"a7247ead77dd201b1e56acf0e565194b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
N1Di6QVX_qvdN-Ocr2qqVMDmACqXihQnsrJDZy6Q29huAuyIB8bQAA==
cmbv2.js
sunnewsonline.com/detroitchicago/
950 KB
263 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c92389936769c27c75378cc38a80b1d4063542d532ad84ebed7995f73220c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3067
cf-polished
origSize=978128
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:26:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nynML3ZFsIOsDZiezQTwSxTg%2B03MupwYJHBXeWkHTKpQveu6G%2BpZ4vfpQyjoqC%2FIQmMy%2FipEAB4Z7jFX5hciXKo4GoPR0IW9WnsgUvyBxbMth4qu4KQ%2FbT1KfyVpaW6ljNKBR2DEZN6FqqZo50fR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f68731189ee9a05-FRA
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c78e52d7a37321d07e88999606700ba950c832ec400bab7b1237b1072ebc46d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasd8ctSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:33:50 GMT
x-content-type-options
nosniff
age
189831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21076
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:42:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 05:33:50 GMT
bootstrap-icons.woff2
cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/fonts/
118 KB
119 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc4e7c8df4ac36eba96ff23bb896db37ba80428f8b4ebabff24dee25bec409f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-icons/1.10.2/font/bootstrap-icons.min.css
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2212491
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
121296
last-modified
Thu, 22 Jun 2023 10:51:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"649427c1-1d9d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTC%2FbNwAa1hJYXvLFNJULpXKfdyzv36ZDxndiWY%2FPOmE%2Fv4eD4VXuCXgdLBRapYPDT3LQVZOTpsdtPwY1wbzng4QlfE0A7oJZ8jJSUg%2FFlF2ahBhS01lN8QDsOqXUF40AODcrQ9m2VPXg1gRad0YXI9L"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f687311afd5902e-FRA
expires
Sat, 03 Aug 2024 10:17:41 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 07:55:38 GMT
x-content-type-options
nosniff
age
181323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 07:55:38 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 21:18:33 GMT
x-content-type-options
nosniff
age
133148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 21:18:33 GMT
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 21:27:12 GMT
x-content-type-options
nosniff
age
132629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20528
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:17:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 21:27:12 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 21:23:50 GMT
x-content-type-options
nosniff
age
132831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 21:23:50 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Source+Serif+Pro:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
190c3fdc18618a4473729faa65a7dfd810fef1d70ce2c3fe71cb1ed843cf08cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 07:44:29 GMT
x-content-type-options
nosniff
age
181992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21432
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:32:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 07:44:29 GMT
footer-bg.png
sunnewsonline.com/images/
166 KB
166 KB
Image
General
Full URL
https://sunnewsonline.com/images/footer-bg.png?ezimgfmt=ng%3Awebp%2Fngcb1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480d259dd24e8e20033ac2c5030ad6496e9edfa56c8d8545ef9f377513919e1a
Security Headers
Name Value
X-Content-Security-Policy default-src 'self'; script-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-content-security-policy
default-src 'self'; script-src 'self';
date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
107
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
404
x-xss-protection
1; mode=block
pagespeed
off
response
404
x-ez-proxy-out
true 2.4
server
cloudflare
x-origin-cache-control
no-cache, must-revalidate, max-age=0
vary
Accept-Encoding,User-Agent,Origin
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSUM1vb8qZQBlsbGVfxuv3ArEfo7wdORPHH6PN1GZJslHFTO0wY086qDCCzPmxdOrdXpJ0WEKc5voB6BBZUcKncAbhOYAZbGJYEwhYOhNHSiTlOsQYYrDZP84DaaaxkJTQN2pUolwY7AofZIHZyr"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687311ca459a05-FRA
link
<https://sunnewsonline.com/wp-json/>; rel="https://api.w.org/"
x-ez-minify-html
5.35% 169846 / 179452
expires
Sun, 13 Aug 2023 10:15:54 GMT
ezoic.png
go.ezodn.com/utilcave_com/img/
1 KB
2 KB
Image
General
Full URL
https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
BYPASS
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
content-length
1181
last-modified
Thu, 03 Mar 2022 21:54:00 GMT
server
cloudflare
etag
"49d-5d9576f862e00-gzip-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt33qbc5IycDd3ZBMjpXFwKGJ5g%2BhFSYw6C7vyHrHXFCINkifSFhO034zf78XXLwwGYURQm%2BpUQ%2By2HCfmy0UsT%2FndtjVZi16e1JYTQYE9UX9LYm%2BhyyBM9XGrDotZM6ngAoZjs7dCEkP4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f687311d9ee691f-FRA
expires
Mon, 21 Aug 2023 10:17:41 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
345 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 14 Aug 2023 10:17:41 GMT
sidebarwall.js
sunnewsonline.com/detroitchicago/
9 KB
3 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:26:34 GMT
server
cloudflare
age
3067
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aui9NXTwIygTYuAS2iVmQ8mVlvOg8LfXW%2Fq5C0rQVXzAIbEOMzte66XJMaTd125%2Fp95Vu3v5YW5%2Ff8TblaeRbnCVR%2BvIaXbwQsYkDztd3ikfAdGTpcomDk9oPjfTBE6aM60VuHhGWq4naYFbBKN8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f687311daaf9a05-FRA
gateway.js
sunnewsonline.com/detroitchicago/
4 KB
2 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/gateway.js?gcb=0&cb=18
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48e554188fedb527c79e1e45ce03da4e601fff86be63121de9a2ac8291911e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:24:39 GMT
server
cloudflare
age
3182
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa3ffx1HQxrYNnRt1jOdrPlNu0ClqbQp9Gn4TYslCgmgpvyB3Ot4qGr%2BEqZBzhc8HOa7hbnjh9HYPi0tAkamI8nyDrYaeC5kPmJvkFu%2Bd4%2FKL9YPvMLsjzDTkwte5GX3nX%2FJl71NV39NpAH9soHw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f687311dab59a05-FRA
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162833/9311/
519 KB
161 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 20:34:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=106112
accept-ranges
bytes
content-length
164367
expires
Tue, 15 Aug 2023 15:46:13 GMT
kenai.js
sunnewsonline.com/detroitchicago/
3 KB
1 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/kenai.js?gcb=0&cb=6
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:29:03 GMT
server
cloudflare
age
2918
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOzN1cEVaSngzJS5blYdIIhhRp0Q3wP%2Bl4onSz1g8aZx6gYdNqNEekoQ4i5LT1LMXcw9cVJLa4HXJqDaFZgGnV9jvouaED7sE9pLtFkSQFrRM0Gv8MPuvlCuvzHc%2Bi5TuQOOL2W%2F2As3k4u3n43v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f687311dab89a05-FRA
portland.js
sunnewsonline.com/detroitchicago/
32 KB
11 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/portland.js?gcb=0&cb=19
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2414986b6b154e01e64fe182c526c10991d4fc4996b2b68a82837e3d51369074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3489
cf-polished
origSize=33160
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:19:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dq7IxmzLop04hgZGB4TK%2FGH12zac6UCq7H%2FHJhbimlBVL7RzDnCJ7rEnwG7D5rao6FlHNav%2F4NpmDEZ5ypf5zXO7Y7KevYXP8iiLmB4Tu2ZX6oL3SsGQ4sDi717cDg321znKgoylhtv47ZIGVi8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f687311daba9a05-FRA
/
bshr.ezodn.com/ Frame
0
0
Preflight
General
Full URL
https://bshr.ezodn.com/?did=494158&bf=30000&dc=21732118914%7C1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://sunnewsonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f6873121a273a86-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 14 Aug 2023 10:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F36qFbykQMfvD3DEEvzeDLV8Mb7%2BckPeBRxR2pnSNeFbbX4%2BDk7TSjpXMXIyt4imadm%2BfeSNicrSdPAZVTigqsitcnoQdFwvV%2F4hTu139CGw5HUDpbPCzIrFm%2BlXxLrfhWuHzKHR8wHaglWK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
bshr.ezodn.com/
9 KB
5 KB
XHR
General
Full URL
https://bshr.ezodn.com/?did=494158&bf=30000&dc=21732118914%7C1254144
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d18e690bc26692aa1bd8f4a4ca82c2618864dbe04f52685c6ab5a379b3021eb

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
757087
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 05 Aug 2023 15:35:09 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf8
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw%2Fe3WoEFMCvsxuRM4UAHwdKk81T%2BT3ACycYL%2BZv%2FY12tjL0a7Hq2p1jeTuItlXeUNKRoseagCkQbtR008B1PyOo%2BMuOa%2FT5nUbHtFVyiYlHL1%2BUVTjzj5p9XdgO7citknHr3Dine2U%2BDPKOog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1209600
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
7f6873125a653a86-FRA
access-control-allow-headers
Content-Type
nmash.js
sunnewsonline.com/porpoiseant/
64 KB
23 KB
Other
General
Full URL
https://sunnewsonline.com/porpoiseant/nmash.js?v=252
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c5b84d90cee4b14b226a7e9c4dd96156905b9458db28da5446eccd1702a5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1197
cf-polished
origSize=65887
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:57:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKhI4gilMNEnet1bo%2B1S5WTvoSz7%2BNMO%2BrWfUIOnNa7T61jdHds4ce%2Bnu%2BYOSO5INKH0zgF3VMsjng%2B3o1l14MhjCkw6yNt76uct%2FReIKHK3scF2mhLjaxXXGi%2FU%2BT8vtySHQ5NHQXudY5mlG6MP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, public
x-robots-tag
noindex
cf-ray
7f6873121b2a9a05-FRA
imp.gif
sunnewsonline.com/detroitchicago/
43 B
535 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/imp.gif
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfBZUwzqC%2BIEJy1MMW0SsU456JdsvnCzR2rnJwUNo7j3xXoeHWvsqD%2Fn3qYvFx5UoycKmHYAs0bqu7qr70Twvxjjr5Wf2AlLJy6IWWNMJ8FL1CXmwi8Hfmj84dJcK18VHheQqNFB0xLybmCYW0Qg"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7f6873122b449a05-FRA
access-control-allow-headers
Content-Type
expires
Sun, 13 Aug 2023 10:17:41 GMT
xtra.gif
sunnewsonline.com/detroitchicago/
43 B
342 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/xtra.gif
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZhg2UivWalxvxb7ywMTnHJVl9OKLtQByDv%2Biz7vIlKbgxTbZJfIbbV40dKHAeDzGmjieLGnODjHVylMaWqOnpEZF5WUuluIDNX6RiH5tlXavGrVln8AnJfL%2Bji%2BAlqk3tr17nqEfTzj%2FvZ%2BEDkJ"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7f6873123b4d9a05-FRA
access-control-allow-headers
Content-Type
expires
Sun, 13 Aug 2023 10:17:41 GMT
xtra.gif
sunnewsonline.com/detroitchicago/
43 B
356 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/xtra.gif
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fzs4yrTNNwhgqLtS%2FfbMx99CZikJxC9uL%2F7aN0xaP%2BTkgU9wzRz9IzVwgd2WOKkiQiNfkKjznbPeONWez3JQ8Zc6cTeOB4a%2BfFlgf9JAOC%2FFHirjfzGUpZ1brrVp%2F0%2BgrlIfjEsLhU1oT7TNg6z"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7f6873123b509a05-FRA
access-control-allow-headers
Content-Type
expires
Sun, 13 Aug 2023 10:17:41 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 21 Aug 2023 10:17:41 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/webp
classic-themes.min.css
sunnewsonline.com/wp-includes/css/
0
632 B
Image
General
Full URL
https://sunnewsonline.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=15
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1880
x-ezoic-cdn
Hit ds;mm;09087e13a2531efe68e53b2e71a38aa5;2-494158-1;e7d4bb14-89dc-43aa-51e9-fe47de905788
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
0
response
200
last-modified
Fri, 03 Mar 2023 13:44:37 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
etag
"6401f9c5-d9"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j3hiNrRi%2FAWzQFzoO1KlOblrfJ9Q5qOzPfNQc9pRVzja8CCJ6QMlKpj8sN901tPAIq6mNfa4iAR75NCxp1N4ywuMG0wI0ygCX4buy6fC7s7QZW1Kkv%2Fd3KcA%2FGxvlOcxeVtqDei36sKaM1bVpnE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
7f6873125b849a05-FRA
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
152 KB
Image
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=6.1.1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9518476
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Sms%2BKGs4Zg5M9dJZ3%2Fi7ASSBOhkOL3qdebY8%2BiybBx%2BCJ5YSAKfjjVAojjcvfK1RSWiYvrIq%2B%2FkqT4mUAjebb3gmNgX6RmgW0w8Ul6xSrth0ZX%2BXtXgzeNXojX9J3xjHDtv5vk0Syj58jUfA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7f6873125e7518c7-FRA
ezvideojscss.css
g.ezoic.net/ezvideo/
44 KB
44 KB
Image
General
Full URL
https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
cache-control
private, max-age: 2628000
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
text/css; charset=utf8
cmbdv2.js
sunnewsonline.com/detroitchicago/
38 KB
11 KB
Script
General
Full URL
https://sunnewsonline.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1d-5y17-3y5e-22&cmbcb=177&sj=x03x0cx1dx17x5e
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d15ebe4f5e37b6fd6776826b284ef40c338f0fe14c2eee158b1a18aeb0f1cabe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3067
cf-polished
origSize=39200
x-middleton-display
sol-js
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 09:26:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlJ7OsFJ%2Ftq%2BS7X9d%2BOZS4zy%2FwxHwnJrt%2FJ1dyOYtIdG7lpun2ZdBf2hXfnKgNQrlLCgLA6IUQk2uBnsiyHxBrm7shofrrEteoHTrKwn%2BtQSEGRCRpNOmrY3rTUFxVR3JUxO8jneZHYx31jvMyXw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public
x-robots-tag
noindex
cf-ray
7f6873125b869a05-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/
400 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 11:31:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
81976
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129241
x-xss-protection
0
server
cafe
etag
14615361730175754207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 12 Aug 2024 11:31:25 GMT
sun_logo1.jpg
sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/03/
2 KB
3 KB
Image
General
Full URL
https://sunnewsonline.com/ezoimgfmt/assets.sunnewsonline.com/wp-content/uploads/2023/03/sun_logo1.jpg?ezimgfmt=rs:106x70/rscb1/ngcb1/notWebP
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b15fd492c04d389e35990f791fd8a000c945bbe4afffb1a66760d7e3d67a97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1828
display
staticcontent_sol
x-amz-server-side-encryption
AES256
x-amz-cf-pop
FRA60-P1
x-ezoic-cdn
Hit ds;mm;f667be932826966523c94fb4dbe738a4;2-494158-1;3bda186a-ae14-497b-51a3-e3dfa30df239
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 29 Mar 2023 10:34:42 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
etag
W/"c2cf4614da2f839cb37f2f50ac00f7ce-gzip"
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aliqrYlz%2BsvIKXJeZqF9IsvEwsWX%2F3uNHxVT0tg1MxyU3yZ2C8yE9%2B7ek%2FICobFpidDy7uR5jz2kASUaKjuNF888JuP0%2FvIood8nV6xH2I2doFt7RRKE48Fh39N0Cy%2BpyviQ%2F1xZYSx8tEVhjy1M"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
cf-ray
7f687312cc0a9a05-FRA
x-amz-cf-id
qowai0xEYccHTbw17Y8hc86pcAjglIL4iZpc3XoxdHWtyIxNEqcVXA==
config
c.amazon-adsystem.com/cdn/prod/
0
0

aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 06:42:12 GMT
x-amz-cf-pop
FRA56-P3
age
13129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kQG6xRNrMxmFNPKRjBk50jtCidVie3KwAV-4JFes5VjPKjTbLN5kXw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230814
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f089ff18270a2a9149fecfab2a8f182b1c6040ac452353af115688a0571553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22608
x-jsd-version
1.0.1781
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1638-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-5NHVACoI785mIkqgqLleeqzW2lQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91sADgXcaEXaMT9iXQpNSuaTpDvvSvXK4nVeQf58ckSxqo6QcR2mt%2FW2ZWMeGsu2%2F5nWEMAYCdtSTLnUxhnyn5DFLNdYlLCSGT7KonA18aeK69i6I%2BOP58pDfPqh1wv6kQ3kcRBcaJrHua1Gon0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f68731389fa363f-FRA
rules-p-31iz6hfFutd16.js
rules.quantcount.com/
160 B
633 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:11:29 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
373
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nHa_APxO7Tyl_1ocEFVxU9Jv_uVxMJQnm6EAYWj-sNzHp9dQh4RqaQ==
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6DLE1C2CT8&gtm=45je3890&_p=958966010&cid=302229331.1692008262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692008261&sct=1&seg=0&dl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&dt=SEC%20yet%20to%20receive%20GSK%E2%80%99s%20formal%20scheme%20of%20arrangement%20%E2%80%93%20The%20Sun%20Nigeria&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6DLE1C2CT8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Aug 2023 10:17:41 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 02:29:26 GMT
content-encoding
gzip
age
1496895
x-guploader-uploadid
ADPycdtgQcQ5-IXNGnj-bizVFPypnO5rWXUHHepVnzEiAeMz7KZUZ57OqZuzfW-lDA7aFwUvM3c09LWW8P8XbazHPZIusw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 27 Jul 2024 02:29:26 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25082
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLlxDvFATbIjvyMc3Z1P0%2B9Lv6W0e7s%2BfPPCeTdoCcq6ExM%2Bdm5%2BaWnP5D80MBvsLcMCpu11tLX2IyPIMHu5lzo%2B7oka6ISMMTzQ4xn0EYm9X2Ucyb5%2Fny7vPt%2FBRp%2FxzvKfjZFWDCi1RHJ9DbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f687313dab33801-FRA
esp.js
cdn.id5-sync.com/api/1.0/
112 KB
26 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
9JD2PVWRNGH6W9D6
age
1262
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f6873140d99922c-FRA
x-amz-id-2
C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1200:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
Date
Mon, 14 Aug 2023 05:08:18 GMT
Via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
18564
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
M-veJ_DNTPHaT4A12mV2IjlxvSa8U7mW83DVmfY4Jghm4tGwengPMQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:15:10 GMT
content-encoding
gzip
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
79352
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
vLriCFTSNiWKgYEpCqQgC5qKfW5OdBU793mVZbjrUi3eDbIBc9cgAg==
pixel;r=948603800;labels=Domain.sunnewsonline_com%2CDomainId.494158;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F;uht=2;fpan=1...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=948603800;labels=Domain.sunnewsonline_com%2CDomainId.494158;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F;uht=2;fpan=1;fpa=P0-1444484022-1692008261674;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=sunnewsonline.com;dst=1;et=1692008261733;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.SEC%20yet%20to%20receive%20GSK%E2%80%99s%20formal%20scheme%20of%20arrangement%20%E2%80%93%20The%20Sun%20Nigeria%2Cdescription.Following%20the%20decision%20of%20GSK%20Nigeria%20to%20wind%20up%20its%20Nigerian%20operations%252C%20the%20Se%2Curl.https%3A%2F%2Fsunnewsonline%252Ecom%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F%2Csite_name.The%20Sun%20Nigeria%2Cimage.https%3A%2F%2Fassets%252Esunnewsonline%252Ecom%2Fwp-content%2Fuploads%2F2023%2F05%2Fsec%252Epng%2Cimage%3Awidth.1280%2Cimage%3Aheight.720%2Cimage%3Atype.image%2Fpng;ses=f10cd885-0f2c-4b72-a67d-bffefed8abcd;mdl=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/
5 KB
5 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame F4FF
718 KB
231 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 03:56:19 GMT
expires
Tue, 13 Aug 2024 03:56:19 GMT
last-modified
Tue, 08 Aug 2023 13:51:58 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 10:17:42 GMT
ez-vasts
sunnewsonline.com/
2 KB
1 KB
Fetch
General
Full URL
https://sunnewsonline.com/ez-vasts?ads_enabled=4&autoplay=1&content_id=5808405400381437885-outstream&floating=1&pageview_id=50ad158f-9397-42d6-6322-c1458cac3fbf&player_id=ez-o&position_id=0&ad_index=1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a292ae9407e29e3971e2bda864a9d5d57ebcd001526e66fc51f7f74150d79f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Aug 2023 10:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP3yGeDHVW8y4S0EkfNtPsLGQuc0b9IokehfHefAOdPp2aMKuuzNesHg1N7y41gkL%2FWxVUJ7faJOcfx5%2FCvAA0LAoS1DsCcuRnFrbvg3bCJa6ak%2BhFr4ao9y2Z%2FklPRFeTd0mrwmTjNiheV7d0rl"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf8
cache-control
no-cache
x-robots-tag
noindex, nofollow
cf-ray
7f6873144db19a05-FRA
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C1F
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 14 Aug 2023 11:07:30 GMT
/
ow.pubmatic.com/cookie_sync/
120 B
265 B
XHR
General
Full URL
https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:42 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
content-length
120
content-type
text/plain; charset=utf-8
auction
ow.pubmatic.com/pbs/openrtb2/
246 B
331 B
XHR
General
Full URL
https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d8a4c09c4cab076cb115cccbcd249135aa49db05f1866c21117124bc85cec1ba

