newsoku.blog Open in urlscan Pro
2606:4700:3036::6815:1f43 Public Scan

URL:
https://newsoku.blog/
Submission: On August 03 via manual (August 3rd 2021, 3:11:44 pm UTC) from JP

Summary HTTP 303 Redirects Links 116 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 26 domains to perform 303 HTTP transactions. The main IP is 2606:4700:3036::6815:1f43, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsoku.blog.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time newsoku.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3036::6815:1f43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.111.228.89 104.111.228.89	16625 (AKAMAI-AS) (AKAMAI-AS)
7	147.92.191.167 147.92.191.167	38631 (LINE LINE...) (LINE LINE Corporation)
14 14	210.152.186.219 210.152.186.219	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
15	2a04:4e42:3::737 2a04:4e42:3::737	54113 (FASTLY) (FASTLY)
2	34.212.109.130 34.212.109.130	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	133.242.86.196 133.242.86.196	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.96.123 13.224.96.123	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	103.142.125.193 103.142.125.193	131957 (MICROAD M...) (MICROAD MicroAd)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3033::6815:3978	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 65	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	178.79.227.24 178.79.227.24	22822 (LLNW) (LLNW)
5	103.142.125.195 103.142.125.195	131957 (MICROAD M...) (MICROAD MicroAd)
10	2a00:1450:400... 2a00:1450:4009:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	54.64.230.133 54.64.230.133	16509 (AMAZON-02) (AMAZON-02)
1	210.140.201.11 210.140.201.11	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	18.180.188.164 18.180.188.164	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400f:11::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:11::6	15169 (GOOGLE) (GOOGLE)
303	43

18 2606:4700:3036::6815:1f43 (United States)

ASN13335 (CLOUDFLARENET, US)

newsoku.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.89 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-89.deploy.static.akamaitechnologies.com

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.92.191.167 (Japan)

ASN38631 (LINE LINE Corporation, JP)

blogroll.livedoor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 210.152.186.219 (Kitakyushu, Japan) 14 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

ad.jp.ap.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:3::737 (United States)

ASN54113 (FASTLY, US)

i.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mlb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.212.109.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-109-130.us-west-2.compute.amazonaws.com

counter1.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.242.86.196 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

rranking9.ziyu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-123.zrh50.r.cloudfront.net

cache.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.142.125.193 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::6815:3978 (United States)

ASN13335 (CLOUDFLARENET, US)

feedrapp.lliy.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.79.227.24 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-24.vie.llnw.net

counter1-cdn-ssl.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.142.125.195 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4009:820::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.230.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-230-133.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.201.11 (Adachi, Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.180.188.164 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-188-164.ap-northeast-1.compute.amazonaws.com

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:11::7 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r1---sn-5goeen7r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:11::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznez.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com	747 KB
40	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com csi.gstatic.com	441 KB
35	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	957 KB
19	google.com adservice.google.com www.google.com mts0.google.com	85 KB
18	newsoku.blog newsoku.blog	326 KB
15	valuecommerce.com 14 redirects ad.jp.ap.valuecommerce.com mlb.valuecommerce.com	25 KB
14	imgvc.com i.imgvc.com	3 KB
12	lliy.biz feedrapp.lliy.biz	37 KB
11	googletagservices.com www.googletagservices.com	371 KB
11	microadinc.com cache.send.microadinc.com s-rtb.send.microadinc.com ssp.send.microadinc.com	11 KB
8	googleapis.com fonts.googleapis.com	5 KB
7	ampproject.org cdn.ampproject.org	125 KB
7	fc2.com counter1.fc2.com counter1-cdn-ssl.fc2.com	7 KB
7	livedoor.net blogroll.livedoor.net	30 KB
4	google.se adservice.google.se	1 KB
4	adingo.jp cdn-fluct.sh.adingo.jp sh.adingo.jp i.adingo.jp	26 KB
4	google.de adservice.google.de www.google.de	559 B
3	cloudflareinsights.com static.cloudflareinsights.com cloudflareinsights.com	5 KB
2	googlevideo.com 1 redirects r1---sn-5goeen7r.googlevideo.com r1---sn-4g5lznez.googlevideo.com	269 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	microad.net 1 redirects j.microad.net jgl.microad.net	20 KB
1	zucks.net sh.zucks.net	1 KB
1	criteo.com gum.criteo.com	358 B
1	googleadservices.com partner.googleadservices.com	440 B
1	ziyu.net rranking9.ziyu.net	494 B
1	googletagmanager.com www.googletagmanager.com	40 KB
303	26

	Domain	Requested by
58	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com tpc.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com pagead2.googlesyndication.com
23	pagead2.googlesyndication.com	newsoku.blog pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
23	securepubads.g.doubleclick.net	newsoku.blog securepubads.g.doubleclick.net googleads.g.doubleclick.net j.microad.net f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
18	newsoku.blog	newsoku.blog
15	fonts.gstatic.com	fonts.googleapis.com
14	i.imgvc.com	newsoku.blog
14	ad.jp.ap.valuecommerce.com	14 redirects
12	feedrapp.lliy.biz	newsoku.blog
11	www.gstatic.com	googleads.g.doubleclick.net 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
11	www.googletagservices.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	csi.gstatic.com	securepubads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com www.gstatic.com
8	www.google.com	newsoku.blog f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com tpc.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
8	fonts.googleapis.com	googleads.g.doubleclick.net 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	blogroll.livedoor.net	newsoku.blog blogroll.livedoor.net
5	ssp.send.microadinc.com	newsoku.blog
5	counter1-cdn-ssl.fc2.com	newsoku.blog
5	s-rtb.send.microadinc.com	j.microad.net
4	mts0.google.com	64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
4	adservice.google.se	securepubads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn-fluct.sh.adingo.jp	j.microad.net sh.adingo.jp
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter1.fc2.com	newsoku.blog counter1.fc2.com
1	r1---sn-4g5lznez.googlevideo.com
1	r1---sn-5goeen7r.googlevideo.com	1 redirects
1	sh.zucks.net	cdn-fluct.sh.adingo.jp
1	i.adingo.jp	newsoku.blog
1	sh.adingo.jp	cdn-fluct.sh.adingo.jp
1	www.google.de	newsoku.blog
1	stats.g.doubleclick.net	www.google-analytics.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	gum.criteo.com	cache.send.microadinc.com
1	cache.send.microadinc.com	j.microad.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mlb.valuecommerce.com	newsoku.blog
1	rranking9.ziyu.net	newsoku.blog
1	www.googletagmanager.com	newsoku.blog
1	static.cloudflareinsights.com	newsoku.blog
1	jgl.microad.net	newsoku.blog
1	j.microad.net	1 redirects
303	49

This site contains links to these domains. Also see Links.

Domain
newpuru.doorblog.jp
headline.mtfj.net
2channeler.com
tokkaban.com
newser.cc
mtmx.jp
news-choice.net
webnew.net
news-three-stars.net
blogroll.livedoor.net
ii-antenna.net
giko-antenna.com
besttrendnews.net
matometatta-news.net
konowaro.net
antennabank.com
matomechecker.net
afo-news.com
news.owata-net.com
blogroll.livedoor.com
warotanien.net
0matome.com
2chnavi.net
new2.jp
brave.com
twitter.com
ck.jp.ap.valuecommerce.com
blogmura.com
blog.with2.net
counter.fc2.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.microad.net GeoTrust RSA CA 2018	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.livedoor.net GlobalSign RSA OV SSL CA 2018	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.imgvc.com DigiCert SHA2 Secure Server CA	`2020-08-31` - `2021-10-01`	a year	crt.sh
*.fc2.com Amazon	`2021-04-10` - `2022-05-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.ziyu.net R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.valuecommerce.com DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-10-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
cache.send.microadinc.com Amazon	`2021-02-23` - `2022-03-24`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.send.microadinc.com GlobalSign RSA OV SSL CA 2018	`2020-10-06` - `2021-11-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
cdn-fluct.sh.adingo.jp DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-10-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
sh.zucks.net Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-27` - `2021-10-05`	2 months	crt.sh

This page contains 37 frames:

Primary Page: https://newsoku.blog/
Frame ID: 88EF043DC4A03349B8E55732751ABBF9
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html
Frame ID: 6C4E0B724CEBC27539C967EC3553F702
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480158&bpp=4&bdt=464&idt=226&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563500818245&rume=1&frm=20&pv=2&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: D93572803FD219200D502830D3EFBE44
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 6B94382318AABEE9D95A70FE93BC963A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28
Frame ID: 85986A7D5673D56A344B78A3175F7D4A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480903&bpp=39&bdt=1210&idt=39&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vLdlVPxwiB&p=https%3A//newsoku.blog&dtd=45
Frame ID: A07BD57E2B4E01CB959DF00FCA04B819
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481022&bpp=8&bdt=1328&idt=8&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=STxYb9HlJt&p=https%3A//newsoku.blog&dtd=17
Frame ID: E1EADFD37D199A5558352E51062E7A81
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18
Frame ID: 7E55901687BC2AA95FBB98D3F3716228
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481246&bpp=2&bdt=1552&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=iSPKoriWiG&p=https%3A//newsoku.blog&dtd=13
Frame ID: D1ACC913A29C50282CEE4CF4C179C699
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 4474153CB593D0303BE037161AC780D0
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: EF63266C02DDEA882B80E55903B022A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: 3D08A763A241F9460748B92AB2C41CC0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: 03F076E9C30012564E14D067BDFDAC0A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5F78C4CA10DAA0A59D4C41DCE73D3278
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CC6D9613DA7A8DED7963F199690BC5E6
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1875C1FED5BAEC8F31719E556B9D415A
Requests: 9 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646
Frame ID: 7B225036E8309A926448F3666EF46A89
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ADCECD597C020154F935C65F1A685D61
Requests: 9 HTTP requests in this frame

Frame: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6804CCDEA38935225C183B0A406C2D95
Requests: 1 HTTP requests in this frame

Frame: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 67914A4F7BB2D27DAE4ED1EF4F6BB9C5
Requests: 1 HTTP requests in this frame

Frame: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 32B374FDE0B5F0626A3FF0043708CD20
Requests: 1 HTTP requests in this frame

Frame: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 52D3D15FB9EA5AEC5FA81FF05100B8CC
Requests: 14 HTTP requests in this frame

Frame: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CB1AD7EECFD4821C161D387AB0414989
Requests: 1 HTTP requests in this frame

Frame: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 07BBD4062B5D69B2DF8016C63E3806C4
Requests: 23 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/nativead/brain.js
Frame ID: F63B84D9341B240A41C9569EA7979089
Requests: 2 HTTP requests in this frame

Frame: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 89DED8D7FEFE6D2BC45AB9321C40DED3
Requests: 15 HTTP requests in this frame

Frame: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EF2281D9F6A93E55D03AC562EBE95496
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 22DD57E1D8272394A5FE431867923CAE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C90C87E906411E2A52A0F59E0F264A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CB8E8BDDAB023B2D52125BC87A0EA486
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E620ABC7FAC5B491BE63F74CF5DE2B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7704BE621A332EC95AA360A8DAEE5AA4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D42D2A8641F127F2D4FAA48294DE066
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FB255E357BC0D64D9230D0A8B46CC397
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B8FBC5E1B42CD6E1AE2AEB2ABE1AA00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F839283A552F36DD5D9A8CDAFD7D1EA0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 872D4CB24E762733CED625228C2F1A7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

303
Requests

100 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

43
IPs

7
Countries

3544 kB
Transfer

8172 kB
Size

2
Cookies

116 Outgoing links

These are links going to different origins than the main page.

URL: http://newpuru.doorblog.jp/
Title: ★にゅーぷる

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/
Title: ★とろたまヘッドライン

Search URL Search Domain Scan URL

URL: https://2channeler.com/
Title: ねらーアンテナ

Search URL Search Domain Scan URL

URL: http://tokkaban.com/
Title: 激安特価板

Search URL Search Domain Scan URL

URL: https://newser.cc/
Title: NEWS人

Search URL Search Domain Scan URL

URL: https://mtmx.jp/
Title: まとめくすアンテナ

Search URL Search Domain Scan URL

URL: http://news-choice.net/
Title: NEWS CHOICE

Search URL Search Domain Scan URL

URL: http://webnew.net/
Title: WEBNEW

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/
Title: ニュース星3つ！

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59355&channel_id=238586
Title: 【驚愕】700円とは思えない「禁断の天丼」がこちら

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1379&cate=20&date=1627960025
Title: ロシアのミグ設計局が第5世代の艦載戦闘機開発を開始、STOVL型の開発も検討！

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1379&cate=20&date=1627981313
Title: 後頭部に「バンド」を貼った金正恩委員長！

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1377&cate=20&date=1627959392
Title: 【国際】韓国人の家、日本人の家より27％も狭かった

Search URL Search Domain Scan URL

URL: https://ii-antenna.net/?category=news&id=5008819
Title: ワイ、qbハウスを使ってるだけでチー牛扱いされる

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1645&cate=20&date=1627963252
Title: 【緊急】中国に世界各国に天文学的賠償請求か　米下院外交委員会で報告書公表「新型コロナは武漢ウイルス研究所から流出」ほぼ確定路線に

Search URL Search Domain Scan URL

URL: http://giko-antenna.com/archives/1334226.html
Title: 【悲報】運営「馬術の障害物を日本っぽくダルマにしたろｗ大ウケやろなぁ」 →馬が怖がり失敗続出 →撤去されてしまう

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803232010
Title: 【悲報】首都圏4知事「夏休みやお盆での旅行・帰省は中止にして！！」

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803235003
Title: 【悲報】人を傷つけないお笑い「ない」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583073&code=210803144&category_id=2
Title: 韓国代表の「福島食材忌避」に日本政府が韓国政府に申し入れ……「風評被害を許さない」という強い立場を堅持

Search URL Search Domain Scan URL

URL: http://news-choice.net/news/202108032357.11989014.html
Title: 【悲報】バッハ会長、日本の取材を1分で打ち切り!!! 中国に対してはメディアセンターに出向いて長時間取材

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926376375436705792
Title: 【悲報】有名ゲームデザイナー神谷氏、加藤純一を痛烈批判

Search URL Search Domain Scan URL

URL: http://besttrendnews.net/news/202108032354.11989787.html
Title: 【悲報】女さん、とんでもない場所で縦列駐車を試みるｗｗｗ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324870.html?id=28647756&c=2ch&noadult=1
Title: 天下一品でラーメン食ってきたけどやべーなあれｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324870.html?id=28663934&c=news&noadult=1
Title: 放射能フリー弁当を日本政府から正式抗議された韓国が見苦しい歴史改竄で日本側を逆糾弾し始める

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324745.html?id=28663739&c=news&noadult=1
Title: 【教えて国民】蓮舫「総理と官邸を擁護する人を番組に呼ぶことそのもがどうなんでしょう」5ch「何言ってんだコイツ」

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324585.html?id=28663460&c=news&noadult=1
Title: 政府「頼むから、お盆の帰省は止めて下さい」

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324327.html?id=28662718&c=news&noadult=1
Title: トヨタ、ランドクルーザー生誕70周年で「40系」の重要機能部品復刻を公表！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324186.html?id=28662715&c=news&noadult=1
Title: 【拡散】中国地下鉄沈没の生存者が証言「政府発表は嘘だ」（動画あり）

Search URL Search Domain Scan URL

URL: http://matometatta-news.net/news/202108032348.13879744.html
Title: 【速報】ビットコイン、今月も暴落

Search URL Search Domain Scan URL

URL: http://news-choice.net/news/202108032347.11989441.html
Title: 未だにクーラー付けずに扇風機で頑張ってる奴ｗｗｗ

Search URL Search Domain Scan URL

URL: http://konowaro.net/news/202108032347.9437352.html
Title: 自民党の事務局長を逮捕未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3582911&code=210803144&category_id=2
Title: A-10サンダーボルトⅡ攻撃機が、米国の高速道路で初めて離着陸をトレーニング！

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583150&code=210803144&category_id=2
Title: 【謎】満員電車「密集します！手すり触ります！汗臭いです！」 ← これでコロナにかからない理由

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583195&code=210803144&category_id=2
Title: 厚労相「酸素吸入が必要なやばい中等症でも、在宅で酸素吸入してね」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583196&code=210803144&category_id=2
Title: 【東京五輪】サッカー日本代表がスペインに敗北 → 戦犯がこちらｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/news/202108032345.13878957.html
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://antennabank.com/news/202108032344.13880007.html
Title: 【動画】岩手で空飛ぶタイヤ。走行中のジムニーからタイヤが外れて飛んでいってしまう車載。

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814844
Title: 【五輪】ギリシャの幅跳び王者は日本のアニメ好き「DB、NARUTO、ワンピースが好き」

Search URL Search Domain Scan URL

URL: http://newser.cc/news/20210803?order=link&ni=3245076
Title: 日本が終わってんのって政治家が悪いんじゃなくて他

Search URL Search Domain Scan URL

URL: http://afo-news.com/news/202108032331.9436998.html
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803115004/?d=pc&c=index
Title: F1ハンガリーGP：アルファタウリの角田「後半戦はコンスタントにポイントを獲得できるようにしたい」

Search URL Search Domain Scan URL

URL: http://webnew.net/news/202108032327.13878984.html
Title: イラン大統領の就任式で韓国高官が原油代金70億ドルの返済猶予を懇願する国辱的事態が進行中

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803131353/?d=pc&c=index
Title: 【速報】中国、終わる