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:42 GMT
access-control-allow-credentials
true
content-length
246
content-type
application/json
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
85 B
202 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b785d3dba9e3f3958deaee29992c96dfd7d9ff6c5f737d3a30de235eec2a8939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-UrkGJc2UbW5yhDckKtb0csC44E4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 14 Aug 2023 10:17:42 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://sunnewsonline.com
location
/esp?url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/
0
326 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
securepubads.g.doubleclick.net/gampad/
129 KB
47 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=1646887890885244&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=1&didk=3810045895&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008261994&lmt=1691998252&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D439915758341646%26eid%3D439915758341646%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dsunnewsonline_com-edge-1-439915758341646%26eb_br%3D5123967dad9631f0d2a57fa9c3237b87%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D16%26br2%3D8%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1493151707
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac92f2ab44e0a91a3d177c0c3f010dd98c6763aed54206817979ee9e5888e6e8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHorPv124ADFZlSHQkdrI4EXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKHorPv124ADFZlSHQkdrI4EXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
date
Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48136
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22A8
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
130 KB
47 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=646373478023605&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=2&didk=3810044878&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262009&lmt=1691998252&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D7107777058415121%26eid%3D7107777058415121%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dsunnewsonline_com-edge-2-7107777058415121%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=990695581
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b424dd043d9e2e1f5898f7792e3f2010d5b88611db52b1f3d3c5f36ea6f53b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnyrPv124ADFVhPHQkd-5AI_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnyrPv124ADFVhPHQkd-5AI_A&gqi=&layout=/sadbundle/%24csp%253Der3%24/6696507267946422850/index.html
date
Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
57 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=3463737686962421&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=525369788&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262014&lmt=1691998252&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D3381836678336844%26eid%3D3381836678336844%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dsunnewsonline_com-medrectangle-2-3381836678336844%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1690571843
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
716aae8840c3f69c5b8b19d6e95258776cb5e847e9e890378d31cd92ee2c9ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14147
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 5534
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sunnewsonline.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:41 GMT
server
Kestrel
server-processing-duration-in-ticks
329579
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bid
aax.amazon-adsystem.com/e/dtb/
23 B
461 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-2-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-2%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
W7SRXAJ692W9XEN19P6M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Yvku4enUbz3dqU04oHuzlyStuKKDipLMns3M8Zim28b-zP4dx5YA3A==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=1&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-3-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-3%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
EY05ZX5QYGC4X6KHVDJW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
VnRL7FDA4zCNZg5INgpBVpOeoSSn0C1Ggh5tQlIq526lLLLY3elaIA==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=2&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-box-1-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-box-1%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
420JR7MXYQWNSCZNDAZA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eFYpcJmeN_5m9jT44b4lIWCsBydAWuNwbQOl60ATWCj4z8fCi8WN4w==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
461 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=3&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-large-leaderboard-1-0%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-large-leaderboard-1%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
ZW8JA79XTP8PBGMQCPK6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0HB3d3gWyZtc4LRve65ZcGUkmQnbtc5IeNah8CeYGAxHKhAfQv8rKg==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
464 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=4&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-sunnewsonline_com-medrectangle-3-0%22%2C%22s%22%3A%5B%22580x400%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21732118914%2C22890767690%2Fsunnewsonline_com-medrectangle-3%22%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
VBBVZ69Z9BMZR1VG83XX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
K8FDFnLTvu8mxOVvFBgt3R9LhZyqzO5hYBgBffla-876Gpy-TZuILA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/
43 B
416 B
Fetch
General
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
C2P8P17Y4XK7E5QPJACT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
irVShq4Wn-s0GpixqSwESkEegboqBDBPLLeQE7sIPANljc5TVitqHQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/
43 B
415 B
Fetch
General
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
SDRNPA20ZHMZFCKHK5VF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
10fp82veIwjH0NvxTCVlCtEgy4qtXY612Ggl04YzQKxAtCgw6Uy4xg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/
43 B
415 B
Fetch
General
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22aa05931b-5308-4ea3-95a2-adf84f4ffde4%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsunnewsonline.com%252Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
MDYSYHGFW24NXAGE25XS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
HHCp9M4Fq5YOj-1zbrE0uF1Vxlf-K0sNW4Yjv7EQ6fEsySAl11Dj3A==
map
bcp.crwdcntrl.net/6/
60 B
335 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-108-17.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ee07267c1822a8cc487be07e4a98e9fc72df31487aacd84b75abdde61e982a73

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache
x-server
10.45.1.171
access-control-allow-credentials
true
content-length
60
expires
0
ads
securepubads.g.doubleclick.net/gampad/
654 B
309 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C120x600%7C160x600&ifi=4&didk=3507128232&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262104&lmt=1691998252&adxs=1146&adys=1077&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=298x264&msz=298x250&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D6269529070376993%26eid%3D6269529070376993%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1035%26sap%3D1540%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D35%26al%3D1035%26compid%3D0%26tap%3Dsunnewsonline_com-large-leaderboard-1-6269529070376993%26eb_br%3De4959d004f77f2c50c86f631c5e35273%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D0%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1723501267
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47471f57023b9b1c6a0594c18276bd6734732ef55163adde406ed4771c52d7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
640 B
309 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=5&didk=2986460386&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262107&lmt=1691998252&adxs=152&adys=-76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1605142702403209%26eid%3D1605142702403209%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsunnewsonline_com-box-2-1605142702403209%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1280361889
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
333e6370faaa522f8ed12b6f9a2a2e545e21a6163e086700e28720783001b147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
64 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=6&didk=2986459369&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262110&lmt=1691998252&adxs=1170&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=298x264&msz=250x250&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D5582903590373166%26eid%3D5582903590373166%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1000%26sap%3D1200%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dsunnewsonline_com-box-1-5582903590373166%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=525480102
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28b03de5c4bf4cd77ea0dd9ac54c8afae5c82c587bfee473ea70ce4e490693b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16061
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
639 B
303 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=697118032476408&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&didk=2986461563&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692008262114&lmt=1691998252&adxs=381&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=746x90&msz=728x90&fws=0&ohw=0&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1904956736383823%26eid%3D1904956736383823%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsunnewsonline_com-box-3-1904956736383823%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747&cust_params=amznbid%3D0%26amznp%3D0&adks=1905174598
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0d9f3812f7d2be3cf7ce8bfbeb9f8ea0e227c94ed0c810e8d81b5f6e64aedb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenoaks.gif
sunnewsonline.com/detroitchicago/
0
449 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTA2MiJ9XX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzeTWti%2F5FntmV%2BgXKmSky7TL56tKY24S6ZILc8MypEE5U6C9iuIq4Pg0FeOWh2ZkB0PwcfPlO2x9%2BDOOKI5I7xS1wK6ScqFy%2BQeCBlPseECSG6HMzOZWkEJzJVi%2Be8WkHQY3GkBZa%2FDkJFWcpbD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687317da979a05-FRA
expires
Sun, 13 Aug 2023 10:17:41 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
282 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxMDYyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjnhqLUhU7LpwRsK7obIlUm6zy7AD106cHfu8H1NAvOH505wF1KnlqEJPMMlbfEU3cL1uwQ0V67ARKsUZZL1yRrTpm0ECbr7xLdgNdleoU1LwMLgqmfZYc%2FN6zTOB%2FuJ2SwbJLBiUIHGML0UDHaW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687317da9a9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
263 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0scg2%2BIbcT98bImLDZGH6ZHMqJmriNGN22uhC4KWtuZ1%2BMr73uzaX%2BvUNPdD5AAoWUMow3R%2FtsWM5kM4Xcp2egLbJiyC6Zyiixzi%2F2e%2BAakyE66K9gh11Ke0YE9H8m4%2Bsx6TS9M4vkUsqk0naRKp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687317eaba9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
fetch
go.ezodn.com/ads/charity/
297 B
775 B
XHR
General
Full URL
https://go.ezodn.com/ads/charity/fetch?country=UA&size=234x60
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b762fda73b9cb3a384563cc8ff52e2a4772a287115f1370c2ae705bbc36f796d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvqVvXkvUNf7qpUqLj1o7gdQITiqCi6APyF2vZPHuImEkpNUunf7HLz82p9%2Fhy9aW7Cfc2n6CGuQ6TPDqJrn7Cth86wfbJTw0qnvJkan0uRg89Qsk8xQH75%2BEsCRxvPIRX3nH0b7fOm%2BcdA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
7f687317ebab8ffa-FRA
access-control-allow-headers
Content-Type
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 0FCD
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:12 GMT
age
433050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:11 GMT
age
433051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 12 Aug 2023 03:23:10 GMT
age
197672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 11 Aug 2024 03:23:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:11 GMT
age
433051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 0FCD
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:12 GMT
age
433050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:12 GMT
css
fonts.googleapis.com/ Frame 0FCD
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:44:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:42 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:50:07 GMT
x-content-type-options
nosniff
server
cafe
age
70055
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Mon, 14 Aug 2023 14:50:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD
295 B
664 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
45428
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 14 Aug 2023 21:40:34 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
259 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTEyMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsjFxltl9DLe1Zk2WjQjK93qJBCACTtmwVQdSbD1JVyqrYLFFRimvZm9kqQzXD8SCmrxxXkLSulrG%2BnxoqcZUkzsOWcOVKZbIluLUcBX12ePj991955HvCTqGaj8UQE0F0grbxiuMgYVUseIkTO8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873183b129a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
ads
securepubads.g.doubleclick.net/gampad/
935 B
467 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=3888467933526110&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&didk=2484510057&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D60c2c02d481e19ec%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYMQ5_i3fpfTOfkZuEFGZ_3zt3ZPw&gpic=UID%3D00000c86adeb93ab%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MZSk3D_Mezj2OUGUcryX_zz5XsRhA&abxe=1&dt=1692008262438&lmt=1691998252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=bvr%3D0%26ap%3D9999%26reft%3Dn%26avc%3D100%26ga%3D5302779%26bra%3Dmod1-c%26al%3D1006%26ic%3D1%26ezoic%3D1%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%26tap%3Dsunnewsonline_com-pixel1-4033684138378932%26d%3D494158%26br1%3D160%26br2%3D100%26iid1%3D4033684138378932&adks=1275092041
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e009ede96c0b8ed18aab7dc087a358d47e82fdfc126c3fed4006db8777156615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/
37 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl_page_level_ads.js?cb=31076936
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5511af087f41165d36f925af79689b5a091d3a8f0a61b0fbef1088409c41c669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 08:38:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
5974
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13171
x-xss-protection
0
server
cafe
etag
8515395243987812700
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 13 Aug 2024 08:38:08 GMT
truncated
/ Frame 0FCD
161 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0FCD
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06cf2bb6e5e539d54cdc7615429461cff1dd5f88c7de81f9916f3e267a3e7a10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 5534
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=sunnewsonline.com&sn=ChromeSyncframe&so=0&topUrl=sunnewsonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2...
467 B
673 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30ccd95dc6d8b22d1fb3a57aa9774c2274cb41d7a07c4bf26ca647f6af8c76dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1132598
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=oYD9xHxMN3NPMVJacS9kZkw0MlRlV0h6d3MvWVZhQXhDbWNxeGt6ZlJaKzc3MVlUOFJrcmVKL3hCVlVFTWp5WVRMd3RoemZLUk1qcllsRXhmcEdCSjVVZkhGaE92eUc4Z2hweHNiNzRTMlNBTWRJWDNTcWp3WFhsdXFYd2Y1TWcrYjFUejZud2NranMxWHdMTTJlcUFXZEQ1MEUrbzZsU1htWW92aVhSSDRKQWIxTUlpWDhNdDBCdnA1ODJxZjk5THN2RWJ1a1lobG52Y1N0TVNCdkJaR2VQUXoyYnZGZ3AveDVJU1VwZitpTDlNUkJVY2h4aFhiWm1DRUYyeEVob0V4U1ZZMEVjeXg2MW1PTGZMN0N3MHRYc0N3ZjVVMVZxeSs1K2xQekRlVGNBQUU3dz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
250599
content-length
0
expires
0
234x60.png
go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/ Frame C94E
29 KB
30 KB
Document
General
Full URL
https://go.ezodn.com/charity/http/charity-ads.s3.amazonaws.com/charity_ads/1134/234x60.png
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/augusta.js?cb=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5b9c85cde1df497209909e666e29159ec43ee0197727ecb4a5a0cf6c1a7625