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803224010
Title: 台湾と外交関係持つパラグアイ、中国ワクチン供給契約を突然破棄される…中国当局当局の圧力か！

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803222510
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803192810/?d=pc&c=index
Title: 【悲報】アストラゼネカ製ワクチンに驚きの情報・・・マジかよこれ・・・

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803213010
Title: 自民党の事務局長を逮捕　未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803201215/?d=pc&c=index
Title: 【悲報】パラリンピック、中止へ・・・・・・・・・・

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1818&cate=10&date=1627998492
Title: 【悲報】従業員59人がコロナ感染するデパートが出現するｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1818&cate=10&date=1627992796
Title: 逆転裁判さん、ヒロインが可愛すぎる件ｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.com/
Title: Powered by livedoor 相互RSS

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59344&channel_id=238587
Title: メールで届いたファイル名が「奇跡のような文字化け」だった

Search URL Search Domain Scan URL

URL: https://warotanien.net/archives/27815
Title: 【朗報】ワイ、アルバイトで6500円ゲット！！ｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://warotanien.net/archives/27808
Title: 【悲報】従業員59人がコロナ感染するデパートが出現するｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://ii-antenna.net/?category=sports&tag=soccer&id=5008747
Title: 【動画】吉田麻也のPK取り消しになったタックル、ヤバすぎｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://giko-antenna.com/archives/1334235.html
Title: 【衝撃】昨日メンヘラ彼女と別れた結果→こうなっていますｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1180&cate=0&date=1627911983
Title: 今週の「逃げ上手の若君」感想、信濃国司・清原信濃守が登場！一筋縄では行かなさそうな麻呂が出てきたな･･･【26話】

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210804000001
Title: 韓国政府が竹島モニタリングを強化にネットには不満の声多数「海兵隊を駐屯させるべき」！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324585.html?id=28663382&c=2ch
Title: ワイリゾートバイト民の寮ｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803235502
Title: 【画像】イチローさん、引退して暇だからとブルペンキャッチャーもやり始めるwwwwwwwww

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1344&cate=0&date=1627999200
Title: 海外「日本はよくやってくれた！」アスリートが紹介する選手村の設備に外国人が感動

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1681&cate=0&date=1627931212
Title: 【画像】これ以上ないってくらい最恐の心霊写真、見つかってしまう・・・

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1180&cate=0&date=1627938103
Title: 鬼滅の刃スピンオフ「キメツ学園！」新連載決定！最強ジャンプ９月号でスタート！

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583196&code=210803144
Title: 【東京五輪】サッカー日本代表がスペインに敗北 → 戦犯がこちらｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://news-choice.net/202108032357.11989143.html
Title: 【速報】卓球女子団体、日本つえええ…!!!

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1678&cate=0&date=1627948834
Title: シンフォギア登場前にシンフォギアスペックの台ってあったの？

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324745.html?id=28663547&c=news
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324463.html?id=28663049&c=news
Title: 後頭部に「バンド」を貼った金正恩委員長！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324327.html?id=28662387&c=news
Title: 文在寅がK防疫の勝利を再宣言した直後にデルタプラスの国内初感染が確認されるコントじみた事態が発生

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803232001
Title: 【悲報】首都圏4知事「夏休みやお盆での旅行・帰省は中止にして！！」

Search URL Search Domain Scan URL

URL: http://matometatta-news.net/202108032348.13873876.html
Title: 海外「また日本に泣かされた」東京五輪のブーケに込められた日本人の想いに外国人が涙

Search URL Search Domain Scan URL

URL: http://konowaro.net/202108032347.9437487.html
Title: 【画像】呪術廻戦、パクっているのではなく意図しないオマージュだったことが判明

Search URL Search Domain Scan URL

URL: http://news-choice.net/202108032347.11988945.html
Title: 【東京五輪】体操鉄棒・金メダルの橋本大輝選手、君が代「しっかり歌った。日本代表として誇りをもってやっていきたいと思った」

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/202108032345.13879132.html
Title: MBC、また東京五輪関連の放送でミス「サッカー、野球は負けて、バレーだけ勝ったが？」＝韓国の反応

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583149&code=210803144
Title: 【動画】岩手で空飛ぶタイヤ。走行中のジムニーからタイヤが外れて飛んでいってしまう車載。

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583195&code=210803144
Title: 厚労相「酸素吸入が必要なやばい中等症でも、在宅で酸素吸入してね」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583199&code=210803144
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583200&code=210803144
Title: 【速報】2021年PS5ソフト売り上げランキングがヤバすぎる……

Search URL Search Domain Scan URL

URL: http://antennabank.com/202108032344.13879876.html
Title: 【衝撃】くず鉄製錬溶鉱炉に男性作業員が落ちてしまう衝撃映像。

Search URL Search Domain Scan URL

URL: http://besttrendnews.net/202108032344.11989065.html
Title: 私「女子会行ってくる」彼「俺も行く！俺、盛り上げるよ！」私「女子会だから無理でしょ...」→ しつこく言うので折れてダブルデートを組んだら…

Search URL Search Domain Scan URL

URL: http://afo-news.com/202108032341.9437654.html
Title: 【画像】セーラームーンの拘束シーン、いま見ても興奮するｗｗｗ

Search URL Search Domain Scan URL

URL: http://webnew.net/202108032327.13879030.html
Title: 【狂気】ディズニーランドの職員はコレをやった瞬間クビになるらしい…ヤバすぎ…

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803224001
Title: 台湾と外交関係持つパラグアイ、中国ワクチン供給契約を突然破棄される…中国当局当局の圧力か！

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814802
Title: 【速報】園児バス死亡、とんでもない状況証拠が明らかになり急展開へ。

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803222501
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803213001
Title: 自民党の事務局長を逮捕　未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59355&channel_id=273702
Title: 【驚愕】700円とは思えない「禁断の天丼」がこちら

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926376272370073600
Title: 【日向坂46】かとし、リモートラジオでまさかの暴挙にでるwwww

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926374447000584192
Title: 【朗報】ワイ、アルバイトで6500円ゲット！！ｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3582993&code=210803144&category_id=6
Title: もうすぐ君、25才になるんだよ…。

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583076&code=210803144&category_id=6
Title: 【苦痛】休みになると義実家に呼ぶトメ「一緒におでかけしましょ♪」私「はい..（頻繁に顔を出してるのにまだ足りねーのかな？」→後日、トメからLINEがきて・・・

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814852
Title: BABYMETALグッズをコレクションする上でのアドバイスってある？　【海外の反応】

Search URL Search Domain Scan URL

URL: https://0matome.com/p/p1428182b2f232a2eafd5f382879e70c9.html
Title: これどんな競技？お尻を床につけながら前脚だけで移動する猫

Search URL Search Domain Scan URL

URL: http://2chnavi.net/headline/2021080314
Title: 【東京五輪】サッカー日本代表がスペインに敗北 → 戦犯がこちらｗｗｗｗｗｗｗｗｗｗ他

Search URL Search Domain Scan URL

URL: https://new2.jp/feeds/051d0460
Title: オカリナがシンデレラに変身！　「ゆいPと一緒に痩せたい」理由は…

Search URL Search Domain Scan URL

URL: https://brave.com/ja/
Title: BraveBrowser

Search URL Search Domain Scan URL

URL: https://twitter.com/newsoku_blog
Title: 【ツイッター】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107598
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107601
Title: 【AMAZON】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2Fgp%2Fgoldbox%3Ftag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON タイムセール一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2Fb%2F%3Fie%3DUTF8%26node%3D6026699051%26tag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON 在庫処分セール一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2FAmazon-Video%2Fb%2F%3Fie%3DUTF8%26node%3D2351649051%26tag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON プライムビデオ一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107608
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107610
Title: 【楽天市場】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107615
Title: 【楽天 kobo】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107611
Title: 【楽天トラベル】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107612
Title: 【楽天 GORA】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107620
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107622
Title: 【Yahoo! ショッピング】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107630
Title: 【PayPay モール】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107638
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107639
Title: 【セブンネットショッピング】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107643
Title: 【イトーヨーカドーネット通販】

Search URL Search Domain Scan URL

URL: https://blogmura.com/ranking/in?p_cid=10975451

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=1992429

Search URL Search Domain Scan URL

URL: https://counter.fc2.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 6

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107598 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 7

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107601 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 8

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887084656 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 9

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107608 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 10

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107610 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 11

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107615 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 12

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107611 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 13

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107612 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 14

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107620 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 15

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107622 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 16

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107630 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 17

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107638 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 18

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107639 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 19

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107643 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 105

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC3jaXs_gEQsAkYrAIyCNL7LF9MUJOF HTTP 301
https://tpc.googlesyndication.com/simgad/9426576781680322168