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2872
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7f6873187db33647-FRA
content-type
image/png
date
Mon, 14 Aug 2023 10:17:42 GMT
etag
W/"f5632097bf631e71004091d01bc39fc8-gzip"
last-modified
Mon, 15 May 2023 22:54:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyCBHVUab%2Bnhpm576tACBNRh9m%2FYFwZNsaNcc7ZqUMp5AlYoNBwUOHec7kXz0iwTvAePZc0nXErvjCXqc4ebxTaKiFroV7fnZoT%2BCCuyBx4SqI0Y1hla6QcR2%2FqmJF590uO5%2FEkzuNKGt8c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
n5vNO5BkpYcAldfNX2QoX1Z9AjF1F9L91JSAQ7zrHRcC88TLCKpEyUALVHzSI4zEwKimYUDZ4yA=
x-amz-request-id
EN54DEM3XVAYAVCJ
x-amz-server-side-encryption
AES256
army.gif
sunnewsonline.com/porpoiseant/
0
266 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MTEzMDMsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiIxMTMwMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMDM1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjExMzQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYyNjk1MjkwNzAzNzY5OTMiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIxMDAxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QgCFaY6kJogVyksEzvWR3iUpZG6JJv8p%2F%2FdVy7pMb2UiPQOCHEiFcoVeptJhCZaYHVxeGEi%2FKINqUspLR3JU3GT%2FTd0dmt0b3KtTzOMf2EdNDRmjyt1bUN8N%2FWfPE%2By%2FgayQNsGG5bxXVUnOPMR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873187b5b9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
greenoaks.gif
sunnewsonline.com/detroitchicago/
0
261 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjExNjYifV19XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MqMFkvRwkY%2FTyz3PEEaVYdiVViaHDz0uCbQxCYrrC996K8NT9IL02jd6BLaxa%2BUQnHT59947xagOpZ2bNFARvl%2B76FJDJShVSCKft4OSIU8yZmrzJ9F6mkhtv14I9yvbw9rUhDnbRnVIpgRNRnM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873187b649a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
264 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJmMDlkNGZlZjM4MTYxYTI3ZDAyOGNmZjZlZWJmNDNhYSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4ODk4ODgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAk%2FwBKGknkzaKIcthtHq6M1qNknIiAXUf61ixat5KpVPhWSDycweCcWZZcIfuBNV%2BRfm1Iwzro%2BBbP9BEsJn0cT5Wsh7MdzHQz%2BjxRFr22D1bezbJgBJ2n3VnZLbE9TZGG9kVhe9M%2FqHWCS1aZ%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873188b719a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
4974889888
go.ezodn.com/dac/
0
572 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974889888
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 09:34:36 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MWg2I5596Wg7h5QtXndD3abD0JWDb9wH8vOKhf40kLaYUlfleC0QgGytPO2Dfc2I%2BD9TnoBWw3CK0HuF%2FZgoZQNzP8a0OuTpJdxzUj5oKS7jdtj6EO7dBBbuIG3TVLtkRoYA7U0UKgvIdM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f6873188c4b8ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
261 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcMV3Ps6JPDiJYd%2F4E6HUFIixsXmrCEqDp%2BTZIGeABKHJFLbpbpHGNLWDTLQn3nwdyaYTHkL2wtNBjVRyf7zBUyhJlM5cekSFOsWNxDkYOgUKn25sv4v2SR2oZ%2Boje7zwqmnZ47tjqevkdz0Cc2e"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873188b749a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
268 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYyLCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6NiwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDEzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4fV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOjOf0sznK56pTU0sBW%2BKfJmWdn9aQrL0dCTwX9gACnxL%2B0eSAPFs%2Ftns2nr83yNaLl%2BcLUz84vut%2Boz%2B2XddX9swrNwNx1tjy%2F3bDzawVvM4lFQZN06d9EB1GLT%2BUwkFz9wMwfLaTa5TU7NQB8%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873188b779a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0FCD
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options
nosniff
age
443040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 07:13:42 GMT
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44C5
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
sunnewsonline.com/porpoiseant/
0
276 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTIxMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPHDXyjhb4vlSego84Sxl7RPP1gG5J%2BOd7oG9j73%2BsLSB04HT3BU6Y9Ha1%2B2jYpZvWMeNKXOPE39IohuDnNvHFWU%2FuuwNplSCjjSn5K%2FZK4o8tmdmnamqboYP3TTKYdziRIJAefo5%2BWL0gbnP518"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687318cbe09a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
isyn
prebid.a-mo.net/ Frame CA16
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 14 Aug 2023 10:17:41 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame B969
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1692008262405
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
army.gif
sunnewsonline.com/porpoiseant/
0
281 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI1MTIzOTY3ZGFkOTYzMWYwZDJhNTdmYTljMzIzN2I4NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxNiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg5ODg4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4ODk4ODgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIbtXYMFQJkgYiA5bdN7aqoQ02j7fllpjpN5vP4taYVEekgzuJoECbvlqNcuxmaNqOL0X%2BrWj3ONVVoL5WVqQMOVATiGP87BSCcnu4su9Idr2YV6QhuV75LSjRM%2B8cOWll4ZhHBiQthBEvjw7tvE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687318ebff9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
4974889888
go.ezodn.com/dac/
0
581 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974889888
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 09:34:36 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug4I1glae2dkLrmF1tQlmPU0XLd%2BjmkQzRUrqU9I7nZk%2BDVBcCnwc5%2Ff028BEJZ%2FrFMCoNSblHyC%2Fk06%2FQoxlrf3nykU4S8No1SWo%2BbUdvJtVJIFKU34RBhqzowIWjxjWoVLDJ9O2lSwlkQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f687318ecc18ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
447 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEVY6gbRfT0m2%2FNdFxoRITK%2FBqFz3rYYYlIJnbQZU8JkrT67ZCXtmuhu0aqu0XkMepOkBLuq3ATi8Qp7ubSVBOpX%2BKyYGzeB98cMZkHfaubK5dQ8WZ1rUHoUDJaP7ETmDWaXUUZwIr8IfjQIdT36"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687318ec019a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
259 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYzLCJhZF9wb3NpdGlvbiI6MTEwMSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNiwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE2LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1MTgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODh9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M4IxoCbDOQvhwRcGDlUTzLeFe1JYIYSYDgnUQEUI8%2FCDMCDvPgiRRxgriqbzldXD8WcNsXs4PixFux8PwEcUGeBDo1fEtf9%2F1gKSeIikMlNECizd577PcDjaSUsodsD6wZDXAu5hQeBPzzdmhOB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687318ec039a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A8D
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
sunnewsonline.com/porpoiseant/
0
264 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjEyNDYifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHlD67wdluPcpZ8Yqd3K4DLDjAJJJxpd%2FTH%2FfHotE345CPQuJ4rRwUifPq1yZnDP4NNCXSOzg0%2Fj5%2FTx7onaTQ8iAojZNXBpiMjygO1YTYJO%2BOdasoJSoGso7J5i2ZmYvgrSvR2%2BTRp24lXJiAdT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687318fc1c9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
284 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjA2M2E3NzA1ZDVhOWQ1MWJjNDZlMGE4N2ZiYTI4YTg5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MTA3Nzc3MDU4NDE1MTIxIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk3NDkwMzUwMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbq%2BE3oIW7wSJxbfM5q5tklhGxGfqigN7qdMQvwRbstpwPiRchQqqhzX82y6z%2FQ5yT5z7L4c5ZNORPoioWvqEyP%2B%2B8WIo7bdISqXfBzqXiqAl4GG5O14t7qLpO82jTPbizEmEx5WmLnh5cnnal5s"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873191c3d9a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
4974903501
go.ezodn.com/dac/
0
573 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974903501
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 10:10:07 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bead8SPf8sDb4bVZ04v7im9sH%2FVnb%2FKhsoJ14I1iIdEwyV7zyoVozmscoBgjenl%2B7xHGJXiNo9usLBMDRcjZMCA2dSSpWEkYWnAfA8U1o9LOTpST6rnIqx%2FAqY3JsZ01UJlOziy5y0hnqr0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f6873191cf28ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
265 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wOC0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOlkteZE%2BlNlHxQwb4LNXr8ANp7M%2FYtPT%2BpSaB3ojE7WqGWgCkpdY%2FZqpDxx%2B%2FNCTQrGtpD7bnzmEme57YdkAa8xJOKNQYyWuWallwNreENd7FmHRBaALES23f7N1IGgNlUV8iSYTwonDfahBWcO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873191c3f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
260 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYXVjdGlvbl9lcG9jaCI6MTY5MjAwODI2MywiYWRfcG9zaXRpb24iOjExMDIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjQsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUzOSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ati0694N8f5hexIvgF7LvZCeIs1xeHb8L%2B3%2BSTAvdF6J%2BGmhuvlNfzBl%2Bo1FSyDKd4QhpEBQGdiWLO5rlwVPhTPVmjqo6ZEouwsKdBvb1QnJzBATMlnllidnn708gnpiTic5Mwnny8h2mL4R7X4v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873191c429a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame D9C1
3 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
451847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1296
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 04:46:55 GMT
expires
Thu, 08 Aug 2024 04:46:55 GMT
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 44C5
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1A98
143 B
383 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 44C5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:49:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 44C5
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame FB40
3 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
451847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1296
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 04:46:55 GMT
expires
Thu, 08 Aug 2024 04:46:55 GMT
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1A8D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 783A
143 B
200 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A8D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:49:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A8D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
262 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTM2MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9xRPqrQxStCMc92ex3Xn4uJxt8y08Y497CcNVaGYZRwsMFVRfzII8nV0T0jTbHx1SNQ%2FI9uInykLgIamFRDbzgZo37bPQg4%2FmT%2F6riMT99mS6UgWqM8x%2BCrwg46dTAbHqLSidIDX9hRpaETUcHi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687319bd2f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D9C1
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
27252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Aug 2023 02:43:30 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D9C1
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
27252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Aug 2023 02:43:30 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D9C1
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 10:17:42 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame D9C1
139 KB
29 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 10 Aug 2023 05:30:01 GMT
age
362861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30078
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Aug 2024 05:30:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0FCD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date
Mon, 14 Aug 2023 10:17:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:50:07 GMT
x-content-type-options
nosniff
server
cafe
age
70055
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Mon, 14 Aug 2023 14:50:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0FCD
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
45428
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 14 Aug 2023 21:40:34 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FB40
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
27252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Aug 2023 02:43:30 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FB40
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
27252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Aug 2023 02:43:30 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FB40
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 10:17:42 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/ Frame FB40
139 KB
29 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 10 Aug 2023 05:30:01 GMT
age
362861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30078
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Aug 2024 05:30:01 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame DF61
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 14 Aug 2023 10:17:42 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1A98
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Mon, 14 Aug 2023 10:17:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44C5
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 783A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Mon, 14 Aug 2023 10:17:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 44C5
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6586268f23462317fde292bc9eea870a562b7a52c314a25fb420921b2dbaecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A8D
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0FCD
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C66KfRv_ZZMHhBNKYlgTa6bWABL6Q5PVxs8_K_7EQh8eysIwsEAEgpczXamCV4pCCoAegAavVtLsCyAEB4AIAqAMByAMKqgStAk_QPKh1d5mPuJsGQjMeXTIkwAJmXxEgi_TbnlHdyOx8j8NNnEd1FcQmbGi21GD3qo32oRiK3XmyeEZCiP02jEumngCBxiIgCLXsMkGLJyUw9XsqTtwo2kWQQYwdL7X2YK5t_aVdO5n8hf2qkbTbeGy42xI9Y1ymHpV5dcHS1wUjxj6sBiivILTd8qNj0KtTPsegmCjIgg_1SbE3W7hs6gwHvCYX8GbwXa9Vb6NoebQyezMdTwR484OPeUVcuOg688aLRsnlyAomR_hl0HKS2-tsCk6BwUmHKRJ50jwrMofdV7B00ltR2lN1yoBo1CIZi-XYhT-j-jgAC7jMCWKUgGYh1CdqOtHNl2ruo-1yQsyiarcl9qj_VoZHAuT-pTu9DNO26zaQDjX7Juhb4V7ABI3-2O3xAuAEAZIFBAgEGAGSBQQIBRgEgAfFtJPJAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIGAC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXFodHRwczovL3d3dy5nbG9iYWxpemF0aW9uLXBhcnRuZXJzLmNvbS9yZXNvdXJjZXMvZWJvb2steW91ci1nbG9iYWwtY29tcGxpYW5jZS1wbGF5Ym9vay1vbmJvYXJkaW5nLWJlc3QtcHJhY3RpY2VzL4AKA8gLAaIMCCoGCgTDsLEC2BMMiBQF0BUBgBcBshceChwIABIUcHViLTkwMjMyMzIxMDkwOTE1MTIY79Ft&sigh=2abPp1wpS5I&uach_m=[]&ase=2&cid=CAQSSwBpAlJWmklCxWJYoQ6QY0ga1CwkoJe9yg1ZQLmmHwy1K5031YjW16x32RkOPXPsV1hKCTACuc56333MsG-AYmk91kDCX2ZTf6iKgBgB&cbvp=2
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

army.gif
sunnewsonline.com/porpoiseant/
0
295 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTUwOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV21XeZkaV%2FfePhSrdVx%2B9osF9MHLQUmJBA2GwihN%2BEZxu1jtqf%2FD4jeKvbhsY2VgvFiLj%2BjAPeR1REmExXUkvTlHv%2BWa6e%2FTEG1NQXHELLgyZKPHv7%2FJ4%2BHqVyNO%2BDuGxk3%2BALTpoii8o1s4196"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731a9eb19a05-FRA
expires
Sun, 13 Aug 2023 10:17:46 GMT
truncated
/ Frame 1A8D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df9f434e59e9780ddb17b762f31662be256993c082c2b2a4d91fdd2e870ca321

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
Bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
5 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Bg.jpg?1671344294922
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5605
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
Bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
5 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Bg.jpg?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5605
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
Component.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
25 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Component.png?1671344294922
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25132
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
Component.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
25 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Component.png?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25132
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
wl
t.pubmatic.com/
17 B
183 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=162833
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:43 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame FB40
37 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
187341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
Reflections.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Reflections.png?1671344294922
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11601
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0CNhBDYh5SexBU3RML-nkBDNZ_xyun-hR7XZBZSR5MWZ2J-QehB67QvOWHhWeNj5OWdG-UafnXoiKJuUbT-MPiwb1hDZmbK8ifd-_0sZD8T_G7CkwZdPX3NYfKpMW77eLLFoMvgkJQDKr4QGhzJQCxtUX0gI0X5xqMKu7zG0IQlLr5oRHYWKK3qDmy2GAcjPt62umfSuxJihI8_FohKIh2XOWs7Ffht5JNnba0mVbcCSIdZkiZ2hli4lk8nApHPjVC8RsA8N3f07qIgmenJI2eX1Sn6SoQUOpT6aSVR7amAOXlNMtb1_fVxvEySVBvhMcNXz4cbqyWUMv4yLxZTS7RpB7KlqMcf5bdiKnVJmWoFDktMAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6OkJ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=sKoXcd4QY9I&uach_m=[UACH]&ase=2&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 44C5
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzu0Rv_ZZKGtBZml9fgPrJ2S4AWwpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBKoCT9BOwGBScKGMa21sHKeDxxWeWz4rdLQ0...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%2...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228630331868034220673%22}&andc=true
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9056396149430539393","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"8630331868034220673"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 10:17:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9056396149430539393","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"8630331868034220673"}&andc=true
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame D9C1
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
187342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 823B
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:12 GMT
age
433051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:11 GMT
age
433052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 12 Aug 2023 03:23:10 GMT
age
197673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 11 Aug 2024 03:23:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:11 GMT
age
433052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 823B
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Aug 2023 10:00:12 GMT
age
433051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Aug 2024 10:00:12 GMT
css
fonts.googleapis.com/ Frame 823B
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:48:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 823B
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
45429
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 14 Aug 2023 21:40:34 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 823B
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:26:59 GMT
x-content-type-options
nosniff
server
cafe
age
46244
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 14 Aug 2023 21:26:59 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
298 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTcyOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr5akmuzbXYjTe%2FTGP1k3nhAcFdhOrNOTBh0%2BFa2TV3W1NwB2x69Z4B6GuIfMs%2Fbol3noZycluYfCjjTfXtO%2B2TrvXDmXqJ2l6wgpVozdS43xgI%2BpqTptBGSpPQ2t4KbfTCcFzENQjQubBsZwRGC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731c08c49a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
Reflections.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Reflections.png?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11601
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
Shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Shadow.png?1671344294922
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15370
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1A8D
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYY...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%2...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22332521374725464433%22}&andc=true
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9136109555235701958","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"332521374725464433"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 10:17:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9136109555235701958","debug_reporting":true,"destination":"https://3d-circuits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["444663660"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"332521374725464433"}&andc=true
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpbuLRv_ZZKm3Bdie9fgP-6Gi4A-wpZeYcvPJ7JDmELCQHxABIKXM12pgleKQgqAHoAHsjoTUAcgBCakCKYwbnksjsz7gAgCoAwHIA0iqBLACT9BiANPq468ztssBV9QepjNpj6ZxpGYYoZ7REI_auNeactb9pIqfJOSMxm5JVQF2An9lb6ku-TllcS5UgTy4Emz7kWMOourZOxRjhqkPsee9wXxWNLE1-Zzpobcz6g_MY8_kTBA-I1rjdGauhhpx5bGxLmK1W4HuvJPSUbIfTTvSa88MSb8IcAPmAD0Ffd-cKX-6SYe1mETHZhj8lmzeoHgHXUkEnKkhb3HwAeoWQyWjVWrS-XK5t_5s66s5VSdQCfxZmV-lTtoyryP2ezCLlohhMVxL-JY9hQTZ-5sLnfnpdOaVMe5Z-G3UCfaaW2EK40rKL4-VQ6x7OQGIRc6apzNYiGHn8RfcfqDdwYyamjv0sKnJ2D-6ZuXk4tyV53lWiLM4UndXRV2aOHa1JOT53MAE3sr7vokE4AQBkgUECAQYAZIFBAgFGASgBi6AB_zw-6sCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8AC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vM2QtY2lyY3VpdHMuY29tL2VuLzNkLW1pZC8_R0ROMDGACgPICwGiDAgqBgoEw7CxAtgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=iGmDqDBh9YY&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/9475812989225975413/ Frame 823B
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9475812989225975413/14763004658117789537?w=400&h=209
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cc95ac2a5f05d0dc555fece0ff68b373fdabafdef7c37b3dbe7ec24d795309f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 08:00:58 GMT
x-content-type-options
nosniff
age
181005
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20197
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 17:09:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Aug 2024 08:00:58 GMT
truncated
/ Frame 823B
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 823B
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03dc8844bc7e372b67d32f1475a1aa0fe6a3c875d441062059bc2190cfe9eca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
army.gif
sunnewsonline.com/porpoiseant/
0
263 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJmMDlkNGZlZjM4MTYxYTI3ZDAyOGNmZjZlZWJmNDNhYSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNiwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA1MjcxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ5MDUyNzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To3DS54PmT9xQuUQsvGgcPeOjNqbQyFU%2FFZSbYW4UhMiqEfFlQ8W857ym8VvhILrc3l%2F8%2BSIsz4sg9g1xuzDCaHO7zEKTtNBsYDlYKNaWEz23s3NnmD%2BnJ583iJDv6BMFTgNuYft%2BnUQCVQoGfHk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731c18e69a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
4974905271
go.ezodn.com/dac/
0
570 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974905271
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 09:27:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=expMo09yVSwR4l1WIa5ADpGsagaHdSCu2GIbTC5ZQro8X6i8rKjo3n98llJKYtHFnhiq6gPp2tpbbi4TQQYANe7GKaT7gFnmRTh1OSboMgHOg%2FBLSBvc5s8FFbxd9VrYTGfXeRiQ7XoPPKI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f68731c18bd8ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
264 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDP7F19Betig06JF1E9Kqk98XW2FIjHYAoW%2FUXnS7uG%2F4K7QW2EcKjQbw3x8G5R5v7ycAxFiflhcba3DZZCJgXfbQIItC5xH09ZsrdC%2FZo2fQIGBH%2BtT0hk3n68KzwyZfITTpX8LK7P7ekxEX%2Bvh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731c18eb9a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
423 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjYzLCJhZF9wb3NpdGlvbiI6MTAwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6NiwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6OTIxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0OTA1MjcxfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXI4dKC2YrJxVDPYtI2OsuAcgKUZ5D55GjhAhCMRw9%2BeJunCOPF13Edt2%2F47qFPEe%2FZ2KbOmBV626AjzsJb1jRgIoSg5%2Bj19wb46zc%2BbSYsKfEPahP0w1qcx8jE6qYmLjA4ScqoQYG4Sb68bFSKx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731c18ed9a05-FRA
expires
Sun, 13 Aug 2023 10:17:42 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
262 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTc5NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnxGPzFOtizoEF7NYYJHt0eyUpj7orwNwxAW%2FZ5qMD224dK1ihHUjxdnlPOIRE9RXaWX%2F3eN1I5aaB1MHpzbGwEnXuy2QVtRsawoza%2BhSOES9rGHGyC3cPvpkvYNeVkwyAgcKwDawnRcyHnSql%2BH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731c69459a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229056396149430539393%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228630331868034220673%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Shadow.png?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15370
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 823B
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 17:26:14 GMT
x-content-type-options
nosniff
age
492689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 823B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
389367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
Table.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
30 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Table.png?1671344294922
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30764
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
462 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=5&ws=1600x1200&v=23.725.1446&t=15000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A450%2C%22id%22%3A%22Outstream2%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
R3HPY5EXBT65SVW7AV3V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
9etefH_HyrJFLPQl0dJ_HLefXfhF23ZFoNS7ZRtisfwOD-LghZF4mQ==
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136109555235701958%22,%22debug_reporting%22:true,%22destination%22:%22https://3d-circuits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22444663660%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22332521374725464433%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Table.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
30 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Table.png?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30764
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
Track.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame FB40
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Track.png?1671344294922
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18531
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
greenoaks.gif
sunnewsonline.com/detroitchicago/
0
259 B
Ping
General
Full URL
https://sunnewsonline.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt7aVT7VcdYWZN85%2FROg6HYdiwMuF2yEUV3uR0OlA2NvlGoMkLKNbZA2TSFGbgfsLHWvkaZxld8ZSNtfONLpGYW9FFnNtwUsBOnfeXjTWLAdFBkOhQgcXM2uYElunkrUiR21tupZPOwf4pPMb48%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731d0a0c9a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
tag.min.js
get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/
18 KB
6 KB
Script
General
Full URL
https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
SHNpl_8wt2p1PJfKLDG5Nc7BxQDTckiK
content-encoding
gzip
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 03:17:36 GMT
last-modified
Wed, 19 Oct 2022 18:09:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
25208
x-amz-server-side-encryption
AES256
etag
W/"32d4340999995f7e75434869149ee50c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
u5It02nPylW8h7GUBcmut_ZQ1TvhO8DIeVMmIeSFr9fJ5ieexO3KsQ==
Track.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/ Frame D9C1
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6696507267946422850/images/Track.png?1671344294922
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 04:32:03 GMT
x-content-type-options
nosniff
age
20740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18531
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:23:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 04:32:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 823B
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTuDYRv_ZZI2FI5mGlgSHioWoDfKV2-tu2a_ftugNmeuIlBUQASClzNdqYJXikIKgB6AB4JOrlwPIAQmpAqg9X-FuXrI-4AIAqAMByAMKqgSnAk_Q7TfqTisU8UPGO_Wa-dMRdhT0nx4zrvYFOQc1xU0MyMlaAblybYSkwbfkMPF5F1Jy2FI6aGW_j1pKj6d_u9o3gx6Q31fDU6cTpcCc9SI8sUHhJE2ZyXV2LI-iLAMKwD_xzPcRNQeTlsQMCRPsH_AwQJwvkig2iq-Z-stU0zKquTPGxuESd8LSebBKjObRGtBG0VbuXAMfqlz9fwddZPJ9SgEtfw30bM6j8xParawDNkDougmzYE9glI0_bMFOm5tPnUNkLcGFt0h12rQQy0y56dmVdik-tgT_Slxfn9FuVcTdPRWhZZf2fInR22PPJUie-I1Gysg9i5dyoIxFdFca1pJhe6wb5AgAxH65m63MtaGKrj1TK8fHBGCj4BtRVJfyOI9gOuvABPuXgJa3AeAEAaAGLoAHiOzUaKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMfcA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbWJpcGFjay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTA9AVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=dTJZXlRNrKY&uach_m=[]&ase=2&cid=CAQSSwBpAlJWkCoPH2eXJzikbRazndM2xR-AxS27ulVfPwv975GndPyixXnp_KxNBRMDjWi0XjPhQ3MO9ivZYse6vsAAAJgfCkMSgl-8BhgB&template_id=5000&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

/
onetag-geo.s-onetag.com/
555 B
963 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
613f346e-c755-484d-ab06-728c6d282342
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
JpTTOETJCYcFh7Q=
content-length
555
x-amz-cf-id
DkEl2b86Zw-VekUwVc0cXm5qRG1hqhVk2jmDErRpz7eTC6Lrqn1Tlw==
beacon.min.js
signal-beacon.s-onetag.com/
22 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 06:08:57 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
14927
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
GbAeCopvqyBo7zS2iIJPOhr-hTau2uK8YX9zCZE3rNVM79UtRuvo8A==
/
onetag-geo.s-onetag.com/
555 B
962 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
613f346e-c755-484d-ab06-728c6d282342
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
JpTTOETJCYcFh7Q=
content-length
555
x-amz-cf-id
PBdhDoyOK-uuW9-9aC4Z84C2K3OIJpcCxk4BK_hqLeCfADGFvAUIFw==
army.gif
sunnewsonline.com/porpoiseant/
0
261 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6%2FdM%2FcOd7exHBBEMY8ufkgeXoPY7vBYaoOsQ0gxvJDApglBhqceb%2BX%2FRe6iD8uIhx8ihjg14iMG7F2F%2FZUiIAwcuCufKkpeuP7kBpx2PyQzI6Qaab7AYV71oObw3odGShhc9MQ1zJVABXEgifwC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68731ecc9e9a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0FCD
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse5VxOqzTIAiov6_Smtk5PNm66iYrWd62nT_BFO7VO7czUCtKXWQTT4uwonZYAk1i2FhoFJPwsohZrKwLUL--5g3w5KTVlztlp4jmFNr4NbqY0uozMXoVCbQ5BsiH3Z3OyuqVTexWDesoc&sai=AMfl-YSwUbPK785BNUyhcO_hpRsI_UpP8zbFZEql6sKRGeb28jEcm-tszyWr_tWRNpoahEymff419o85u7YxajR1mLeCO_KYFFKaoEfFqXg-Sn0ltpDclGOEZLW5-8vz60dPzUZWjC5ZKVFNh1dZ&sig=Cg0ArKJSzB8oUcETUWtSEAE&cid=CAQSSwBpAlJWmklCxWJYoQ6QY0ga1CwkoJe9yg1ZQLmmHwy1K5031YjW16x32RkOPXPsV1hKCTACuc56333MsG-AYmk91kDCX2ZTf6iKgBgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=358&tls=1358&g=100&h=100&tt=1358&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
293 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzgxODM2Njc4MzM2ODQ0IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzgxODM2Njc4MzM2ODQ0IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq7kHKHIptjXwLPn%2BnrAt9GeTlKU86EVwy%2B2UAPUH8sDWNPJXeqTQf4LgcX%2BZU45E0LoE%2FhuUBcx%2FyDvZik7qPh1nKMBDTGakDJpQOFeEdkYCY7SWXf%2Fxl64Cy040U5MImhE9%2BLumhA%2FCZGTnoz5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687321987c9a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44C5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPy-Y-GiL-wEPWn5rxHu-6xMVW84NoYziYK7kbUAcgaToTuUCreOtl36LTZv5hiLAEEh_MBSV38FwTgnyLvFszCeWis4L4nFhUtsJE0pQIST0rI0tMlXsKIIN5ZSLCTPb9pkrRrgxsEb_K&sai=AMfl-YT1femCCy7w4drydKPRJTRHlmk7Dmt_xJKEGaX3HP25csw7J1UjPFRwVQJwb5_2kEe9D9cFBc3HSZSfd0RdCPBxQ9eRKRyM9qmLH_5VDg&sig=Cg0ArKJSzGlqW5TWdL-5EAE&cid=CAQSLgBpAlJWtPXtmLhmAUj72OESQ0GEq_hHcTQpkUooA56Tu7B_IlpMzI3T33W2Oq4YAQ&id=lidar2&mcvt=1000&p=302,0,902,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1493151707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008262512&rpt=414&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A8D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueo_g9FyWv_LfzHX5jCeQqZeslG5v5tCg7IH3AkPMZv1prj-7Bt8YAqh0FDpCBT23OFPCCYzXVJqB2xgklQq8l70XcNBls95_ZyudsbjBAqhNnem29qN7fricrWGy-X0jM6uYZLYDwJckx&sai=AMfl-YSFhyiOZ0-376u6MVjuAMN1grvCqRB_2mjgYDLInXM7nqE7DGx1LG0WicuqnFDdl0pymDkjyb5xPeWWN5AyLIZ8YP3XKvfy80rm9jBsn82vu60viSfOwrx6CrHtq-v1r0HCOfh-TfuXYy_kFw&sig=Cg0ArKJSzF10sgaPgpCMEAE&cid=CAQSTABpAlJW3UHiHYtGGL_1hHtXVdYRcoqGjof6-9SK_UHq__m9jVXbG-UNGOA0PmLjoqWd06p731TnmOcIIeVWyG_7GMALAEwQuz71ZJMYAQ&id=lidar2&mcvt=1000&p=302,1440,902,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=990695581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008262547&rpt=444&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
285 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4F4ciYR2SpLM51D4sTrm1PLw8JPbMRlWni9QMng7V%2BE0GT9OZRLqaLHcfvU0b4mPkI6X6fZtMZk5ChrrZjUijvono4tIIG%2FQcuIrEjw7bBYa9YSAA709DznLDr%2FkMNDD374CRDK46QlntVMP75%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732229139a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
263 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDM5OTE1NzU4MzQxNjQ2IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLiOCI1TC2qXmJgr6%2BEi%2FV1Lvb38rSAiDeTT3Kp1M95DRL2SQswhBA6P8PgV1CZHvEdNM0rXuC5ErDH3kKCn0gaI1Hz0FgzPz0G%2FZTfefjqv9kLHXDQJoe%2BF14mP9Hjlvpm8J9as%2FrD1y5lqHGIh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732249319a05-FRA
expires
Sun, 13 Aug 2023 10:17:43 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
420 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZs5nG151NYu21UfWYdCFVH0BkqBOCC7eiZRMH0DXgfwC%2B0CT7v65FVmxHJ1zy8v5SzUAgazipP8TIPrknnnO155QUBq%2B%2BHMRyfsb69aD26W1Gac4n6jd9LAmVkjPvMLrd30tfjEJ09KKv1vIoM0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687322594d9a05-FRA
expires
Sun, 13 Aug 2023 10:17:44 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
294 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imHJ1GeqTa%2BORXkmjxnoijIKhSfzPjczyTf1H99NXtRAoJUF3dhc9cdurrHLJvYyiHU10woKDs8UZ0rH16PLQpzdLbvJpzcFo%2BBNKbLBhuVlNIyiSN%2BdF5Wur2vmCmEAGqznCo29MoZyouOcScqZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687322594f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:44 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
259 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzEwNzc3NzA1ODQxNTEyMSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3MTA3Nzc3MDU4NDE1MTIxIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZqW89m6Nf11Qw5QKFKW%2FNWYvonLqkrGbI4IKnaM27v96yZ7s5uEpKWbTHeEIcT9zcJwyBf7VZ%2F6DKqcX4nrxcBuaCVNhrNwRZ4BoOom2nXy4xpsOPSMlprhl5NB8oXQs05NOmr0jmRSXPKkGqN3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732259559a05-FRA
expires
Sun, 13 Aug 2023 10:17:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 823B
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHyqYKGNAqCki0ifGT54xGeuaPBQFokCvmUjJ6UBmmFIJFbHbAq1JPaTkg8as3yPDtcRypq9mwk1Ej6OZFef8CP-heDOfdfWJrVa0Yn3mxBomN3e36lBtWBe9VGl2SlO_qEgdp7UCtcm8hkjKiciClrrW6B-E4M32Weq3R-X_rb3eWcTP_FZtc2VWsSYpq8rf76jsi9mi-VeSEwehosOoORPtzmO25xxagbQ7yfWVO0sSeWmbpX6U2DiyYWFSnVkgXBO-KbkVLHei7IacOGjmM39F1Vj0d2W9NApY8oK-Rimk2ofXNUVcQ8QS4Swe8EELBpeVUQeUJsiyOQD-NaiMuyjBwfR1MVJKKQk7i-9w_0OMzUHQo79QrkSbl0UAhKZYkwpP4Gh7UCOdDU0Cnbkx1iixUjCSorgGXEPaFD5g3-oksg_lQ1ybwD5mRGKZ--cBxgeoeB9BnjzYF8QxDYL5BvKNf2xmL75LjXaDgJBhbQZtTMUREg-dZzk3XNzPkFPen61Iy7hG6DjgFPA0vRDyYNuqdiXwuHc7WFoWkE0u3teCels3mjGcIhY4L0uuqk1TLAz2aUv6GgER9aG4uruUxkxnteXBjxosGTH5KaKoR3PXGiUPtyZvkHeK-PeiAJNUgdmzvrqkvJSM2YLVIXVOLmA_Vr8HljgdSrAh98Lvd0PjTsMUMbYrkAZmfcyAKCFX3YqyR_IOh14vcAMaqCelzYRCViB-PoqzpH86UjsdgYBw896zRiFtQ7HMAJKs_77lK0-N7_OW7YQ1TimJmGl_sXa5Og8Kb2kpUxZZoi5yzKmkKdQegFOgfD5HbISaH9h-7I_R61u4fLdS9z6Llya5fhcP9vrrYb8LCHztDaK9YpN03zdQt9qxv4Nj790o_GRsLOK-TMAKPEwyK9tnCXzXVXUXaa8Bjkx5QOr5dWrYnlDBv34OHcY7Vcp-8JU2-1hzITYpqX4DxVWKgLamkCdd45QKxs08RssQPViKf0kTzrxJ9n_GP_bExsJuTDPZLGi9vfB_rmdCout1A0_7slZJFBFp79JvvNTCkawQvuJx8nHDiMdyz7K65TWnB9HXriE2K0ZopuMJl-dM61_noV6NeSLWUDiJj_Zgl1qeqkNa608TkTxUpnLtYJ21Y6lMC4vI7cykGBVvJYqRstyJ2rKbw-wGMXi3ASCPBQq317JwI0jzsJWbML1pNhHN0RxiKSNkk8KLgcXe7LQ3s3xNeQOWFqFmJ7Q&sai=AMfl-YTCPCuBsF1qm7ZrjFg9PKcxG7haDpjUgPgxEX6Y9hUO3cB3MUHKNKN8UiABT_q15q62B62E8o6DDDuw37rPl0Owuj2oWRvP4f5aWbJaGCPR7iZ4XG3soCrwrn9GRigBScvzfbz_e1fJigX3410Gi-6HGegUfn9v2A&sig=Cg0ArKJSzIIo5Y-Od8mOEAE&cid=CAQSSwBpAlJWkCoPH2eXJzikbRazndM2xR-AxS27ulVfPwv975GndPyixXnp_KxNBRMDjWi0XjPhQ3MO9ivZYse6vsAAAJgfCkMSgl-8BhgB&id=ampim&o=1170,184&d=250,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=228&tls=1228&g=100&h=100&tt=1228&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/
0
0