Request Chain 282

https://r1---sn-5goeen7r.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&mh=K4&mm=31&mn=sn-5goeen7r&ms=au&mv=m&mvi=1&pl=24&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=272462&dur=15.000&lmt=1621867376024965&mt=1628003091&txp=6316224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMB4Q6BpbF1xj_mBhcbZJK56NXqKkd7sp3z4rmFIAq8wCIAU_repSbTZfDsmYzJEV-3ymbEhqmpd6N7WKYF1iUJwf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAMhTap4SyLzhH0ERpdj3ZF9dtu-GLLPsRVcO5_wjj6G4AiEA9TPm-NVdPrwbNLwAAGplQtBGyqUlCIPaSpYKFKUa_MI%3D&range=0-999999 HTTP 302
https://r1---sn-4g5lznez.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=272462&dur=15.000&lmt=1621867376024965&txp=6316224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMB4Q6BpbF1xj_mBhcbZJK56NXqKkd7sp3z4rmFIAq8wCIAU_repSbTZfDsmYzJEV-3ymbEhqmpd6N7WKYF1iUJwf&range=0-999999&redirect_counter=1&rm=sn-5gol67e&req_id=ddd5b33d098aa560&cms_redirect=yes&ipbypass=yes&mh=K4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5lznez&ms=au&mt=1628002520&mv=u&mvi=1&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJUTXvW4hvN1BjOEuXlBbR2suz422oWP-mIaI2jFgo1OAiEA9676eVZolY1eWbqPcZsuo-6W2Sl-2MvAXE3GEPkLm-k%3D

303 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsoku.blog/ 281 KB
53 KB 1251ms
1123ms Document
text/html 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade5a8c440fbeb99a0308ba1f428cb6bdad1709e6e7eb36e19b35d1539579d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: newsoku.blog
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:19 GMT
content-type: text/html; charset=UTF-8
x-f-cache: BYPASS
x-signature: KUSANAGI
referrer-policy: unsafe-url
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Aug 2021 15:11:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlhTI9yYUASp%2B1dP7EPLk4zLH85kaF2a038tD3aRb2ArVGRjjXPd79ROrwQWBmwoT1uVLfsYR80BI94dClJm%2FSMxvGW6vn%2FfrV5MmrVw%2BoSnVSxsRwzOTDLOpQ6DXvZYdNTyuf2%2BbpjQCMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67907a4d1f8396c2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hdd2r.js Show response
newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/ 87 KB
32 KB 36ms
21ms Script
application/javascript 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76109
cf-polished: origSize=89433
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 18:01:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"610832ed-15d59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BxcgKNd2WfmlbKFEoUE59i1KZmK9SqjUJiDsReZ5rxO1%2BnSrw3OKZRKFOa2Wh5K8cVWzhp%2FTKAOAwW3WGbQkRigcXqUnmiA1gZ4yoB4uvya0C%2BCnOLGwZvKQgUTSlbF%2B4GXf5PGdDbUA30%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 67907a55ddc10742-FRA
expires: Wed, 03 Aug 2022 15:11:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 197ms
69ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3be64cdc9922577bc5151d37345f719d4e13990475ec503d087da5b3d62ae725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 1 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24721
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 106ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

951a39578447c900897fb1c1a5228bcfaa75ae369f88a491d9365a72fe373eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49342
x-xss-protection: 0
server: cafe
etag: 13910504330065982742
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H/1.1

200
OK

compass.js Show response
jgl.microad.net/js/
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

82 KB
19 KB

231ms
96ms

Script
application/javascript

104.111.228.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 13b4cb1e8f744dbc4085d2d55103bf1be6f2eefbdca1b7b78fd9447bfe279c95

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:57:22 GMT
Server: Apache
ETag: "14875"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 19519
Expires: Tue, 03 Aug 2021 15:11:20 GMT

Redirect headers

Location: https://jgl.microad.net/js/compass.js
Date: Tue, 03 Aug 2021 15:11:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 newsoku_logo.jpg
newsoku.blog/wp-content/uploads/2020/07/ 24 KB
25 KB 41ms
36ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2020/07/newsoku_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47c010865dd2f8ca816ba441d757b2bd4b3bf4f615b8b682cca0e6f2670361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/07/newsoku_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24478
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jul 2020 12:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f119e7e-5f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPvFnvtWnGZqypZ%2BSw25CK1UJlgAPFsk3WnImefMWTIuWP317liITscgNEzF0dQaTp59W8tlwp5549AgMesCZ8NH5kB8JXz0HehWy3VE%2F4G4A%2FW1GOdv%2F7r4bVAKG7gPL%2BnbM9iCg5Ra%2BP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a563e900742-FRA
expires: Wed, 03 Aug 2022 15:11:20 GMT

GET
H/1.1 200
OK blogroll.js Show response
blogroll.livedoor.net/js/ 15 KB
4 KB 846ms
277ms Script
application/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/js/blogroll.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: W/"6007ef97-3ca8"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107598
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

213ms
66ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364157,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107601
https://i.imgvc.com/vc/images/1x1.gif

43 B
620 B

206ms
63ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364485,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887084656
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

207ms
64ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364480,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107608
https://i.imgvc.com/vc/images/1x1.gif

43 B
116 B

205ms
64ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364710,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 5

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107610
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

180ms
65ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364544,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107615
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

110ms
66ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003481.364675,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107611
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

71ms
70ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.755176,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 8

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107612
https://i.imgvc.com/vc/images/1x1.gif

43 B
598 B

71ms
71ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.755289,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 9

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107620
https://i.imgvc.com/vc/images/1x1.gif

43 B
117 B

71ms
71ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.755937,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 10

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107622
https://i.imgvc.com/vc/images/1x1.gif

43 B
116 B

70ms
69ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.755144,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 8

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107630
https://i.imgvc.com/vc/images/1x1.gif

43 B
117 B

72ms
70ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.781204,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 12

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107638
https://i.imgvc.com/vc/images/1x1.gif

43 B
117 B

71ms
70ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
via: 1.1 varnish
age: 66
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.778890,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 11

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107639
https://i.imgvc.com/vc/images/1x1.gif

43 B
543 B

82ms
67ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
via: 1.1 varnish
age: 67
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.203708,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 14

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107643
https://i.imgvc.com/vc/images/1x1.gif

43 B
143 B

81ms
66ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
via: 1.1 varnish
age: 67
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19130-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003482.203729,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 14

Redirect headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H/1.1 200
Ok counter.php Show response
counter1.fc2.com/ 2 KB
1 KB 887ms
219ms Script
application/x-javascript 34.212.109.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter.php?id=7070372
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.109.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-109-130.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: ddcbb7b6f3e6ca8ed9ba275cdecf2a46f6e52342ee3b1d5f1e7be868f168b450

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:11:20 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 797
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 124ms
40ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 67907a57cb8f4327-FRA

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 108ms
105ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35173878-27

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0aadba653a56f00f1d3fe4fea3c09e34c403a2b7b1a54be6a719779a95e760b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40745
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H/1.1 200
OK rank.php Show response
rranking9.ziyu.net/ 394 B
494 B 1401ms
339ms Script
application/x-javascript 133.242.86.196
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://rranking9.ziyu.net/rank.php?newsoku_blog
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.242.86.196 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d5a7079611270b8f242e09cfb89559e4a7ba77243bf9a5aba175a7aeb9323b67

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H2 200 mylinkbox.js Show response
mlb.valuecommerce.com/ 16 KB
17 KB 254ms
87ms Script
application/javascript 2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mlb.valuecommerce.com/mylinkbox.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e353d4321b4e069a05fd434c4b17e7b5207f8a8bdf7326f3917f513b514c9781

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
via: 1.1 varnish
age: 161
x-guploader-uploadid: ADPycdsvBvD2tE3DOwj2Map0WO6iAnT65Keheu3i5DDIKTmRcWPEgQx7sKvEiRKFXB_NIOhLFNcjSpq-76yTKZFjCXU6eUdECw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16687
x-served-by: cache-fra19174-FRA
expires: Tue, 03 Aug 2021 10:58:54 GMT
last-modified: Fri, 22 Jan 2021 02:56:31 GMT
server: UploadServer
x-timer: S1628003480.495981,VS0,VE1
etag: "4e000cf88569edfec29f944667153b14"
x-goog-hash: crc32c=0gzVtw==, md5=TgAM+IVp7f7Cn5RGZxU7FA==
x-goog-generation: 1611284191270563
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 16687
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H3-29 200 hdd34.js Show response
newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/ 37 KB
13 KB 26ms
20ms Script
application/javascript 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a94c206bfcbb8c13f0991b653c71ff50b4feddc6818ae9edb88f048846ec15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76110
cf-polished: origSize=38380
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 18:01:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"610832f0-95ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2pbk5k54RZJ3MqUVA8LSjjj7nmPkkeNDSwykqmwaYGZGyJpV3rYwW%2FI1JIEAmq%2BvTHPIN%2BH63iMoWuI%2BK0FmLaiAULQN8hrtDFBrSKPBLUnG2vTdyuRdGxtkii2rY0HiBQ2Ir5a5VMIFHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 67907a563e8d0742-FRA
expires: Wed, 03 Aug 2022 15:11:20 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 250 KB
93 KB 109ms
105ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4110214929210244&plah=newsoku.blog&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21161526e04840490e533e0233cabdd93eb1fe6632c84622e192c023c3bcc21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95278
x-xss-protection: 0
server: cafe
etag: 7939706070626844053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/ Frame 6C4E 10 KB
5 KB 63ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210729/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 01:15:27 GMT
expires: Tue, 17 Aug 2021 01:15:27 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 50153
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 143ms
73ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
96 B 136ms
68ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6c64daf911643b5212275ae769d35ea84a159704fcee2594c92bd655b51fc7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H3-29 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/ 52 KB
20 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4110214929210244&plah=newsoku.blog&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa29d3f5fe844fdcce3218a722518d22c2329bc0c2aa5eade62c19c49b95140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20338
x-xss-protection: 0
server: cafe
etag: 17527029091997158458
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 03:51:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
440 B 73ms
68ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newsoku.blog&callback=_gfp_s_&client=ca-pub-4110214929210244

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

edf5b617f0524e229c49b05768841a491d4c728785b05db385dda4148c9408fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 77ms
77ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 70ms
70ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D935 0
19 B 174ms
174ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480158&bpp=4&bdt=464&idt=226&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563500818245&rume=1&frm=20&pv=2&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480158&bpp=4&bdt=464&idt=226&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563500818245&rume=1&frm=20&pv=2&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 03 Aug 2021 15:11:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:20 GMT
cache-control: private

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 6B94 2 KB
1 KB 197ms
61ms Document
text/html 13.224.96.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-123.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

:method: GET
:authority: cache.send.microadinc.com
:scheme: https
:path: /js/cookie_loader.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

content-type: text/html
content-length: 982
date: Fri, 16 Jul 2021 17:57:08 GMT
server: Apache
last-modified: Mon, 09 Dec 2019 08:46:57 GMT
etag: "775-599417025c240"
accept-ranges: bytes
content-encoding: gzip
p3p: policyref="http://send.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID CURa OUR IND STA"
cache-control: public, max-age=2592000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ijKvy98pgoQmB5zN5ua2QdPp--3T8WEMBLzbJFWyIGz-sM-sLTE6xw==
age: 1545252

GET
H3-29 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 56 KB
21 KB 73ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3166
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 6B94 45 B
358 B 259ms
85ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 03 Aug 2021 15:11:20 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1203
content-length: 161
expires: 60

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/238586/ 28 KB
8 KB 292ms
282ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/238586/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 8ecd8a2a755277092117f555282f52424d3d041ec869e59112df2bbd408d6f95

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 272
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:16:49 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/238587/ 28 KB
8 KB 573ms
282ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/238587/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 3b3c3a714f1f02c5a2170135d230c23391ed4876eec1b5a6b80a456ae7602350

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 231
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:17:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 80ms
80ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 76ms
75ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8598 91 KB
27 KB 580ms
580ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675678da886bc41e8aa6abd26e2e0b0df1ab0f0b47603f1e731a15c3f89bf7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:11:21 GMT
server: cafe
content-length: 27065
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:21 GMT
cache-control: private

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/273702/ 12 KB
5 KB 797ms
271ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/273702/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: ecbe90b63486893d97eacf04b3ae21234091e8723bda3771add4d5b4c97b54e8

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 178
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:18:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A07B 81 KB
26 KB 478ms
477ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480903&bpp=39&bdt=1210&idt=39&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vLdlVPxwiB&p=https%3A//newsoku.blog&dtd=45

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65212e8a1bd130b9edb5e59aa40996ac828e19951514f0dff9e241910f7d8670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480903&bpp=39&bdt=1210&idt=39&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vLdlVPxwiB&p=https%3A//newsoku.blog&dtd=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:11:21 GMT
server: cafe
content-length: 26211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:21 GMT
cache-control: private

GET
H2 200 fontawesome-webfont.woff2
newsoku.blog/wp-content/themes/simplicity2/webfonts/fonts/ 75 KB
76 KB 76ms
76ms Font
font/woff2 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://newsoku.blog
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://newsoku.blog
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 100275
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Feb 2020 15:01:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e3d7bcf-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyO92CSHK0i1O4WSfDBMCHUOnXCdE2r%2F1jGeiC4Tpe1X6v1p%2BtH6rz20M9reyM10QKT%2BpT5drhe5ttyia655jGfjcb%2FqZcr5lKxmrN8LzbVB0BqLF8smapbunlNFyg7rgzar%2FwB4qUDtJuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5bfe1996c2-FRA
expires: Wed, 03 Aug 2022 15:11:20 GMT

GET
H3-29 200 b_logo.png
newsoku.blog/wp-content/uploads/2021/04/ 7 KB
8 KB 55ms
53ms Image
image/png 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/b_logo.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb2ef3f120cb7cdf7307489008aabe8f9ed2bd7a3731c1c3aed0a9e29c6d415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/b_logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7169
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Apr 2021 06:16:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "606d4e48-1c01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juttmOobPOg5BuEoGic1azyCk2x7JPVXxLkq6R14R%2BsREFoEzhZGdosk2OKeSMJpbYGmEi%2BqWNqORzLuRs5gCbAR3pkBvX%2Fo%2FbTPzOTQmJJhLQwCtkcYIGRpfLetT5mNVg3%2B%2FjTHaCL5DwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5d7fb80742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 Windows365_OS-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 2 KB
3 KB 56ms
53ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/Windows365_OS-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24180076912619bfdda14fe2cd15327c01d178bda15002cf9c2e4e8bb20abb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/Windows365_OS-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2031
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 14:44:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61095640-7ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaCL5DP8B394V0Ld%2FAj09j99h4hNY3%2BG%2FDYX6T2wn3hBoie0mLJh2vQTXG2zArEZCzDwOE802mFyq0SqhzcN5sk2W1ZpR3JAG6xYcdAB0TTKbb%2FgI4IvuSE%2FXGGGPyZlMQUhklVzA6qUOn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5d7fbd0742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg
newsoku.blog/wp-content/uploads/2021/03/ 3 KB
3 KB 52ms
49ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/03/newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54bad592dee9c726bf1781ed73e7ab8d5906d0f558a454011e3825c5ae185c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94216
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2765
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Mar 2021 02:56:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "604c29e9-acd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX7tqlL0E2ywxH%2BLBnfxbUKv6SCeNR0VkOZ%2F3q5OvVO3ri6%2Bj9m31T9mj%2Bd934%2FwdrQiDoRSNJQYx1qjIYYP1FsOiqS86nW0ezKCsoQD%2Fo%2FqcND31RtQ%2B%2BKBRLKaqhiOhQ8E5J3wgRmuzKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5d7fbf0742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 AirFan-150x150.jpg
newsoku.blog/wp-content/uploads/2017/03/ 6 KB
7 KB 56ms
53ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2017/03/AirFan-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4527c806df258be9d6ac87c7056b67493ed62b0ab9d77a65a77773cbc4c2cb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2017/03/AirFan-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3667
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6307
x-xss-protection: 1; mode=block
last-modified: Sat, 22 Feb 2020 01:19:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e508191-18a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Gh6dAYiopdvF921giFmAZEfWFhJ57%2FCmkSgwIYRpyYl98Sfs1TTvFaXehWhdLmt%2Fk50XX2udn5DxWjkG1J7J%2BpNqj469Kp82BzCBfv5rcxFWgj00SlsOQVmdWwe7nwYsb6bICC9vIDqZHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5d7fc00742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1EA 79 KB
25 KB 503ms
502ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481022&bpp=8&bdt=1328&idt=8&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=STxYb9HlJt&p=https%3A//newsoku.blog&dtd=17

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff2ab99b8a325ee8f57b6265b56b11e531f5e0c901ad195727fd8b12ad8232c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481022&bpp=8&bdt=1328&idt=8&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=STxYb9HlJt&p=https%3A//newsoku.blog&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:11:21 GMT
server: cafe
content-length: 25892
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:21 GMT
cache-control: private