vpp.gif
sunnewsonline.com/detroitchicago/
43 B
397 B
Image
General
Full URL
https://sunnewsonline.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F%22%2C%22pageview_id%22%3A%2250ad158f-9397-42d6-6322-c1458cac3fbf%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A494158%2C%22media_src%22%3A%22%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Aug 2023 10:17:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XyiIYinHNFu9EiBhuaJ5tJiCUX2EXc7e4wL7Wmj2Muec6SNxl%2BxwwdrlZdpeEm0y6JYyw4bBBOq0qZ1nuJGmTATr7QvJUosD2o6sgLv7y0nVISix8MFLhgqb%2Br0JCIHyl1WjCElGhn1KDpxtfRC"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7f6873251df59a05-FRA
content-length
43
expires
Sun, 13 Aug 2023 10:17:47 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
260 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsyNTAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k%2FMLC1fqgEsdnLE5V8NJC2IFY7fgqF8BUHwvjBJMHXAClgN3vKpcwX63eqvNZ4uaByDzQBQU8k1%2BKneps0F4aVPKB6PBa9IpbJWssNM8n3Z1z%2BO5KdyFrAEts7KuilgBtX80JyDNy5rLB6AL9sQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873255e489a05-FRA
expires
Sun, 13 Aug 2023 10:17:44 GMT
ads
securepubads.g.doubleclick.net/gampad/
168 KB
49 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=2957142219926825&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&didk=2484510054&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265086&lmt=1691998252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&dlt=1692008261284&idt=419&prev_scp=bvr%3D0%26ap%3D9999%26reft%3Dn%26avc%3D100%26ga%3D5302779%26bra%3Dmod1-c%26al%3D1006%26ic%3D2%26ezoic%3D1%26eb_br%3Dzero%26tap%3Dsunnewsonline_com-pixel1-4033684138378932%26d%3D494158%26br1%3D0%26br2%3D100%26iid1%3D4033684138378932%26lb%3D160%26at%3Dbf%26ss38%3D1%26ss9%3D1&adks=1275092040
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
286eb2dfdf1c0eb9501552e21ee1634e9513501bb80328ad67d9ce007e9f3211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50458
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
140 KB
50 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=1587830402806144&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&didk=2986461563&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265093&lmt=1691998252&adxs=381&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=746x90&msz=728x90&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&cbidsp=CmoIARIRCgNhbXgQ8gMgAjgCUgNhbXgSFwoGb25ldGFnEPIDIAI4AlIGb25ldGFnGAIiJDA4YzNlMDc2LTRiNzgtNGIwZC1hM2QzLTdlMWY5YmVmZWFkNCoECAMgADIHdjcuMzkuMED6AUoA&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1904956736383823%26eid%3D1904956736383823%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dsunnewsonline_com-box-3-1904956736383823%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%2C9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D6%26reqt%3D1692008265076&adks=1905174598
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aaba30f4e01b26d401ec15b0434295e8d9704363067aeae067cecec1070d2e3
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIr85_z124ADFYNRHQkdo8gHOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8742889927508434617/728x90/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIr85_z124ADFYNRHQkdo8gHOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/8742889927508434617/728x90/index.html
date
Mon, 14 Aug 2023 10:17:45 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50943
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
38 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3164377482340889&correlator=4120316588790327&eid=31076923%2C31076936&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22890767690%2Csunnewsonline_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=11&didk=2986460386&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&abxe=1&dt=1692008265097&lmt=1691998252&adxs=152&adys=-76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=302229331.1692008262&ga_sid=1692008262&ga_hid=958966010&ga_fc=true&cbidsp=CmoIARIRCgNhbXgQ8gMgAjgCUgNhbXgSFwoGb25ldGFnEPIDIAI4AlIGb25ldGFnGAIiJDVkODcwZTcyLTQyM2UtNDkxMS1iYTdmLWYwZDVjOWM2ZTMzMioECAMgADIHdjcuMzkuMED6AUoA&dlt=1692008261284&idt=419&prev_scp=a%3D%257C0%257C%26iid1%3D1605142702403209%26eid%3D1605142702403209%26t%3D134%26d%3D494158%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dsunnewsonline_com-box-2-1605142702403209%26eb_br%3D063a7705d5a9d51bc46e0a87fba28a89%2C9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%2C10061%26bv%3D16%26bvm%3D0%26bvr%3D6%26avc%3D47%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1428%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4276%2C4604%2C4605%2C5747%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D6%26reqt%3D1692008265087&adks=1280361889
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e413ba64dd1ffdef501fce63182552cec4740604ab9bb697303204a79a2902f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16127
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67E4
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
sunnewsonline.com/porpoiseant/
0
282 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIwNjNhNzcwNWQ1YTlkNTFiYzQ2ZTBhODdmYmEyOGE4OSw5YzNlNGVlOGVhZTdmMTQzM2NiMmZlNjliMTMyNjYwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDAwNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ5MDM1MDEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3Vgb6CHIpX3SLOPGNK6nJ3lhb7ARWR6hLyitmFr64jlzW2CdKwGKyePY2yeAcJV4y%2FPrwhz6r5bzBtA2BDHmQUretcyJ8EK4vL%2FYjp4IRprWm%2B6CEjGbCB825uzjIWgDcL22uNaJk5Nq8YeP261"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732adec99a05-FRA
expires
Sun, 13 Aug 2023 10:17:46 GMT
4974903501
go.ezodn.com/dac/
0
578 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974903501
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 10:10:07 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32lhrOaUeDI7xJv893FwbvrdAHxEPOlg%2BXgPiowCV4cjqFc8ubEGrXz%2BZvFyYj5n1ysdS6EYGMEJ5oVfEubkP%2FpCJHCwKGhCaXUk5Ych9pvqKCaRB3lmcRbnSFO17wpvCFKe2aEvYC2hCCc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f68732ad89d8ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
311 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCyGY5WdHZ1eqkbzyqR6jLULo%2B3%2BCAY0IqBk9SRkq0eQGxXuvGp83wc%2Bl%2FxpwbeBEdaRUwKmhENzQxhelmYV6EiCjjlB30c6gwl6ieQ%2FGVYaOuJmJtSpbqf7%2FSWk8BxDK9pzuJl6ROSPKfeSEyJf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732adecb9a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
260 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY1LCJhZF9wb3NpdGlvbiI6MTkwMCwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6NiwiYmlkX2Zsb29yX2ZpbGxlZCI6NCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzA1LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SXAolalx4gD9n%2BJsyXVOsI0FhSYCvjLkadaVVWENKQntmAxsqIIqnIRmZenGcatHwNkoRDDYsXqvxd6r5rWlAoyZBvnpblJryyoQebKmD3yef03XbAjTzLD6i%2BLACqCNQNaFeLsXC%2BRSuejXtWW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732adecc9a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame DB9B
139 KB
48 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a92be692159a60cd21ae2433e35968793165ac283b9f2e1ab11dcdb60cb9c7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rJmUDvvJxnxh3FlwjuipSUjl6W3omwdjdRBdyg5dpy2RyYZ4VIg1xQuu2Js9fjgqIQFkg7X2SJ7hGrR501Ni0l2DdIhptZOcJ_0YEMi1ybCdknbPVEqbD9sZZNYVVBJHO_Wu2y2tTN3YMzLxDmcrZ06Fx2nRwP6Td1lozUmwVQhsnqy9nJqe2w8cPnxIdprNdmfkqvXgEP7EKlsO5xi2tdQ5Y3N7I7ulqDKMafoJxwGyijmMTEr0Wy8-hHpBIvk5tEfFwA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
45615841
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 67E4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:49:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8D64
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 67E4
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
l
www.google.com/ads/measurement/ Frame 67E4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1RX20Qi42WP0zaPGFM3jG1F7Jg4HGsxF3yHj9VofgxsMURB1hO_23QZHysgyfObaY0gVpt-flp-Y_CrGqEX-BwsxQog
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 67E4
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
44608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Aug 2024 21:54:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67E4
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:45 GMT
truncated
/ Frame 67E4
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
996f6cb7c72eb4dcd0e008a3f3c7c21f637a168b0fe7d14a11900f088e0f8e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 8D64
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_cver=1&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxT...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECFy-O3Tv5c80SqXDgAI_pk&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 10:17:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRPQxks50WdS_XycohfQlVBDSZfB7WC8ShlE5JGXgDDFYrDOiovMzOwmOKS5o6RFcnsE-dBnKVHWymxTveZBAN69LDDaUMxdNmUEDjVAMw3GaSbf3MQfw5qFAt4SM1zdfPwUE2v2uY&google_hm=SWs3NThYcUs1cGNibm5sME81RFk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D64
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGfwQ0l4_BYkXerL6nvLLO4&google_cver=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrd...
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 10:17:45 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&mn_hm=MzM1MDA5ODY1OTEwODkzNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR-gm83nRb4nDrk_M0s6GDGjrdKEkwmM9dS-cj-lhxUy9-r66Gr_TZUdMQQTJydGA59ibFpnajYYCMZ-CXcx9g9uqZ65fRyAWP_6AHeWpbZBbhtXUJ-6IaMLTxqtY_2TLEiEepC5A&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 14 Aug 2023 10:17:45 GMT
/
cc.adingo.jp/adx/push/ Frame 8D64
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEDqGehgHo83xbyHrQ24gfpU&google_cver=1&google_push=AXcoOmTCHG9tU-SUo2h1cc9e2_VKHleL58mm7-SB5jJpY_FXDdeIyDkSB-gLLQiK6QEpXfM7RY3uy0iuYFxwJkPrFpTBIxFsK1oyrhjDLMygX7LCORkr3dpKf_JWEKZ2z_6-bmzo7Pa0-FE
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.27.67 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-27-67.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
server
awselb/2.0
sync
ups.analytics.yahoo.com/ups/58281/ Frame 8D64
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKWzrYNS4lQCvKlRP-MU5Qk&google_cver=1&google_push=AXcoOmQZCz2rPk5BJaQoyBn5ptI2tTW2ekbYg7JKry_jpcEgMGSHDYkh3LXzLPaqBEqDkZvolaXSKv_WpSV_wSGPyzGg5BxdXm60nGbBost9GQsFtr-oyiso6c9NTIatL9Vf50EHmXX_drwT
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/E4rooAtA/ Frame 8D64
0
35 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAMD0xSSernMS2log6YmLWc&google_cver=1&google_push=AXcoOmSHpXVNkmq6yvHb05jO5JbNfVG9EyGAyOvrwBIqmlAPlA_Jk-5nctfo_FBnURQD1Izo65dByWe1jTs4JvW3CfefQmRUk68HUM60IuaXA2ZeBu2td0QmnurKq5CxDoftDVuSZfNDH4Y
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.132.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-132-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
/
onetag-sys.com/match/ Frame 8D64
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQo4aXshV0dHamZnUFDmjmFhmOz23mEooBGU9FyWOiqqVW_fpFI3dlCMdCyKbxkQPk_Shf0LKYXisQPz9vlIgZqu57zFUrOH9lI1blJcsjWwnonfjkQ...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 8D64
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEsM-8rEVM8b3aQ5kcP78S4&google_cver=1&google_push=AXcoOmQZ4TNLXsBgmdnd7d4URaZ3kzWANtc9Z5gq5_LegXXSVYxQWPzlJZrwUNW1Qlxq9RtHRZwyHhTQFZwpiZktC9rNVJHoyHvluU2mYShHNRd_QXeDn9yDzRN7nnltNst2HynzHvMXycrC
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 8D64
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7eDaBdDDBIMLhGIhzcwgJVtG4EfLLmFiyrPssqjRUWyZDNDtPdQej2dpt6UpwmHPqTp_XEh8sqg
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 67E4
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAa6sSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS1Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPxUsdvls5ciTz0j6PdotkF1T7IoZLJ3a9Qtx8s3Sw3FajkFnXRHeeAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTAyMDgzMjg1MzAyNzc5GO_RbQ&sigh=HZGTfn8utOs&uach_m=[UACH]&cid=CAQSOwBpAlJWB_q11-I8i9lZhCFr5WD_8H0tMYZPW2Gt3j3n-0xMUbx8HLJ2I5BG50p6l9cZg90SKSWLRpuJGAE&cbvp=2&vis=1
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 67E4
0
126 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EOv_CsoH-gGdg2ICAgAAAGp7O3ahItx6EEj_2WQw1BYJfsySXKmtAAASAAAKCkFRVUJEd0VCRHc&wp=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&cbvp=2
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148428
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame DB9B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DB9B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DB9B
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 08 Aug 2024 10:17:45 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DB9B
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 08 Aug 2024 10:17:45 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame DB9B
43 B
348 B
Image
General
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=msnSS4Ty4VFAMzisviB6BuIPbblhzwX9iiW0MItv7-PuScHMYrGczJUuSFoQ4ykoeNEL3rdKbhrzz2NTHWq8gAijXaKjLqvvfd_l2mwrGKj9Lq18IhCivWYRO_1YcGuCEJv7b6GXvWUgEz0lOvnhBHbub4kSHtmJXMG-JDD38EJZtm4JkD3QH2p9wNuSm7IKsrky7_qnfRfbGu5JbyGFM1j4h9SAlePPrTPcI3b6grZoMKi1hRA2oHOvaLFBathyQlkp1X7vyATf52xOrFUFBL6JzsL7mtTDpK5Fkf014rOk8Y6p2Kvz-hluBrz-HOuJ207cJTcN5XMFsn0KpsXM2tT1jYfHZDnmjdOWqDYA7Yoo51e2y9wDfcQA6N08kz_-XuQIccfWgoMXa4Co_M0q4KuJelO3cL6hKWwm2o4LFast3hMEqvDwdjckQiLIjWxDaXspERb9xP0-FdcYBi5xlcnzA8MoywT2-JHT9i5qNfRSLGW8eiya67_fYT6ccr27_5RGbFYhf8DJwEltb0asilh6dYg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2313423
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DB9B
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
404904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SalZIFMiaerS4Mwu99FLr%2F%2FkprOHyN694L5ZTsg12vg1se%2BA8BmiCrHyY%2BR0ONDJnH4yCidyEmRAWPXENC1LDgo2MuksBItEuZEZ3p6jRoRyAOKG9WyIAgEvYPBHkb53IZuVQsvWQUrIcalj48CpKbK4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f68732bbc95920e-FRA
expires
Sat, 03 Aug 2024 10:17:45 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame DB9B
46 KB
46 KB
Font
General
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame DB9B
38 KB
38 KB
Font
General
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
animejs.js
static.criteo.net/animejs/ Frame DB9B
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
7 KB
8 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=356&s=yOLdXwaCMkcxaq_rOXtE0yBw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9dc07161decfae4c07e5e99d3633bc19dff5757aaa09610cca838aa657806d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
7636
expires
Tue, 30 Jul 2024 03:15:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
32 KB
32 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837267%2Fd2f99b26a5134d288032a3a72fddcdbe_img_horizontal_1.jpg&v=3&w=1200&s=sk1ojweIacrKNqxUEUB-M-bU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
33034
expires
Mon, 05 Aug 2024 07:44:11 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
26 KB
27 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22260635-7adsE4KX.jpg&v=3&w=400&s=WVZjV4m8revebR3sozjJV66z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1ad352a0e77efa7a61e986d8962eb4e52566a40da7625fb409c0106ffdb9fdd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
26964
expires
Tue, 15 Aug 2023 02:53:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
361 B
551 B
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=DhGSqk--HTA2FgdhSuA8CMfm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
361
expires
Thu, 01 Aug 2024 20:09:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
3 KB
3 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23085056-ytni4k28.jpg&v=3&w=400&s=lOuIbfHVQDqDte3NizZ80lWy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
81d987b56fbf0398e43894d6e7e13a56c6b5bf6eb5f511377d2cec956469fadf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
2946
expires
Thu, 17 Aug 2023 14:30:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
1 KB
2 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=DAuhO2VZsOVWSNtKtkvA_rLO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
1366
expires
Thu, 01 Aug 2024 18:38:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
311 B
501 B
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=hCw2w88S8ZJ6SetJTMIWstBG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
311
expires
Wed, 31 Jul 2024 13:59:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame DB9B
12 KB
13 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23124921-Zs3dUJU2.jpg&v=3&w=400&s=SkLbQi2LtN1TbUbgfJBvmpeQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6bf3cefb40d063a294cb2ab53d0484e1baa70713c0de168812eca71817a86090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
12638
expires
Sat, 19 Aug 2023 16:25:19 GMT
all
csm.eu.criteo.net/ Frame DB9B
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rJmUDvvJxnxh3FlwjuipSUjl6W3omwdjdRBdyg5dpy2RyYZ4VIg1xQuu2Js9fjgqIQFkg7X2SJ7hGrR501Ni0l2DdIhptZOcJ_0YEMi1ybCdknbPVEqbD9sZZNYVVBJHO_Wu2y2tTN3YMzLxDmcrZ06Fx2nRwP6Td1lozUmwVQhsnqy9nJqe2w8cPnxIdprNdmfkqvXgEP7EKlsO5xi2tdQ5Y3N7I7ulqDKMafoJxwGyijmMTEr0Wy8-hHpBIvk5tEfFwA&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 10:17:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DB9B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DB9B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:17:45 GMT
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 816D
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31F5
6 KB
3 KB
Document
General
Full URL
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:42 GMT
expires
Tue, 13 Aug 2024 10:17:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
sunnewsonline.com/porpoiseant/
0
261 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIwNjNhNzcwNWQ1YTlkNTFiYzQ2ZTBhODdmYmEyOGE4OSw5YzNlNGVlOGVhZTdmMTQzM2NiMmZlNjliMTMyNjYwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDAwNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4OTA2MTEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIcykGESYfu6xODRrJEEZDbNVm3tpOQQ4nfRDfZAGD4uPKhXpMvDd3fqNT5U0Cc58oKLTXWZWCKzx1d5hwarXHEyAS9g4bzhCJ1d8X46eENnY0DNj%2FtzmCYiKjOC6AAJM7965WMdmY8%2BZUlCJrej"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732ca92f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:44 GMT
4974890611
go.ezodn.com/dac/
0
577 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974890611
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1925
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 09:37:15 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNGpusIWmCPddrMpbtiR%2F6pxrLaxftcPvf7tRK6OesEaSoRMjKCgiKf5OKbzHT15TTbGa6CX9bnuTi0%2BfPOEwvlmJafi1AQtj3BP%2FAa1ZtyN1INTsEuwFon50x2Z1L0JytyBiII3OwhQMlU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f68732caaa68ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
310 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA4LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKQH6E%2Bxuck6KG%2FaX2yyopz5gQge1kEuExAlzYaXNxJ56LD4u%2BqPFZpSt%2FkClgt3bL%2BmS%2FsX7t9%2BEmMdCcZKwqY5%2FL8vfnqQQ%2FhTylz%2BwA7liZnMK0rUS4FI9%2B68r8Ar6XHdOoAHdWIH1%2FCozGfC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732ca9369a05-FRA
expires
Sun, 13 Aug 2023 10:17:48 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
308 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY2LCJhZF9wb3NpdGlvbiI6MTkwMSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjo2LCJiaWRfZmxvb3JfcHJldiI6NiwiYmlkX2Zsb29yX2ZpbGxlZCI6NCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTI4LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn5Vq8aoULt%2Fyb%2BMVEQbjSPDq80brd74eY6sacV4F18m8c2V%2BAzgUnqttqn0y9o%2F8QrAsO7icZnJ934zha57z3JJXbmjhBQr88lbqFaSYb5hZWZHch8rZh7jZnwNtq6OGzkI7IK5WhkdTZgQZl%2Fm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732ca9379a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
260 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Inplcm8ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDE2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDU0NDYxMDUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDgwOTE0ODA2MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CddKrS9To3LWHquJSF8WwmWV%2F%2FakWvw9DiM4JAzWLWdDAlzr1KfGSclsWAcul7xHQpSovg2M6YkTnTYmnkOK0ytamLtWKaFGt6rMnd0uc3KVJOY89Yq%2B%2FJILeWAb30r4zDJlYV3QRsLi4Fcy7Vma"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732cd9639a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
4809148062
go.ezodn.com/dac/
0
574 B
XHR
General
Full URL
https://go.ezodn.com/dac/4809148062
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/porpoiseant/banger.js?cb=195-0&bv=252&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Aug 2023 10:04:17 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://sunnewsonline.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE39bMQotRHCSx1sX11SSo6eHc0aruXhWWUzLLc0Hl823dPC0jA2Dr%2BBaadygbEbnS198l2%2BQdxMEYJUWh6ji4cAX42PkDGJpoVXCtZgjz29TS7%2FWTjGsyU8jBiXo5l8knN3IYZIPdu1%2BwE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f68732cdac78ffa-FRA
access-control-allow-headers
Content-Type
army.gif
sunnewsonline.com/porpoiseant/
0
405 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wOC0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GagTooP6zgEIWSZoDU5uf%2B2UxTMgZ0mf%2F9hN2Y7mMwAjJWDYlD%2FtIXJ8XjvnA7jz4ZWKftv6U3Nj9giLCDzCAr%2FQNc59%2FW%2BjDD5pfSJ1elPcNGNUU4O0u1cPnIHX5govj%2FQAXiwar8ZeK%2BlQdlFv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732cd9649a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
265 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhdWN0aW9uX2Vwb2NoIjoxNjkyMDA4MjY2LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNjAsImJpZF9mbG9vcl9wcmV2IjoxNjAsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU3NiwibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDgwOTE0ODA2Mn1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=215OD%2BKoOAkTp60VJB9HD1XXQXEguTlwYyl%2FC6v8H4Dm2qJ4ugR86Pf2VuOkn%2BbXnir9zPkNt8Uj%2FNFCC4GEd1Vbcr4E482F9%2FIWWd4GGGD53kNjr4aFLXR8IKK%2FV9V7IFOufxbLA5rtVP3Xoatt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732cd9659a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
266 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0Mzk5MTU3NTgzNDE2NDYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjA1MTQyNzAyNDAzMjA5IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTUyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItNzYifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzgxIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDIzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a68R%2BbvHFzT2KN2sHTyuUJgBmooz4gEhTwVTLmDPprRVFbCAvb%2FLMkliyYHb7%2BYG%2FrFHd5N9aFVZ5WgIDGoqCUnkBqEPng2ggOc3ZDv3ik9eKAbN5ybI7nM9lsoUwha%2B%2FjccFUYIBD%2FgQxzuS6rq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732cd96c9a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
261 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExNzAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE4NCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYyNjk1MjkwNzAzNzY5OTMiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAzNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTQ2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDc3In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VeNmwgLXtGTE97HJk%2F%2FrKmF9t0meXhh5vUNbtMRNRFytuIEdd2Zg708py06tWHkdd%2B4Bvcz9nwQK8C6%2BsSYfe0NYyp11fEavHsJ0Kw5pLjOGbhD0pBByoJiH098qtNgEXbhyhU1ebIZeQiU%2Fjx6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68732cd96f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:45 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
159 KB
26 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e18f8ba641c416c6a0e85afbc654421975853ba9c705d4e886e2d06d6d461cf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
18338
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
26863
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 05:12:07 GMT
expires
Tue, 13 Aug 2024 05:12:07 GMT
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 816D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 816D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:49:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 816D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
css2
fonts.googleapis.com/ Frame 31F5
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 09:35:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:45 GMT
css
fonts.googleapis.com/ Frame F29D
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:25:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame F29D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:49:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 594B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Tue, 15 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F29D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 09:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 09:28:51 GMT
l
www.google.com/ads/measurement/ Frame F29D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRt0-Vrkl0XO00kUdVaoR1vn3UvZdeZbOc17d_98lGQmb__yIlJ9HSQ0AX-xf9gRNRJNdIt-Xnx5HW4AbX5y7SAZ2rRHg
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F29D
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:45 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame F29D
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 Nov 2023 09:59:38 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 31F5
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:58:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
37132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8576
x-xss-protection
0
server
cafe
etag
10593844011591499743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 23:58:53 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31F5
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 13:24:11 GMT
x-content-type-options
nosniff
age
161614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 11 Aug 2024 13:24:11 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31F5
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:55:52 GMT
x-content-type-options
nosniff
age
184913
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 11 Aug 2024 06:55:52 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17A9
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 14:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
71363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 14:28:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17A9
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
27255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Aug 2023 02:43:30 GMT
css
fonts.googleapis.com/ Frame 17A9
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 09:01:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:45 GMT
css
fonts.googleapis.com/ Frame 17A9
25 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 09:17:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:45 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 17A9
109 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 10:17:45 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 594B
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECaqE9tkVGnvsFUOwx9L8vg&google_cver=1&google_push=AXcoOmSCv1L8OtQ5iltnwWuGAL_PFLdzOZyhJFJcm2xEAAVXRDUe0VCNeVMm9vn0SalAqiKdTxcouTJaELQlp0Y4Z0V6FQOhvtisgQ
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 594B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENvZenXCN8b7ebvlveAL8bQ&google_cver=1&google_push=AXcoOmTys9i7UbxR5CdVrV5qqELfKWmZWC4wxEStWkgoEhI227QoG6aDtZM2SL7ncAXPGokeGxxpNDzI7C_aGDUNmtdhDaWFv...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=813683914497
content-length
0
pixel
cm.g.doubleclick.net/ Frame 594B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 10:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMgsT6vi5iHkgjjy0RAtWng&google_hm=ZNn_Sf-PNkGG5BcLklItzQAACLsAAAIB&google_nid=index&google_push=AXcoOmR4X0ve5vxZbnmBk7rkc3HDkO-19O6uWvGCT9USJx32pX8w01rSdY6DiUoqMezYINWnwUXZK82yGp2vKIpXH6ibKo5XUNoWeQ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
/
cc.adingo.jp/adx/push/ Frame 594B
0
43 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEDqGehgHo83xbyHrQ24gfpU&google_cver=1&google_push=AXcoOmQ4UcOiYmz6cZa_MwShVpB9k2lKPaDMyN_-lS8dD6mVd4A_ofyjN6voMLfuydTLnWmsE8wsrotSPhrc-oVnrjqpIsfuzy4Sxg
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.27.67 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-27-67.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
server
awselb/2.0
v1
match.sharethrough.com/E4rooAtA/ Frame 594B
0
34 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAMD0xSSernMS2log6YmLWc&google_cver=1&google_push=AXcoOmTVaIeBuhvucn-eppyIzvDYrjUO2yjcC3NANkMG5hTvxGT3kKdwFaWAP8HUBNoFk6R01hn7cR11SrWuI5I5lPFyLBRaPvjsaE8
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.132.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-132-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
/
onetag-sys.com/match/ Frame 594B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJov_oUcDuX7-XmLIBcOO8&google_cver=1&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4S...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAZZa2D1oSTizueZ4G7cpxx2vh0D1ZXPUR-eAvdlJULgMNAW6P2DKIUYRa_k83g0CG6wWOlHmdk4Sw9KLkql907xQWRXXRra4
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 594B
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEsM-8rEVM8b3aQ5kcP78S4&google_cver=1&google_push=AXcoOmTBkvrovWhUDBVqPfy0Wu-HR9unTI3fdssn3IEff_4-Kj06UUjfXC6sKB3CuzSPiwkrSc6sY28XGagntIlk_ir0lC3cg461bQ
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 594B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFQbkk0_woZTTTZ1G4kcqjmMqLtTktrmXLUjiFTlAALFUGDxyh5c8WZv253E6XTW2JRVQl606r
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 816D
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:45 GMT
truncated
/ Frame 816D
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc354a17172ca1ddf6ac00ee5d8a85409131ec971a0e4b6c8733087027f1d4de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
5ca31272300d4f00153cbd24.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd24.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cea2e35a6f1f78612f22784ea30df602c2b355ee11c9dd29f6bf0bc7bbcf84e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options
nosniff
age
18338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3370
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:12:07 GMT
5ca31272300d4f00153cbd63.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd63.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43535b7d5458d1f0eeac8a113a7d2a5daf4c61db789cd3bc0df24cf473c80b70
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options
nosniff
age
18338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17256
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:12:07 GMT
5ca31272300d4f00153cbd60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd60.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fd1a7046a6b844c6f067d83ba2831c7bace97aae1b15b87cf5e22917b7b4395
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options
nosniff
age
18338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2469
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:12:07 GMT
5ca31272300d4f00153cbd5f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd5f.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380bd839d157729a3699c4e4288d490d73f80409d4ecf0f8037ff7911a804e51
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options
nosniff
age
18338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2475
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:12:07 GMT
5ca31272300d4f00153cbd5e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/ Frame 17A9
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/5ca31272300d4f00153cbd5e.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c1ade20dac38fabbfffc1588045a7aacdf8e00a9c6fb1e8b2b77c8b83b7786
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 05:12:07 GMT
x-content-type-options
nosniff
age
18338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1823
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 07:46:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:12:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17A9
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
169768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:08:17 GMT
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame B98A
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
187345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_U2_qEkB-0RMTv713JyC_11ew_5Jstbk2-NpqehrUEncWm6IdweWrWm8Qpp3TRrKqQ_Q9LPIInD9bv_BpxFl-gzs_KHblI0wwqIp-6-d11Y0K7C0ZNZ9GZObtiXxnJan_aWIZfFIaS4szJZktsp88xn_1qUGPybBAgXijdUiE2TQ30oxh05myjhHwF4gZm9sbljU-Ti2PicGgEexbfsx6hvtiz3ZJbwnMJA_d6BwgoxOH4X2KCS5M1Xv5NZBIljUZXFAbjI_C4CVpFGrfyX8xu5Fl5dL65h3zFStYdue7FfcVMkmxeCEJsERJIiIjUAQ8AKwW3OfwPJBf_2Ti1PhjQVN213QjDqGSyE_TriKUcZpDcnhmHORO-LrABMCw7Z7rAeAEAZIFBAgEGAGSBQQIBRgEoAYugAeEwM80qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKfAAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbnRyYXRlay5kZS-ACgPICwGiDAgqBgoEw7CxAtgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=z9mkfxIc-0U&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&template_id=531&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 816D
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jnRSf_ZZMqzCYOj9fgPo5GfwAOay62YUta9-sjTD56xhq_zGBABIKXM12pgleKQgqAHoAHkv7DLA8gBCakCqD1f4W5esj7gAgCoAwHIA0iqBK4CT9Cc4YgfkMR0QLo5ilpxi3VwfTG_...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963387364%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210264686848108739889%22}&andc=true
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"10158936968576537821","debug_reporting":true,"destination":"https://antratek.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963387364"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10264686848108739889"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 10:17:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10158936968576537821","debug_reporting":true,"destination":"https://antratek.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963387364"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10264686848108739889"}&andc=true
access-control-allow-origin
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame 17A9
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 10:09:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:46 GMT
css
fonts.googleapis.com/ Frame 17A9
25 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8742889927508434617/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:26:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:46 GMT
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame 17A9
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
187345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
13154442590092961218
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
109 KB
109 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/13154442590092961218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111311
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:54:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
15523862232680885101
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
172 KB
172 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/15523862232680885101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175878
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:53:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
9855172732615812524
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
78 KB
79 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/9855172732615812524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80355
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:53:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
5646848704537305550
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
144 KB
144 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5646848704537305550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:00:28 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147762
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:51:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:00:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 17A9
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&a=d96d3a1f74a96099649822590a0ccc4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17A9
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&a=f7f970fcaa55f0532d684795b36f1b66
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
169769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:08:17 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210158936968576537821%22,%22debug_reporting%22:true,%22destination%22:%22https://antratek.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963387364%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210264686848108739889%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 10:17:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 17A9
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
5646848704537305550
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
144 KB
144 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5646848704537305550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:00:28 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147762
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:51:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:00:28 GMT
9855172732615812524
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
78 KB
79 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/9855172732615812524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80355
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:53:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
15523862232680885101
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
172 KB
172 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/15523862232680885101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175878
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:53:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
13154442590092961218
tpc.googlesyndication.com/gpa_images/simgad/ Frame 17A9
109 KB
109 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/13154442590092961218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 05:04:23 GMT
x-content-type-options
nosniff
age
18803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111311
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:54:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 05:04:23 GMT
localstore.js
script.4dex.io/
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
253111
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE9Q9sEwXg49G69ZYGW4FiTsYj%2F6sqT5rVg6fkfp2zbUf%2FJltdb0mNKlRd8Grr2Hb27sk2hxwaaRugKpxoY0DeFLDEpcaAm2ofq6k3nCaUrIzUtcz0cxFlViohbW%2FjLofrIM%2FAdevbgnzoP%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f6873311bc53611-FRA
c
prebid.a-mo.net/a/
0
221 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
224
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/
1 KB
680 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&PageUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&PageReferrer=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&CanonicalUrl=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ac05737d0a376a3e361ef8bc8dc1a44acfcfdc146d989283014d07bc78d41887
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
88
content-length
324
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f68733128871e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f68733128881e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f68733128891e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
35 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f687331288c1e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f687331288d1e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f687331288e1e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f687331288f1e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
36 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f68733138921e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
310 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f68733128911e56-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/
93 B
501 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
588400cc0c4cd8f38dfbdec8c009ec29dcceb922d1611fcc4ac181d7a1925132