GET
H3-29 200 covid19_vaccine_wakuchin_wakutin_-150x150.jpeg
newsoku.blog/wp-content/uploads/2021/08/ 2 KB
3 KB 20ms
19ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/covid19_vaccine_wakuchin_wakutin_-150x150.jpeg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e50f76135cc95fff5370f1cc12cf75aaec06a62d6506be45de107fa968a245d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/covid19_vaccine_wakuchin_wakutin_-150x150.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2428
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 01:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61089663-97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QtB311LNUvOeq8heRv%2Fyzq1nrAQGcg09FZU24HF%2BytYpRT2yBlZYQfTNO7Yu9Gh5h2H8q2hl8DXaJqpvD%2FNORwYfEcxBmKgKi69iWt3xc6NeZr1pTj2zZtRxIOUnnm08l5tWdO1U4CoKaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5cee7c0742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 67b5491aba9691d136317489f292a90e-150x150.png
newsoku.blog/wp-content/uploads/2021/08/ 4 KB
5 KB 23ms
22ms Image
image/png 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/67b5491aba9691d136317489f292a90e-150x150.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18823a038c5c0161d2ee22fdce041611e8afdda41b9a32e1e8238225c7bafbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/67b5491aba9691d136317489f292a90e-150x150.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4422
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 09:02:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6109062f-1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sivAgHdRrkrWN2Xybq16aEzo33H1YV%2FXwlO8r6n8P52XyK1g6Gy%2FisMrJ7i7AllsuD9l1iE17uY0EgXeUbSOwFduxkQoyMphUzgerkLZd1NC2fdvDEIhayAa5xAx1OPG84xB0QgHwkFV0JM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5cee800742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 tokyo3709-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 3 KB
3 KB 28ms
27ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/tokyo3709-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b80f6bab833ac724ca1abba7179e4cc76eded869df0929184e4f5a1145f960a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/tokyo3709-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25971
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2830
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 07:50:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6108f55c-b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QxwS4iz1ttxzXB3PO%2FKVhT2DaLoTwO5ryG1icwZf%2BCy8JoX%2FbVOTclBOMeNCJTzn%2FSWP2P%2BooFaMwM3WGteTSvFVF7lQLibrj%2FYSmrjNU%2FLWFbFNeGa2KtIrk4DFezYm%2Fl56yjEbT8T0ew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5cee810742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 gpu_btc_bitcoin_mining-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 3 KB
4 KB 23ms
23ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/gpu_btc_bitcoin_mining-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952105810639a287608d81a207f6457caa592cc224f48945e27bda7105a1a5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/gpu_btc_bitcoin_mining-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3159
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 01:42:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61089f12-c57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUtokmspb8aPueFAz08ZvhJgOpDqhTmJcqIqY1uqPPt%2B99XuISY8JR%2BGI%2Bd8LSm5gOQGfK0VTfXE%2F4OhmaOJLf683rKb%2B%2FzQUZ2KtP%2FFDuawjUcpig3FY5hGq0Vh7mcqUEjfvAM6dWqQ1tk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5cee830742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 1105ms
279ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=fc96d48ec49d33f5591f65f7004463ae&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=6f52ea00c76e24017b0c91b615

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

82c1653d4bc31ced4bb1eb275e907679e076d6d32b36c6e3664cfae0868c4ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1494
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 1109ms
282ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=b605192b7befd9dcc697a7db9959975c&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=a6df55274ab748017b0c91b640

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

74619885e0bac5fd57a37f96fcf2a4806def17f6a968d40c184861cb461888b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1508
X-XSS-Protection: 1; mode=block

GET
H3-29 200 d9dc85b22a7b2e61b3c2cafeeec23397.png
newsoku.blog/wp-content/uploads/2021/08/ 56 KB
57 KB 35ms
35ms Image
image/png 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/d9dc85b22a7b2e61b3c2cafeeec23397.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f67a744ec50567f11b95186ba88b16abdccb649be04777f4108430c2429929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/d9dc85b22a7b2e61b3c2cafeeec23397.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75665
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 57525
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 17:33:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61082c58-e0b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLaeFrusO4qYYGHyo1KY59VLq1Is6W8gfYSPZFOGA6klitNJU1WJYI%2FmH3ejFWzkaK8XNlK2sVm88OkNNx7LMbdC%2Fe0BpanyikIoJmcufb5Plx7C191PMXhd8O5Uv%2Fzzs8HTFjGsXB0R92s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5d7fc20742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 113ms
111ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
26ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E55 137 KB
22 KB 386ms
383ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e16e0d17877ce76a0934640c8e399fa52cdac47d98838f652e4f359d0f6331b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:11:21 GMT
server: cafe
content-length: 22558
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:21 GMT
cache-control: private

GET
H3-29 200 ama_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 7 KB
8 KB 22ms
19ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/ama_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8810da4c489a6a73ecaa3a4355666adfc1ade70a064d0a6a308a22bac71386c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/ama_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94323
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7482
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fb-1d3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl%2FuonTs00F%2BT9Wz1k9jPwKGcmbAaRj2SJa9UsgmjnrwvggFdKKA%2FGXPGtULg2k2qFqqrh4bwb058vdsw%2FIZl70Yt535TCXTsRe2hUd%2BDWhnA6rX4sPsyDnkGtTWaU03LU5TKfwtKXf2Z%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5db8510742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 raku_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 9 KB
9 KB 26ms
25ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/raku_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477985b51222038f2370de006db4a40db9d45d9b50d935936949c8b330e703e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/raku_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94323
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9081
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fa-2379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yj69z1CchqVPV%2Bpxtt4WjS%2BqXwKwQqEcAxU6V23jAW8P7OWKZIsYe%2BATvakzYpMnLejOiWtwYY9iKCXzyN1%2F59%2BwHaNp0LOrfnkyQ7TdXbz%2BCA6P2rPT%2FBUyXP5HvShAfuL%2BhLJFArykcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5dc8750742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 yahooshop_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 12 KB
12 KB 20ms
19ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/yahooshop_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a489692e0aa52e287bc5482b045f756e530a9b551ba55203d0bbff6147041b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/yahooshop_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94323
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12001
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fa-2ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ%2BPuZpiBMjddudfrtdszGeFpNLswHPdJyiyleJxtmaMt%2FEr9jzJJ0OEk4qLmAFc9XHhC7dXsYEv2v2I7d8uAol%2B%2BToi5wm462MFjjozGgZadxjAyxjZ%2B%2FKNFmIHrTxxsL0fHZYVJoLl5mQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5dc8780742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H3-29 200 7net_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 6 KB
7 KB 22ms
21ms Image
image/jpeg 2606:4700:3036::6815:1f43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/7net_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1f43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33ee4a8c8a79b4ad2409c2fa5a560647c1ae021e0e497a1583fecae77e9da829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/7net_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94323
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6318
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817f9-18ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J18%2FVVD6Pk%2F7ZgSpukwKJqTJGUcj%2F3pF6c7NcVe3IB5CoUKzM%2FJ4D0UP0E0Kb9GiQ0Aga5G4lREb%2FJQKX65%2Bz0%2BpNAEeBiaf2yPbntOK5kfn%2FT1XFCOXZMFETkZLT54iL%2FCisnFmMERN0aU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67907a5dc87a0742-FRA
expires: Wed, 03 Aug 2022 15:11:21 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1AC 436 B
381 B 661ms
660ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481246&bpp=2&bdt=1552&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=iSPKoriWiG&p=https%3A//newsoku.blog&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91c6314f4d5591f0de4f253069af8f42be93e8756519f8ac6428db9aaac654ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481246&bpp=2&bdt=1552&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=iSPKoriWiG&p=https%3A//newsoku.blog&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:11:21 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:26:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:11:21 GMT
cache-control: private

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 278ms
278ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=238586
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:21 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:11:20 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 1114ms
280ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=78034d81e21cefbfa086966e96025a71&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=69bf997e8b9744017b0c91b6f5

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

74ff61323de25fdedf2f46dd74d6b04afea2379d865db5377426b4fa818e50cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1508
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 1108ms
282ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=39ee3c1e8fd7ded18c20c5f04043b5e9&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=3070bde5a01ade017b0c91b73e

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

708fdf58c59b51d6238338e255e5d077e6b6014c0e5fa0c58cc0fd3c013a4b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1287
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 1118ms
282ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=fafee809b6e5baec3c1e80e7ea573490&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=6617697a0b61f8017b0c91b756

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

79d3fcf852afe5b44b28fb5c97a93c57d872cdc81d390fe58c5b6d8566a81e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1494
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
Ok counter_js.php Show response
counter1.fc2.com/ 6 KB
913 B 224ms
220ms Script
application/x-javascript 34.212.109.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter_js.php?id=7070372&main=0&lang=0&visitor=2
Requested by: Host: counter1.fc2.com
URL: https://counter1.fc2.com/counter.php?id=7070372
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.109.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-109-130.us-west-2.compute.amazonaws.com
Software: nginx/1.5.7 /
Resource Hash: 37164eae97cf2355eb09b9e59d3b2d1f138fecfbdaa166a5983bc097c5090161

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:11:21 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 564
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
2 KB 882ms
694ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480025&q=https%3A%2F%2Fnewpuru.com%2Frss%2F2ch-noadult.xml%2Chttp%3A%2F%2Fnewpuru.com%2Frss%2Fnews-noadult.xml&num=2&_=1628003480026
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bde3d472cdf3de9dd3488e188997b3670ffa591341ed2bd642970552e6225719

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VduWLIEH%2B1HSk0d1Hqfz1AaaREfm15m71Sqb7Y9ZPezgIoIVo%2B9fhy3TEAiJkszBe5YTjtxyz%2B1wy6gVsswzpi2Z5Z67XmCixkSDll%2FCKJnHs9W9yypOKUH5WYDRjz0tsWRnqI1so3VSLkNbVxrSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62b81c0629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1 KB 800ms
613ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480027&q=https%3A%2F%2Fheadline.mtfj.net%2Frss%2Fsafe.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fnews_safe.xml&num=2&_=1628003480028
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4abe57f15b190750b0c67ab6bba23a4343ead16332cfbf0e3d86c33866071002

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDcNMaULUChY0w4Je0MWtZrAdrmbGCS6j8lQ%2F92n0pyshuY2BU334s3XKBvIcaZF6MrktgghqYdfm0yKgik1L%2BLShUOa8xTunx4c77qoMS%2F05bSfeuq8nmt5%2FlPzPTpvDMtmzvzKPxQJFcZT9KWZqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62b8200629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
988 B 635ms
631ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480029&q=https%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F&num=4&_=1628003480030
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dfc78f3ad3a129ded1162651abd7a8cf9060b5aa2cde7bb9e28c2e92921b5411

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT476%2FRowkqAccUSfrWXVJ8GN1b1%2BBHcBBizXMvKSuhMh5ssUbDlGdhYFhL1txXCn%2FB2wuyC9apTOl5NZHyq%2BPdXffnM%2BlId3dK6r9DTFbWm39g7S%2FPq9s%2B3Y3OHaAt6o0leUM9mLeKYhv7yG6pbcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8700629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1 KB 637ms
633ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480031&q=http%3A%2F%2Ftokkaban.com%2F%3Ffeed%3Dnews%2Chttp%3A%2F%2Ftokkaban.com%2Ffeed&num=1&_=1628003480032
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ef50e059c48b99eae23ccaf901684f6cba677b1e21bacf3f8aa6177caf2a9004

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR8e14V1wjyldEeLHYcCm5vrfVPr%2BfG5Iz3gju%2Fsg5jJR2BpemwA3BVaigXvrYlQg%2B1YT4oSSKd8HbQUR4S0IeAas%2FO0Ez2s91z94nUnT3X3qdv6eauE63CwoI6byuTlHI8XuSIhvTeTFRmNwJp%2BEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8720629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
992 B 635ms
631ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480033&q=https%3A%2F%2F2channeler.com%2Frss%2Ffeed_20.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_10.xml&num=2&_=1628003480034
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 501a7ae1819132c01a6b60246548d24328181148ae316ec9e2c463e8181462f9

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8JZTDoIYQ23fNWp%2BMbO8g9FlUqbfUsd8BKP3pBPLza0JO%2F9W%2Fy41am%2FOcfcVSADidi1TjHAynG7mw1g9NA9ruuXgV8hmyVLXTCRmHhpfy0Z%2BYC%2Bn%2FI3gOfFapPFwcecQJpQqwPqC3S%2FgzFV65ukAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8730629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 3 KB
1 KB 616ms
612ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480035&q=https%3A%2F%2Fwarotanien.net%2Ffeed&num=2&_=1628003480036
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b90803e142f492a24c83d344a0ef126a004dbc03c1560d3a8d46ec5044983e11

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9K6BPxk%2BLC238S5oFCAUCl5nvxOhzH1EM3isCyfrVlLK4hdt%2Bp5JJOXkUwjDJl5UuZdFe8V5rOxZw6mPepdhvDinP9%2B9mwqvJVTK4u2t4Ly1rCugYnqJtXUiBaf1SU%2F5dxTE6uOHzS%2FeMLvCnA5%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8740629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 22 KB
6 KB 636ms
632ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480037&q=https%3A%2F%2Fnewpuru.com%2Frss%2Fnews-noadult.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fnews_safe.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_20.xml%2Chttps%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F%2Chttp%3A%2F%2Ftokkaban.com%2F%3Ffeed%3Dnews%2Chttps%3A%2F%2Fwarotanien.net%2Ffeed&num=6&_=1628003480038
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d8cf2659b749a4aba188fc732018efc2381a6a87bd3a2df408aa8f70b1abe5bf

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tonSMem6bapM%2BAGIMrbMLBIDa%2B2ZklqNnTv%2BwbtwAMyDt1qjv08iIMm3NmIQZXgJiqkoZEZe0ieCTah3lVDyNX%2F3fdQ4jyJ23b9VSoyGOO9gKGCDIxJwkXnBpYRP%2FRnlt%2BYqDSm2bXQgyIj3EAftPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8750629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 20 KB
5 KB 639ms
635ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480039&q=https%3A%2F%2Fnewpuru.com%2Frss%2F2ch-noadult.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fvip_safe.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_10.xml%2Chttps%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F%2Chttp%3A%2F%2Ftokkaban.com%2F%3Ffeed%3D2ch%2Chttps%3A%2F%2Fwarotanien.net%2Ffeed&num=6&_=1628003480040
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 32e6605dc0bbe8af6c28bf89321a7ea8f2ababff2917aed4b7f9e3b5a20d0af0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RV07u7uHoHJ1qu%2BUMppzWrzyaSNn%2FprDykMJntTL17m07QgyM%2F0%2FnYeiPuYrPOuGiRwNNdKiuCep1B8zY2ZXlvi0rAwfnZBV2P7PYvXVV1bUse4IuQ%2FCo31q0FdIdDslOKGtO0Obq0%2B%2Fu8vk2xNkpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d8790629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 11 KB
4 KB 679ms
675ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480041&q=https%3A%2F%2Fvtuberantenna.com%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fgame%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fanime%2Ffeed%2Chttp%3A%2F%2Fnews-choice.net%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fnews-choice.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fotaku%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fhobby%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fgame%2Findex.rdf%2Chttps%3A%2F%2Fnewpuru.com%2Frss%2Fotaku-noadult.xml%2Chttp%3A%2F%2F0matome.com%2Ffeed%2Fmanga.xml%2Chttp%3A%2F%2Fpuu-antenna.com%2Farchives%2Fcategory%2Fotaku%2Ffeed%2Chttps%3A%2F%2Fnew2.jp%2Ffeeds%2Fanime-game.xml&num=1&_=1628003480042
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: efc5d619498ab39954429b729f3d9e464730c85d65d696028c74d8887c7364dc

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFXlqkxYTS0%2FOT7YiutMq9OZt2IHkYp%2FnvGgV3gpV6ZNsbpwppgwXnduAiU2bIpZMpFCA3H0arfGWOqMMij4w1GJ1%2F7Xt6%2FHFoqArfYjxWvzKhtxPMRUM6RDb8X99uWArJrJDLoQVTjHKcBRZD5W0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d87c0629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 48 KB
9 KB 637ms
633ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480043&q=https%3A%2F%2Fvtuberantenna.com%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Ftalent%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fvoice-talent%2Ffeed%2Chttp%3A%2F%2Fnews-choice.net%2Fgeino%2Findex.rdf%2Chttp%3A%2F%2Fnews-choice.net%2Fsports%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fyakyu%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Ffoot%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fgeisupo%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fsports%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fyakyu%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fgeinou%2Findex.rdf%2Chttps%3A%2F%2Fnewpuru.com%2Frss%2Fentame-noadult.xml%2Chttp%3A%2F%2F0matome.com%2Ffeed%2Fshowbiz.xml%2Chttp%3A%2F%2Fpuu-antenna.com%2Farchives%2Fcategory%2Fgeinou%2Ffeed%2Chttps%3A%2F%2Fnew2.jp%2Ffeeds%2Fgeino-sports.xml&num=1&_=1628003480044
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 29704599256f0d47aeacc5201899be420d458cc274b6112583629fa109fb7a7c

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eR%2BBnWW%2F%2F3F0dHXNa1sT%2FRA5Ffn985CKlk%2BhdHJ0gF6NqvIzHgpXbHw0ZL3tFLbb0gvnq4wpJy2D4%2BQd9x0nqEWl3NgVHTQVglTTaxHcvRxGNpuuqVQe5xVOXQOUAx%2F%2FWnCnfirYJ%2BBx5UUgyospZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a62d87e0629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1018 B 696ms
692ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480045&q=https%3A%2F%2F2channeler.com%2Ffeed.cgi%3Fcode%3D1880%2Chttps%3A%2F%2F2channeler.com%2Ffeed.cgi%3Fcode%3D1818%2Chttps%3A%2F%2Ffeeds.mtmx.jp%2Fsites%2F2405%2Ffeed.xml%2Chttps%3A%2F%2Ffeeds.mtmx.jp%2Fsites%2F2544%2Ffeed.xml&num=1&_=1628003480046
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: be9f5b64ab7cb957b1bf05ae03871236d4454dc2e6cd5a9f980e8ffded323b70