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sunnewsonline.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
ib.adnxs.com/ut/v3/
694 B
864 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f525cf91c9aef80308c7e783f71964d7cef1b6bd5dd503c9123e653beac1dd2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
an-x-request-uuid
d5d2c1cd-afcc-4ab2-a844-e1c5bf829297
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sunnewsonline.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.81; 146.70.117.81; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
429 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
last-modified
Mon, 14 Aug 2023 07:48:25 GMT
server
cloudflare
age
0
etag
W/"066195180890d01d0abfa967058b42d0dc6beb79"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
7f6873317e4a1945-FRA
content-length
3
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 10:17:46 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
243686
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnJIIHrN40gTVyy7Sy6blFeQwdrWltsoJ83kJ8oqy2aC65wYfZjqDv2zG7p0iCFsSvjnfCCVF%2FLpIZ8XW0ErujHKa4Z3nd1m03aIX1QDYgWBNdlZnYfVp9%2F2mv866u%2F0hPYHFHDCLd3jGDC%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f6873316a3735f0-FRA
bootstrap.bundle.min.js
sunnewsonline.com/ezossp/https/cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/
77 KB
24 KB
Script
General
Full URL
https://sunnewsonline.com/ezossp/https/cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?screx=1&sxcb=1a
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71cf1ec33dc40728e5cb98f96e6133e17d60c624ec30bd3765c7ac8cf54c982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1142
x-jsd-version
5.0.2
x-ezoic-cdn
Hit ds;mm;e7364416041a996264772fb515112cbb;2-494158-1;2c6de4e9-ad2b-4c09-71cb-aa4b298545f7
x-cache
HIT, HIT
x-middleton-display
staticcontent_sol
content-encoding
br
cross-origin-resource-policy
cross-origin
x-middleton-response
200
x-served-by
cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
x-ez-proxy-out
true 2.4
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0-gzip"
x-origin-cache-control
public, max-age=31536000, s-maxage=31536000, immutable
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tUvKGfVSPKvQYL11Di91FMDFweMEbMTKzB%2BZDESXpFPHNA6qJaqo5Ep0MwA4wwK1KEfLynaZzcgsl33ReunaXz2DpV8Bh1zG9EifrIEqtM%2F%2B7sjwPuZ7EwwAmUwPPiGsiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7f6873318fa69a05-FRA
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/
24 B
404 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c234175c5f5b9de19b11bc87cadb32a7f9bac475313ad503d77c479cf9adf29c

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 10:17:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sunnewsonline.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid-request
onetag-sys.com/
15 B
364 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://sunnewsonline.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
activeview
pagead2.googlesyndication.com/pcs/ Frame 67E4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnTvfEqSn_lKjuzvlMUBzOR2eM7KdLxfSNvLGwFO4WjaXt7I1b5zNmIwgLwUHl23DrrYrzKA9rrnwqotEjKockKzqF1PPSCT6UgK0&sig=Cg0ArKJSzBeYoy9VHIMBEAE&id=lidar2&mcvt=1019&p=-76,152,174,1122&mtos=0,0,1019,1019,1019&tos=0,0,1019,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&vu=1&app=0&itpl=20&adk=1280361889&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008265396&rpt=105&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDK.js
sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=1a&ver=6.1.1
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a0075b20f03e1eb4d5bf21b0000203d4c0146443e53fbc3066221cd23e1087
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2362
cf-polished
origSize=9204
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
content-encoding
br
x-middleton-response
200
cf-bgj
minify
x-ez-proxy-out
true 2.4
server
cloudflare
etag
W/"2a3bbde818bef34d53a0df862ead5d5f-gzip"
x-origin-cache-control
public, max-age=259200
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX0L%2BxSIVJY5U1t%2BvsPhuse0ouPhrAYRmM0aZuPzq7zTrP9off4RGUshByqNpEHR67wkGe78yJz1UKSqbhgsy4SkQ5vbKNeg4giokrnQBz%2Bftacemh%2FjIDpR2ykICUOI%2BvXk9GesXU8wyBITy6%2Fp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f687331e8289a05-FRA
access-control-allow-headers
OneSignal-Subscription-Id
expires
Thu, 17 Aug 2023 09:23:53 GMT
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sunnewsonline.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=1a&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3483
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f68733238304d1f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Aug 2023 10:17:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
365706ed65f6f70bbe6f27258bbce108ffc315e4569ce25c48bd78cf9cc9edff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50926
x-xss-protection
0
server
cafe
etag
8148960412261372420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308070102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f6a8f7973c62a5ea235fb030d76a014f9334f1e465f7f17d39af8da993757e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11894
x-xss-protection
0
rum
sunnewsonline.com/cdn-cgi/
0
160 B
XHR
General
Full URL
https://sunnewsonline.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sunnewsonline.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7f68733238c59a05-FRA
rum
sunnewsonline.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://sunnewsonline.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sunnewsonline.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7f68733248e29a05-FRA
web
onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/
6 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c2d8106f-f338-42b7-8d59-eefc3cc29fa7
x-runtime
0.038705
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"eb7dbc47e9da03bd9d667762848d702b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7f687332b8b14d1f-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 14 Aug 2023 11:17:46 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F4FF
156 B
676 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=3772014631507434&description_url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22890767690%2Fsunnewsonline_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D494158%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26ft%3D0%26ic%3D1%26iid1%3D9054216318418685%26plat%3D1%26t%3D0%26tap%3Dsunnewsonline_com-outstream-video-1-9054216318418685&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2645563086&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=4E1DA656-1BDD-4423-9085-DADEDED7F40E&a3p=EhwKDWNyd2RjbnRybC5uZXQY39C0nJ8xSABSAghkEhkKCnB1YmNpZC5vcmcY2tK0nJ8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7QtJyfMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2laRGhyZFV0c2NVUlVTRk0wUVdwRGVXOXZVbnBRZHowOUluMD0Yxti0nJ8xSAASGQoKdWlkYXBpLmNvbRjf0LScnzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNvVtJyfMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44785453%2C44788275&top=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&loc=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&dlt=1692008261284&idt=810&dt=1692008266664&cookie=ID%3D415f40155e016708%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA&gpic=UID%3D00000c86ad6b76c4%3AT%3D1692008262%3ART%3D1692008262%3AS%3DALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA&scor=3393534142546643&ged=ve4_td6_tt5_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076936
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Aug 2023 10:17:46 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/
372 KB
125 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6321061981120130&plah=sunnewsonline.com&bust=31076963
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92ab417f1156e4bac9e638a184ced6c49b98aab5546a6c119e60c753287a5e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128452
x-xss-protection
0
server
cafe
etag
9024885359166795094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 10:17:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame FB9F
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6321061981120130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:01:55 GMT
etag
12368291122986407432
expires
Mon, 28 Aug 2023 10:01:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.eu.criteo.net/ Frame DB9B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rJmUDvvJxnxh3FlwjuipSUjl6W3omwdjdRBdyg5dpy2RyYZ4VIg1xQuu2Js9fjgqIQFkg7X2SJ7hGrR501Ni0l2DdIhptZOcJ_0YEMi1ybCdknbPVEqbD9sZZNYVVBJHO_Wu2y2tTN3YMzLxDmcrZ06Fx2nRwP6Td1lozUmwVQhsnqy9nJqe2w8cPnxIdprNdmfkqvXgEP7EKlsO5xi2tdQ5Y3N7I7ulqDKMafoJxwGyijmMTEr0Wy8-hHpBIvk5tEfFwA&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNn_SQACRicJHUU-AAIgU8-K9VI56Bgbrr0Prw&u=%7Cpi9o7Mz4%2FhuRE4wB1Hi1vNVxX4nbDfiCdPnrbdmRe3o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtOv3VEfcLjxiICWjH2oIqg75bjk9R_QFKZJm3mvHkRrnv5Fa9lVA9tms6JSYCxtOdIAJClZhDVVNmh8pnuWQEdoRr3xQqIiVcZbOPSeIaDJdh61cnCq9MadiWSL1frK0LUP3Yev_1C-U0sGnMZoiS_e3AdwGV8zakh0srnebKg2XblbEHTsTgWHGiD_r7CyrbdrhnbXSjW1yv2pblCwTZuM9z7AxwlCBJm38RSySm77aLSK3JN6ESNpFV17CReyJbE2epaAJvF0PKTzukL6lCDAaATZcquqaylOxIvmhWnOLcwZ6UsuxgJKiVSn8uZtOQQ_H0QeWq0tvOvdfSBzeeewUx9_MeB5YKZeWZjyzhLVtK9Bn7md2Tw6JxifkRSO7z0lwfWSfB4-5rYsISwpXwHWFjpzwlSzBZykSYqZNIdCLAI97dguBDdTPmHn7tU21PCdHN-kRx8DXaL59u0xS2CxVmJ_eXIrRwbDchmEfhuT13ezZqNqE6oi4FLGYY7UKUqvGc_4ZLL01HzQ-ZSMVsIYKLnBmk4HqWHmjoCz-ruDUFdY_YOwayXYfpd-ZERwFl9bCwpqJrzRwNUZFatH02AWNHVHyuH4Hd4bP1w1xWXr2ljXwhwWSwz9k-m-j-kZ1q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC1jQSf_ZZKeMCb6K9fgP08CIwATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5MDIwODMyODUzMDI3NznIAQmpAqg9X-FuXrI-4AIAqAMByAMCqgS4Ak_Q76HwqOwNlV_c2DMy_kenzwvbKKaHUFhCVJIbe8WKr2A2LBk9cAJ6b5oZoDa7dhNluQtfV4Fo_1WWddrI9u9eIiLNWJwxLIaMfTg6Q-Pc3aPg9XcgQuUmFFx1uqUl0r2a7M90LYvcimHGK2YF6CfVju5y6ZuTt0-8IWyjN7lSCowYV8r6FgmztsLUvKapooiQabCATX3kLx2W2DL1x1ykyxDSmtCFRkBqkDmqEaMc3wq90vkNbGUriqSYhjc5lJFzpjbsdWga679dmyFYfpqKFGX7tW66jc_Jg5OrIHyBfqu-XNHmquxP46b966t_FGYDfaXxp-WBrRDWZDPtPOMuazCy0ZPKVMXCZdXCoPwWs_p3NBi-XIK__FS4i-eNRqYi0rhZc1aZD_aRubLbRiGAN_BUxuAyDOAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2LaYHdFqkREncsudx3pCKziwkLZQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 10:17:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5118
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:04:59 GMT
expires
Tue, 13 Aug 2024 10:04:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E9EB
831 B
555 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e451954323c536ecfa566e734c3574ec6bb6b697573ad73270a843e8cba4317c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mgqgmEUxVTkCHJVfOfkKrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-mgqgmEUxVTkCHJVfOfkKrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 10:17:46 GMT
expires
Mon, 14 Aug 2023 10:17:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
webPushIframe
thesunnigeria.os.tc/ Frame FD78
519 B
693 B
Document
General
Full URL
https://thesunnigeria.os.tc/webPushIframe
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:9017 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9406890e304597206481a853d1d33e927dcf1abffb13b6c6a2d55f3eace6d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sunnewsonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2784
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f6873338f1b900d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 10:17:46 GMT
expires
Mon, 14 Aug 2023 11:17:46 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
1db46302-490d-413f-a3b5-1feff40e0433
x-runtime
0.009008
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame E9EB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308070102&jk=3164377482340889&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame 5118
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
187345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame FD78
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: thesunnigeria.os.tc
URL: https://thesunnigeria.os.tc/webPushIframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesunnigeria.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3492
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f687333b9f14d1f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Aug 2023 10:17:46 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ Frame FD78
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesunnigeria.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1990
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f687333ecaf361e-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Aug 2023 10:17:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 5118
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?_5PnaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
army.gif
sunnewsonline.com/porpoiseant/
0
357 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQBlpIimETpj7JOXBhMSPG%2FYG9MH1KLVIYueGybhHIXagez9TRT2AQ%2FOv8vv9wnSvQzi7qwAlWMRK3xC9zoByhk4iUUrHcxBXB8%2ByhZ6TZztl8ZZy%2B8gxVzTt3I1%2FwU58p1g5ZfItgoPr%2Fv0vM93"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873345b7e9a05-FRA
expires
Sun, 13 Aug 2023 10:17:46 GMT
web
onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/ Frame FD78
6 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/d993e672-eb09-43d6-9ab8-db0535e4c33a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thesunnigeria.os.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5cf85e81-56f8-43c9-8863-9ab51bb747bc
x-runtime
0.037009
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"eb7dbc47e9da03bd9d667762848d702b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7f6873345d30361e-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 14 Aug 2023 11:17:46 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
306 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYwNTE0MjcwMjQwMzIwOSIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCHYcvG1MwipbLki0uGe0lf0o6GLbKIw3RiBYSi1LeD61fCiPmz%2F3xrbYekjdGMwD9tLUUcpcYE%2Flhx%2BvKlpeTEnZwJyt9YQjwmkTawYjOy1RFhbqsOUvIX5FfUqnkQvpLdwp5gouAfPqfOZPXdA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f6873346b9f9a05-FRA
expires
Sun, 13 Aug 2023 10:17:47 GMT
ca-pub-6321061981120130
fundingchoicesmessages.google.com/i/
150 KB
50 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6321061981120130?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6321061981120130&plah=sunnewsonline.com&bust=31076963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5941a4da3ef8ce99baf131646c3214256dd253c86a13530161830c9b23186b0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QhSzzR2bk4lVGMz8nrVUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QhSzzR2bk4lVGMz8nrVUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F4FF
0
225 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llaq16j8&c=3558999887168&slotId=1779499943584&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:809::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.125.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-125-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sunnewsonline.com
date
Mon, 14 Aug 2023 10:17:47 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/
24 B
404 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
08d5a3211aa11639d5a88c665f051c70dcc8d5113f654c9f48b94244064c5a0f

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Aug 2023 10:17:47 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://sunnewsonline.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid-request
onetag-sys.com/
15 B
364 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://sunnewsonline.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
activeview
pagead2.googlesyndication.com/pcs/ Frame 816D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEN4A3T95Kbv8ueAeZbcWDqzGIgYiji2GvnIxjkdFAPf6BbQ2tgJkD7ttEQwM1Dkvl6t-wjKTD9r0NJMgaR0yl1qqP9XqzQfjPsO6c4UrLol1TNLjru3xYSmmcpgDolb0UH9xQIN4qUdniM3cpCLlmYjPh-tpkuxV45H9rCkE&sai=AMfl-YRthYS-Q5eq-jmHJK-Uke18ATb6l7Qm9fymG6dZG3NwRxEeu1_HBeKOtMEObCnl5YloS-osg3FYhUDWY_K_efWzUUra5J8no0Vcbg5XjW9uM_dmwHfxA6QlhiY&sig=Cg0ArKJSzAP3kazB9mEPEAE&cid=CAQSOwBpAlJWxcDzJrNkxE9AVh-Ipmz0tOss0r5tAiHXH3A7Q--695rbsdr-8ZB4Se2_Sttl5M3HxFPlzkCeGAE&id=lidar2&mcvt=1005&p=1023,381,1113,1109&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1905174598&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692008265618&rpt=458&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 10:17:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWRnqxZZFZMwTcxjwtliNwv1itoPw9B20kFqjJpAP66gfB-0_stFlcckwbSypvJnSTWYpjiRGjJ2o6NwqYQyXLnQ89vTBiFyT4xM4CL_8oXUIP8_MKdekMsowfiy8cyg0Lh0Z8aBg==
fundingchoicesmessages.google.com/f/
270 KB
43 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRnqxZZFZMwTcxjwtliNwv1itoPw9B20kFqjJpAP66gfB-0_stFlcckwbSypvJnSTWYpjiRGjJ2o6NwqYQyXLnQ89vTBiFyT4xM4CL_8oXUIP8_MKdekMsowfiy8cyg0Lh0Z8aBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyMDA4MjY3LDEyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdW5uZXdzb25saW5lLmNvbS9zZWMteWV0LXRvLXJlY2VpdmUtZ3Nrcy1mb3JtYWwtc2NoZW1lLW9mLWFycmFuZ2VtZW50LyIsbnVsbCxbWzgsIkh4UkhnV055UzVRIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
688fc12a17fe599172d804d23b443f1c039ded595c854d40e9470f743e8ab5eb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--5ru277CDaFXkdliX7wS7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--5ru277CDaFXkdliX7wS7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
283 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAJJiDPnlo4vVGTKs2QdkEdLrdvdOnoqkeMcrZQJh3HCh%2B9%2FOQFwqYmL6c1MbkjXE%2BtEhneB0vudee1TAensqnRoE5IvaMTb3i8kHmN3sY7lSyaHsl0XbG6Zwfn2ZgFqINJ4KoBe9sYI1OsdFsT%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687335bd769a05-FRA
expires
Sun, 13 Aug 2023 10:17:46 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
257 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAzMzY4NDEzODM3ODkzMiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJzdW5uZXdzb25saW5lX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMzM2ODQxMzgzNzg5MzIiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0Ijoic3VubmV3c29ubGluZV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjAwNTQ0OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVQSIsInBhZ2V2aWV3X2lkIjoiNTBhZDE1OGYtOTM5Ny00MmQ2LTYzMjItYzE0NThjYWMzZmJmIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERed4R31GQN1EkgdfwinHeCe6V10glYJHpYWY9qr6TOOa91JbMSYfLuanKUiZkPZS5BAd6GSMtcO8xp3AoKE%2FICK0XstGJ4L0e8dlqUBRsBaF0ifE5xqblZwtpicjDj4UZYakiXnFcv7KC91NY%2BD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687335cd9c9a05-FRA
expires
Sun, 13 Aug 2023 10:17:47 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1137
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7f687335ef2f361e-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Sep 2023 10:17:47 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
265 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkwNDk1NjczNjM4MzgyMyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0zLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzh%2FIwOa4KmJmDKzRmnGKqLz7SvpFrvun5uhJsGaLTlu5Y5gGFe%2F2%2B3%2BIiNh%2BEusHwW2wezsp9YHQ2W8%2BgfJloTl5igqpKcn7wSI2l6N8QVm0URsg4EA6elF3J8unM7aWwixHQKvfz%2FrP6zH9CzN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f687335edc39a05-FRA
expires
Sun, 13 Aug 2023 10:17:47 GMT
css
fonts.googleapis.com/
69 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d61260c6c74dd9bed84e1dbc7e04e98c91fad783ece1cdce4e07de3970df6866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 10:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 10:17:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 10:17:47 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 21:27:00 GMT
x-content-type-options
nosniff
age
132647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 21:27:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
389371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 22:08:16 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:35:16 GMT
x-content-type-options
nosniff
age
268951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:35:16 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sunnewsonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
209564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
AGSKWxUuYJ1mdn2LvMCeQAXXHCgD8OmrQ_5N7b22MDUlum8Q6DJDCaj8-JcO6qJx67t_jgP1kX8Y8UtHof4SeDpZyslKopEBuiA5CsT5eyXqQgN0ed79cRmQBd-H6cSimgNcW4zpqR5P0Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUuYJ1mdn2LvMCeQAXXHCgD8OmrQ_5N7b22MDUlum8Q6DJDCaj8-JcO6qJx67t_jgP1kX8Y8UtHof4SeDpZyslKopEBuiA5CsT5eyXqQgN0ed79cRmQBd-H6cSimgNcW4zpqR5P0Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HxRHgWNyS5Q.es5.O/d=1/rs=AJlcJMyoPyKMB-uZtDiA7wlHpN6nx68SaQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FrgmdspJ-CtTnyhOm0sXlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sunnewsonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Aug 2023 10:17:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FrgmdspJ-CtTnyhOm0sXlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sunnewsonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308070102&jk=3164377482340889&bg=!AwClAFTNAAaiGN5Pghg7ADkAdvg8Wg875AKB2xx6-yHGTJiWQPEWXfTdpyk2NWDAw4zucmifrGORW2Q_Mb6KhvRnzjnCe8X7l44CAAAAf1IAAAAKaAEHCgALAXwez69HK-sMTXWZAryBOdHhKoZkChqR3ty_aXOh6y8CA0AU3F25VC7rFDJu73Ay74R68379ZLIQ1EKIIa69b5dTCwydgQPIkdgVI94VqCnSCZ4l5zhHR6Qnh0-MkbS9JaDw0iYMWQNYyvkNWudnhOZTtFKubmTiMm0TTVFajT7VdI41-rhZCsWK_YsD4UQOuT5ZF8xEBOaTFfLfvERW5IAfeAa6FjgmArI4UA6McPPtbkj0IGAbXN0PSY-TSSm6ggvlUt8llBBDrmP1QELybnb1svk5bm_5egtndNcXWeRtnhBmnAKy_NTcCSI3RZ8Q8lzdMbRd03WarZrmwPhxeaZNcOBasdjfo2qsc-MgnLJxWlKeq6pWinqkqdBZlwilgjU_nTmDWd1t0pO17aK2EvyuUVdUiEXr33rZfNMm2nbQgwPAguXEXFwqoI7hoN1dnOtmWPL49K-L9c9oeDlo5wcbBzgtfEUAyQpY30CuguvjLMrN623-mTYceweff-n7UDKmVCCyMOOkcvvskgI-NQqfz5hfkakzayPt9iWgyi1zj7J-8ocZ07Y2iY0JxwhAnjhPWdt75q5UuTZKFhQ53EaQiK7FGv6UDjFgR-SEdOXZv5wayHoW3rFICHZwbCM9OSIvn8CtuWhbDS_P14mFLTbumMW-5vmmP1Fq-3ovhR9QBEJj9PPuVdEU4AVd1YoGn92AOrX5LdgDt2o8Ovsm9NlnDHbulUs50makwvK6PRcS8PvgLRfUqZIRjElfa7NKzm7wwITqZC0WYuSNWrjzchmrYnxjkAcRr93PzciAmM7iJrh4lS3Dgxkv0t7qOs7Pfgv-wVb1X4RzpVQ--FUCt66z3KIPNrRtw8YQ_vl26gaCifsVHfXWD_Cu7A3YuX42jUK4mYhJhzR6lLv5VD7tGOYEEeiWIk_VpudF8D9Be-actga5mEPNYhmh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsunnewsonline.com%2Fsec-yet-to-receive-gsks-formal-scheme-of-arrangement%2F&pid=Xoxc0VdnogsH4&cb=6&ws=1600x1200&v=23.725.1446&t=15000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A350%2C%22id%22%3A%22Outstream2%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&schain=1.0%2C1!ezoic.co.uk%2C9291f3eb62d1de708b2fff420d260ef0%2C1%2C%2C%2Csunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
CNZ1VW9W2DYZK9C5A81V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sunnewsonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
DFeIMLaHewFT4OkeqU8MY9A_RHlYETQVqgR-E3dzikDt_E-zuOCIAA==
army.gif
sunnewsonline.com/porpoiseant/
0
308 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM4MTgzNjY3ODMzNjg0NCIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODk4ODgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcxMDc3NzcwNTg0MTUxMjEiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjM0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0Mzk5MTU3NTgzNDE2NDYiLCJkb21haW5faWQiOiI0OTQxNTgiLCJ1bml0IjoiZGl2LWdwdC1hZC1zdW5uZXdzb25saW5lX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4OTg4OCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjM0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjA1MTQyNzAyNDAzMjA5IiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6Ii00MTI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTA0OTU2NzM2MzgzODIzIiwiZG9tYWluX2lkIjoiNDk0MTU4IiwidW5pdCI6ImRpdi1ncHQtYWQtc3VubmV3c29ubGluZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg5MDYxMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI1NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHWjsvnEWHR5vDjyC1r6QDM%2BqAY%2Fx4KIjpJ5YLUEj3Rn3AIOFiNFfEpEH2cU5prRXeozqwHIVQdLB64F3bmI3ZaJr%2FkiLa3TdS6nuXN66ePcVLZKw5c7BFC4sAw7Lo3U90XGQPnetTwz0n%2FAYLHi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68733cee7b9a05-FRA
expires
Sun, 13 Aug 2023 10:17:48 GMT
army.gif
sunnewsonline.com/porpoiseant/
0
264 B
Ping
General
Full URL
https://sunnewsonline.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4MjkwMzU5MDM3MzE2NiIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjkyMDA1NDQ4LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVBIiwicGFnZXZpZXdfaWQiOiI1MGFkMTU4Zi05Mzk3LTQyZDYtNjMyMi1jMTQ1OGNhYzNmYmYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDUyNzEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjI2OTUyOTA3MDM3Njk5MyIsImRvbWFpbl9pZCI6IjQ5NDE1OCIsInVuaXQiOiJkaXYtZ3B0LWFkLXN1bm5ld3NvbmxpbmVfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2OTIwMDU0NDgsImFkX3Bvc2l0aW9uIjoxMDM1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVUEiLCJwYWdldmlld19pZCI6IjUwYWQxNThmLTkzOTctNDJkNi02MzIyLWMxNDU4Y2FjM2ZiZiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyOTEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: sunnewsonline.com
URL: https://sunnewsonline.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-3y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-157y30-175y34-4y36-21y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=177&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 10:17:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpWoFgYAd032iMLmRyHOEOv%2BXdvSOp8j6S4BGCTggkAjcx5q0WzOx36rRsGWEY2cBL1SBQ8OFjmbfqEreDABS%2F5rMiP%2F%2B3eYlzhNjdio6a6PcmPG%2FGqC0MOtpOiZocrYJM3seeZjJN%2B7aLDaAHDW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://sunnewsonline.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7f68733cee7d9a05-FRA
expires
Sun, 13 Aug 2023 10:17:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0

Verdicts & Comments Add Verdict or Comment

509 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| ezgwb object| __ez object| ezGatewayBackground object| ezGateway object| ezGatewayButton object| customText object| gatewayURL boolean| ezGwjsonpg object| __ezaps object| __ezapsVideo string| __ezapid string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars boolean| __ezasAggressive object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent object| ezasSlots function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| __banger_pmp_deals object| _ebcids number| ezobv object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| gtag object| dataLayer string| schain_domain string| dom object| observersList function| getAmazonSlotById function| ezapsFetchBids function| lazyLoadEzapsFetchBids function| setA9VideoBids function| setA9DisplayBids object| apstag object| amznVideoResponse undefined| hREED object| __ezOutstream string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did boolean| ezAardvarkDetected function| ezDetectAardvark object| ez_extra_cmd function| __ez_vig_close_wrapper boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| renderEzoicOutstreamVideoContent boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m function| getCookie function| loadSovrnSignal object| __ezPwtBidders object| __ezPwtFloors object| PWT object| owpbjs function| openwrapRequestAdUnits function| openwrapRefreshSlot function| openwrapBidsBackHandler function| getSlotForhb function| __ez_fad_ezpbinit object| ezAMX object| ezAYL object| ezSmile function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain function| __ez_addAllListeners undefined| __ez_dims function| ezoChar function| ezoCharIsEmpty function| ezoCharSize string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| handleAmazonPremierAd function| ezasBuild function| ezorefgsl function| newEzVignette function| reportEzError object| ezux boolean| __ezScrexFired boolean| isScrexed object| _ezImgFmt object| metricNameMap object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ezVideoAnalytics object| ezVideoPlayer object| ezOutstreamPlayer object| ezRBA function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| ezoicSiteSpeed function| ezoicDocumentWrite function| __ezScrexify function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| __ez__ael undefined| __ez__ael__proto function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey function| loadCSS object| ezLazySizesConfig object| ezLazySizes object| webVitals object| vttjs function| WebVTT function| videojs function| videojsMaxQualitySelector function| videojsVttThumbnails function| videojsContribAds function| videojsPlaylist function| videojsPlaylistUi function| videojsVttLinks function| videojsShare object| videojsMarkers function| vttPreview object| ct object| regeneratorRuntime function| PrebidImpressionController function| PrebidImpression object| _qevents function| uglipop number| indexKey object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded object| __ezsbwcmd boolean| versionPixelFired function| __ez_init_gateway function| setInitCookie function| checkGwd function| __ez_show_gateway function| firepx function| scrollEventThrottle function| getPageLength object| ezoptbid function| epbjsRequestAdUnits function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash object| _aps boolean| apstagLOADED object| apscustom object| __cfBeacon number| ezodomstart number| ezoIint boolean| __ez__w_dom object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent string| ezIntType object| owpbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT function| quantserve function| __qc object| ezt object| _qoptions function| onYouTubeIframeAPIReady object| gaGlobal boolean| google_measure_js_timing object| ezslot_interstitial number| i3 boolean| success object| closure_lm_171927 object| ezslot_3 object| ezslot_0 object| ezslot_1 object| pbsLatency object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| setImmediate function| clearImmediate number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| ezslot_2 object| ezslot_5 object| ezslot_8 object| ezslot_7 object| closure_lm_707935 number| ezouspvv object| buttonElem object| e object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| msgData object| parts object| perf_vals boolean| __ez__w_load object| __connect object| slots string| slot boolean| hideGatewayButton object| epbjsChunk object| ADAGIO function| triggerPbjsAdWin object| activeAuctions object| _defer_wait function| documentInitOneSignal function| OneSignal function| $ function| jQuery function| disqus_config object| sas object| apntag object| _ADAGIO number| uidEvent object| bootstrap function| appendDisqus function| isMobile function| loadScriptById function| loadheaderscripts number| maxScrollHeight boolean| isHbFinished function| processGoogleToken object| googleToken object| googleIMState number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| GoogleGcLKhOms object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ODY4MDYxZGNlNGM3Y2I3MGxvYWRlcl9qcw== string| ODY4MDYxZGNlNGM3Y2I3MGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests

31 Cookies

Domain/Path Name / Value
sunnewsonline.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
sunnewsonline.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
sunnewsonline.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sunnewsonline.com/ Name: _ga_6DLE1C2CT8
Value: GS1.1.1692008261.1.0.1692008261.0.0.0
.sunnewsonline.com/ Name: _ga
Value: GA1.1.302229331.1692008262
.quantserve.com/ Name: mc
Value: 64d9ff45-b72a9-c61f9-ad369
.sunnewsonline.com/ Name: __qca
Value: P0-1444484022-1692008261674
.criteo.com/ Name: uid
Value: 95561a1b-4275-4fff-a14f-7c84354401c7
.openx.net/ Name: i
Value: 77c92e2a-5a83-4c74-b802-30b2a284733f|1692008262
sunnewsonline.com/ Name: ezouspvh
Value: 16
.sunnewsonline.com/ Name: cto_bundle
Value: xPRCoV9JSDhOVVIwa3VjJTJGc0t3T2RVaEJMWXVOYmxCSFRMZiUyRnNrRHY1dCUyRnRuYUs5d0VBTW83bDBVTWF1U2VwMm4xOTJPMFlWclIwRXZGUVpyTE9taGZGNzE1Vm9RUGg0OHZ6WWF2T2VNbVFHQlAzMUhLdlk5eUZCdUx5cUdCck1uJTJCVEFqa0tvVU03Z1NLTGxMTjlnJTJCJTJGTDNlY1lteVVLU2NTbHY0JTJGZkMlMkJ4ODZCcjVVJTNE
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmfEZNqGwGkzX7fs7OJ4mm9piyZrBj-XGRp1ozMl5Rcu7IrpyKEmsNofiHrXjw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sunnewsonline.com/ Name: __gads
Value: ID=415f40155e016708:T=1692008262:RT=1692008262:S=ALNI_MbK_tXmIP5mdzi6hD9PIuZPrggklA
.sunnewsonline.com/ Name: __gpi
Value: UID=00000c86ad6b76c4:T=1692008262:RT=1692008262:S=ALNI_MYHHVSeMyHxI9TP9K0gfi7gd7BzDA
.googleadservices.com/ Name: ar_debug
Value: 1
.media.net/ Name: visitor-id
Value: 3350098659108935000V10
.media.net/ Name: data-g
Value: CAESEGfwQ0l4_BYkXerL6nvLLO4~~3
sunnewsonline.com/ Name: ezouspvv
Value: 40
sunnewsonline.com/ Name: ezouspva
Value: 7
.zemanta.com/ Name: zuid
Value: Ik758XqK5pcbnnl0O5DY
.acuityplatform.com/ Name: auid
Value: 813683914497
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRHxxU0e8mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR8cVNHvI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTnZaZW5YQ044YjdlYnZsdmVBTDhiUfv7hnZlcnNpb27C+w=="
.casalemedia.com/ Name: CMID
Value: ZNn-Sf.PNkGG5BcLklItzQAA
.casalemedia.com/ Name: CMPS
Value: 2235
.casalemedia.com/ Name: CMPRO
Value: 2235
.script.ac/ Name: __cf_bm
Value: lotRGc8.OPPzgG7Z4KonHjWgevJwrqZbmbmuo_aCci8-1692008266-0-AaZiio9yjMWEGzC8+GjyIUeP93a6GuNrYwZz2k30n3h1ix/aMysPe3uw8B8x6tejV1i97blo403K3lY9nxt8ntA=
sunnewsonline.com/ Name: ezux_lpl_494158
Value: 1692008266583|50ad158f-9397-42d6-6322-c1458cac3fbf|false
.onesignal.com/ Name: __cf_bm
Value: HyJmzOD2vAKtGT1iJb36bWL_thB7sdwauC127aj9wWA-1692008266-0-AfOa1dwgZcHd7aDehElNUG/0HbQJ11u+XAxmpGy/iHkE2S9A/3IFtPRgynClzN7tukc4WxJ5Xj1QwXRzTiE0zZI=
.prebid.a-mo.net/ Name: __amc
Value: 1_1692008266_1692008266

8 Console Messages

Source Level URL
Text
network error URL: https://sunnewsonline.com/images/footer-bg.png?ezimgfmt=ng%3Awebp%2Fngcb1
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://sunnewsonline.com/sec-yet-to-receive-gsks-formal-scheme-of-arrangement/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4' from origin 'https://sunnewsonline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsunnewsonline.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8742889927508434617/728x90/index.html".
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Security-Policy default-src 'self'; script-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5c120f88f55cfc37f196dd9f2b45280e.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bshr.ezodn.com
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezodn.com
g.ezoic.net
get.s-onetag.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
lexicon.33across.com
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-geo.s-onetag.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rules.quantcount.com
s0.2mdn.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
sunnewsonline.com
t.pubmatic.com
tags.crwdcntrl.net
thesunnigeria.os.tc
tpc.googlesyndication.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
c.amazon-adsystem.com
lexicon.33across.com
104.22.69.131
108.128.108.17
143.204.215.41
147.75.84.158
154.59.122.79
162.19.138.116
172.217.23.98
178.250.1.11
178.250.7.9
18.177.27.67
18.193.132.164
18.66.112.41
184.30.24.22
185.255.84.151
185.64.189.226
185.64.190.84
185.80.39.216
185.89.210.101
2001:4860:4802:34::36
216.52.2.16
216.58.206.34
23.35.236.201
2404:6800:4001:809::2003
2600:9000:223c:9400:6:44e3:f8c0:93a1
2600:9000:2250:1200:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::681a:8a9
2606:4700:20::ac43:4826
2606:4700::6810:3965
2606:4700::6810:5614
2606:4700::6810:9017
2606:4700::6811:180e
2606:4700::6812:1791
2606:4700::6812:d73b
2606:4700:e2::ac40:880f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a02:2638:3::1a
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a05:d014:776:a63e:931e:6ac2:944b:f27e
3.122.125.22
3.124.27.97
3.75.62.37
34.102.146.192
34.120.135.53
35.244.159.8
51.89.9.252
52.222.208.154
52.222.214.123
52.222.253.136
65.9.66.97
70.42.32.191
03dc8844bc7e372b67d32f1475a1aa0fe6a3c875d441062059bc2190cfe9eca2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cf2bb6e5e539d54cdc7615429461cff1dd5f88c7de81f9916f3e267a3e7a10
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d5a3211aa11639d5a88c665f051c70dcc8d5113f654c9f48b94244064c5a0f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15cd911a41f7905e696d4df7d0cfcf329ede76b33a650c39c45205861fb93875
17c1ade20dac38fabbfffc1588045a7aacdf8e00a9c6fb1e8b2b77c8b83b7786
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
190c3fdc18618a4473729faa65a7dfd810fef1d70ce2c3fe71cb1ed843cf08cb
1ad352a0e77efa7a61e986d8962eb4e52566a40da7625fb409c0106ffdb9fdd4
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1f6a8f7973c62a5ea235fb030d76a014f9334f1e465f7f17d39af8da993757e9
2414986b6b154e01e64fe182c526c10991d4fc4996b2b68a82837e3d51369074
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
286eb2dfdf1c0eb9501552e21ee1634e9513501bb80328ad67d9ce007e9f3211
28b03de5c4bf4cd77ea0dd9ac54c8afae5c82c587bfee473ea70ce4e490693b0
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e18f8ba641c416c6a0e85afbc654421975853ba9c705d4e886e2d06d6d461cf
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
30ccd95dc6d8b22d1fb3a57aa9774c2274cb41d7a07c4bf26ca647f6af8c76dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333e6370faaa522f8ed12b6f9a2a2e545e21a6163e086700e28720783001b147
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365706ed65f6f70bbe6f27258bbce108ffc315e4569ce25c48bd78cf9cc9edff
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
380bd839d157729a3699c4e4288d490d73f80409d4ecf0f8037ff7911a804e51
39dfdbba517c9c1a316c71c09f05a3440923ceaf1fd9d8be5a639990258e4f6d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
43535b7d5458d1f0eeac8a113a7d2a5daf4c61db789cd3bc0df24cf473c80b70
4363fcab85a3110f1b80e60c1abab9fb9df39b6170ea38d9f042a66408356609
45d6025a13063830ce34d94c1866ddcceaa1551b9ea34a0ccecb80f01a165b73
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
47471f57023b9b1c6a0594c18276bd6734732ef55163adde406ed4771c52d7f7
480d259dd24e8e20033ac2c5030ad6496e9edfa56c8d8545ef9f377513919e1a
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
49abdf0345ad830e7230fe7d57b59adb74653c0ade2a219ce6a2bc64704d0c39
4c3681fdc5c452c514f0e72b2dddc66558eb03a943c97ec1df7ea28215b28fdf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5511af087f41165d36f925af79689b5a091d3a8f0a61b0fbef1088409c41c669
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588400cc0c4cd8f38dfbdec8c009ec29dcceb922d1611fcc4ac181d7a1925132
5a5b9c85cde1df497209909e666e29159ec43ee0197727ecb4a5a0cf6c1a7625
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d18e690bc26692aa1bd8f4a4ca82c2618864dbe04f52685c6ab5a379b3021eb
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60a0075b20f03e1eb4d5bf21b0000203d4c0146443e53fbc3066221cd23e1087
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
688fc12a17fe599172d804d23b443f1c039ded595c854d40e9470f743e8ab5eb
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6bf3cefb40d063a294cb2ab53d0484e1baa70713c0de168812eca71817a86090
6dc4e7c8df4ac36eba96ff23bb896db37ba80428f8b4ebabff24dee25bec409f
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933
716aae8840c3f69c5b8b19d6e95258776cb5e847e9e890378d31cd92ee2c9ce8
718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
7a292ae9407e29e3971e2bda864a9d5d57ebcd001526e66fc51f7f74150d79f8
7aaba30f4e01b26d401ec15b0434295e8d9704363067aeae067cecec1070d2e3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cc95ac2a5f05d0dc555fece0ff68b373fdabafdef7c37b3dbe7ec24d795309f
7cea2e35a6f1f78612f22784ea30df602c2b355ee11c9dd29f6bf0bc7bbcf84e
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81d987b56fbf0398e43894d6e7e13a56c6b5bf6eb5f511377d2cec956469fadf
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84c8704dad51378ce4b078bd9c06cedeab80b893b5c87544d9cc083dc63afa02
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b15fd492c04d389e35990f791fd8a000c945bbe4afffb1a66760d7e3d67a97e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f61e070284ba9fa2dc7183d6a68c6e86ae4fac44ab7bc7c321ab83e12062ea0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731
92ab417f1156e4bac9e638a184ced6c49b98aab5546a6c119e60c753287a5e13
954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e
996f6cb7c72eb4dcd0e008a3f3c7c21f637a168b0fe7d14a11900f088e0f8e55
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6409310bbfa39d9ba2badd9067f468c7ebb1d2fd7ad9b5b89e06d9bb0cc7ec
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9dc07161decfae4c07e5e99d3633bc19dff5757aaa09610cca838aa657806d0b
9e413ba64dd1ffdef501fce63182552cec4740604ab9bb697303204a79a2902f
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
9fd1a7046a6b844c6f067d83ba2831c7bace97aae1b15b87cf5e22917b7b4395
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48e554188fedb527c79e1e45ce03da4e601fff86be63121de9a2ac8291911e1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9c6476f9472c48a289145a3b96258e87eff1282b0a76993319eb8ee37fb79
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b424dd043d9e2e1f5898f7792e3f2010d5b88611db52b1f3d3c5f36ea6f53b
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71cf1ec33dc40728e5cb98f96e6133e17d60c624ec30bd3765c7ac8cf54c982
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a92be692159a60cd21ae2433e35968793165ac283b9f2e1ab11dcdb60cb9c7f1
a972229674fe664fba6d60a4c98ed0bcdab34e1ced9197192f6ffe9cb1798268
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab4bee0d5387e325afe6521597000f6d7cbfd01dccb3146ca4a8b0c5f84e5855
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
ac05737d0a376a3e361ef8bc8dc1a44acfcfdc146d989283014d07bc78d41887
ac92f2ab44e0a91a3d177c0c3f010dd98c6763aed54206817979ee9e5888e6e8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b0d9f3812f7d2be3cf7ce8bfbeb9f8ea0e227c94ed0c810e8d81b5f6e64aedb2
b2748d91f3700b6f9d819aa57c7ead837be64febe1bc137c2712ca678e1436a4
b47d616e4d9c31cf0fb424c1663c1ee9a63b9d7ea02a37b4e2b5b807ea7ec33b
b5d3ef3c5bea1f4c7e87efb24c0655557c088efd1603e837aaf02b780a9366bd
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b75fc8d86f4fadfb2776f1be5c63e86245c931a240da3deb85be3ca986240adc
b762fda73b9cb3a384563cc8ff52e2a4772a287115f1370c2ae705bbc36f796d
b785d3dba9e3f3958deaee29992c96dfd7d9ff6c5f737d3a30de235eec2a8939
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be519b2e13062fcf1b7c92a15a567ad785170aa56e2ac4179a04838f88afd755
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c234175c5f5b9de19b11bc87cadb32a7f9bac475313ad503d77c479cf9adf29c
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e
c5941a4da3ef8ce99baf131646c3214256dd253c86a13530161830c9b23186b0
c78e52d7a37321d07e88999606700ba950c832ec400bab7b1237b1072ebc46d4
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15ebe4f5e37b6fd6776826b284ef40c338f0fe14c2eee158b1a18aeb0f1cabe
d3c5b84d90cee4b14b226a7e9c4dd96156905b9458db28da5446eccd1702a5ae
d61260c6c74dd9bed84e1dbc7e04e98c91fad783ece1cdce4e07de3970df6866
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d85713a70972104caf26f5743a07ce1f9dea914bad34651f8ef1c4c78d37eb5b
d8a4c09c4cab076cb115cccbcd249135aa49db05f1866c21117124bc85cec1ba
d9406890e304597206481a853d1d33e927dcf1abffb13b6c6a2d55f3eace6d21
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc354a17172ca1ddf6ac00ee5d8a85409131ec971a0e4b6c8733087027f1d4de
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df9f434e59e9780ddb17b762f31662be256993c082c2b2a4d91fdd2e870ca321
e009ede96c0b8ed18aab7dc087a358d47e82fdfc126c3fed4006db8777156615
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f9ff8a816e2ecb64a1c72ed5e15b3e7058bfca82dd7ecb0e220e3664d0477
e451954323c536ecfa566e734c3574ec6bb6b697573ad73270a843e8cba4317c
e7172c39f798e59c733b14287bd4e92acc67ae06791a87a7b3c5eb43dd40d978
ea7459817efa8ba207433194fab99117f6400168658d8f37cb8143312f2cfd3c
eb7dbc47e9da03bd9d667762848d702b4f5279ac3c4de391cc3c8e2fbcd01405
ee07267c1822a8cc487be07e4a98e9fc72df31487aacd84b75abdde61e982a73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f525cf91c9aef80308c7e783f71964d7cef1b6bd5dd503c9123e653beac1dd2b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c92389936769c27c75378cc38a80b1d4063542d532ad84ebed7995f73220c3
f6586268f23462317fde292bc9eea870a562b7a52c314a25fb420921b2dbaecf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f089ff18270a2a9149fecfab2a8f182b1c6040ac452353af115688a0571553
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688
fe481c978a3e75baea51aaeb543cf9413b46da6ad04c2b724f6ca6874ff3ec38
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745