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FIXRAs9NfhX1dpooWs3sQWHiqLAyqDiF4yxebFYSe0V8j4PFliwFq64N6Tk71dxeVhKDFb5Y0X5mPM5SQ12eTuhs3NdVFUoNhJe0Cm6VHg9Hp6X6IIFPI5uqRdbfGWPSppXPjcjF3QqCzk7iMbNYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a63494b0629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 27 KB
5 KB 697ms
693ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery360018639533449702306_1628003480047&q=https%3A%2F%2Fnewsoku.blog%2Farchives%2Fcategory%2Fsarscov2-covid19%2Ffeed&num=15&_=1628003480048
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe745529ac873c24c86b6b46649df2f4c9a78b84c95ef72ff9575b471a1ef2f5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuUxSyNFIpoJicr36pCzwsvJVDQuN0U85OYtNJ7Cm%2FsY5bDlHAAgnh4m3QiExVB4gXRxX3BQytSiqhaLNBxOIHFmHiMoKFh%2FwhH2Ch%2FIUxHnVNJigWCv7O2FlAsarx82PXJu8iuP3jb7Obzsuqc%2Ffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 67907a63494d0629-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:11:22 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 280ms
277ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=238587
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 115ms
94ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35173878-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5688
date: Tue, 03 Aug 2021 13:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 03 Aug 2021 15:36:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A07B 917 B
550 B 97ms
96ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A7%E5%BA%B7%E3%83%9C%E3%81%AA%E4%BA%BA%E6%9C%AC%E3%83%86%E6%97%A5%E3%83%A9%E5%81%A5%E3%83%99%E3%83%AB%E3%83%B3%E3%82%A3%E3%82%A2%E3%83%BC%E3%82%AE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480903&bpp=39&bdt=1210&idt=39&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vLdlVPxwiB&p=https%3A//newsoku.blog&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83805167ca9d6515ab4324cc1ff727562b69b89c8c687ad26502087dae743806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:11:21 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A07B 4 KB
704 B 97ms
97ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:10:34 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A07B 1 KB
895 B 107ms
100ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame A07B 18 KB
7 KB 103ms
101ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A07B 2 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:11:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A07B 124 KB
37 KB 98ms
96ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A07B 14 KB
6 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame A07B 26 KB
11 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8598 2 KB
617 B 99ms
97ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:03:33 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A07B 0
0 115ms
113ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cra6lmFwJYef4OpKKgAew1JXgAYD2heBjn-2U_IwJ9YmNjP8PEAEg3J6hMWCVAqAB5uOr6wPIAQmpApb4Vkes8rM-qAMByAPLBKoExQFP0H3ZCtho8pnbg9EurQB_u77M36k1IaKX8ugfuRmTV67ceCDw_sdjC-021o9Szs7Qruo77X6Xjt4Qo1YMoD2jRJB0Uq2WF6Dwv1BigoDPQxVtUXLvy2GrlO2EYIxXA_i-LdWhCoYZYZrquoFQR-RDyVucHl3mgS4ab6n0UWaoW5_Mhp10tS0TxSnNybHrwSAZ0pZ95Us4FXzOhtijdDgBI_TPa0AGbBmszqhyKmK44Uz-NqDvndwAH-SRH4lYkb9un8Y598AEntnD9fwBkgUECAQYAZIFBAgFGASgBi6AB67_-SyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQuaED0ggJCIDhgHAQARgfgAoByAsB2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTQxMTAyMTQ5MjkyMTAyNDQ&sigh=zmfFehCwwCo&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480903&bpp=39&bdt=1210&idt=39&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vLdlVPxwiB&p=https%3A//newsoku.blog&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 8598 1 KB
891 B 101ms
100ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 8598 18 KB
7 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 8598 2 KB
1 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:11:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8598 124 KB
37 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 8598 14 KB
6 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 8598 26 KB
11 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8598 15 KB
15 KB 52ms
17ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTHlrZlsmtDE9lpB-F2ob03FobLSmKm_h_zChsPUoHkV5KZhO_V&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da5074483a5301aef786c6636809d4e7e532a62d97fff1eea7fcdee7c5b9da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 26 Jun 2021 05:07:48 GMT
server: sffe
age: 367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15206
x-xss-protection: 0
expires: Wed, 03 Aug 2022 15:05:14 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8598 11 KB
12 KB 50ms
15ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTxTIvxXt7E3c3Eevz1HMtwavYPsUz9RMZAl9kAr3k5pZBdqwFB&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c545eabaed46896274b25f4e094d2bc2418de4c0021e7e622ef79f6a634b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:55:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 01:14:19 GMT
server: sffe
age: 591370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11557
x-xss-protection: 0
expires: Wed, 27 Jul 2022 18:55:11 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8598 16 KB
17 KB 78ms
73ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSk7izP0Fv8rdVhRwQzCyF4RxqCPxf_-5mYrGwbGN1AGezRGf4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30cf8ff8efb28ce78ad5cbea0755c2792592df5a30d9fbaab76fb1beeb5e5d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:49:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 00:52:01 GMT
server: sffe
age: 37334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16685
x-xss-protection: 0
expires: Wed, 03 Aug 2022 04:49:07 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8598 20 KB
20 KB 65ms
30ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQW3VcB1lbrSumnKQCTcHqrXwn-Owvd-39jJ9YUEX1W6gtL8M0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fbc6ac50de1f945ff7ef890477b738e8bfc6adf498ab8321fafb86ea29fd2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 10:16:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 00:54:24 GMT
server: sffe
age: 17670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20151
x-xss-protection: 0
expires: Wed, 03 Aug 2022 10:16:51 GMT

GET
H3-29

200

9426576781680322168
tpc.googlesyndication.com/simgad/ Frame 8598
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC3jaXs_gEQsAkYrAIyCNL7LF9MUJOF
https://tpc.googlesyndication.com/simgad/9426576781680322168

17 KB
18 KB

47ms
44ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9426576781680322168

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de06e6da508472eb430576608ffb63fbf15dabf506b16df35f8235824c95c594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:32:39 GMT
x-content-type-options: nosniff
age: 41923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17907
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 13:47:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:32:39 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 05:31:46 GMT
x-content-type-options: nosniff
server: cafe
age: 34775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9426576781680322168
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Sep 2021 05:31:46 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13546421949162790032/ Frame A07B 4 KB
4 KB 164ms
164ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13546421949162790032/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e3a5b1170e9be0242e5530b228d787eaf8c07b7d7a942d749e830792f92e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 23:09:39 GMT
x-content-type-options: nosniff
age: 57702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4060
x-xss-protection: 0
last-modified: Fri, 12 Apr 2019 10:02:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:09:39 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5637871389414883323/ Frame A07B 2 KB
2 KB 164ms
163ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5637871389414883323/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f944bf60b63a4b07fc4da609acdb127450877f4437e6f310bf144ed5f48f1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:52:49 GMT
x-content-type-options: nosniff
age: 4712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2265
x-xss-protection: 0
last-modified: Fri, 12 Apr 2019 08:20:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:52:49 GMT

GET
DATA 200
OK truncated
/ Frame A07B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8598 0
0 153ms
147ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_OylmFwJYfvbN6Sv-gaD74-QCKzT-pZj_YG156MM0pSI85oMEAEg3J6hMWCVAqAB9p-qlgPIAQmpAoPuKu5V77M-qAMByAPLBKoEyQFP0C9--HGgkbiMOUjqt83wT4aApuoVohommFJPAzwZe4tZOdP74Opc6MhMwUbrZ0rtDe9TBlbAbDBeGS3HJ8C-Vkd6T9X79q4kBy9xQ9ipYH12uNdKGxKRJiMKHrpGXJKBWwU-cctNwZGE5G6PooIKUkmbrjQicMzYDrDN_CHrCCaWwnyk4u41YAiYx6m_9b6K8uczqTtAX4XSPavgLSqLOvFFOjefpRgK_AEocjCyu32nRQJdDBTWKDgpxZJSkUPeYB-dlRbJPwPABI3h--zDAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfy39VpqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxCkaNIICQiA4YBwEAEYH4AKAcgLAdgTC4gUE9AVAZgWAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=JQ_o5j1ZpA8&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E1EA 6 KB
669 B 103ms
99ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481022&bpp=8&bdt=1328&idt=8&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=STxYb9HlJt&p=https%3A//newsoku.blog&dtd=17

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:02:03 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame E1EA 1 KB
857 B 59ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame E1EA 18 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame E1EA 2 KB
1 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1EA 124 KB
37 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame E1EA 14 KB
6 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame E1EA 26 KB
11 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10808825820280545883/ Frame E1EA 15 KB
15 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10808825820280545883/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f6745419819a63088588ffa573dbf8648ee310a5b584a7309beeab5a81eb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 23:08:36 GMT
x-content-type-options: nosniff
age: 57765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15477
x-xss-protection: 0
last-modified: Mon, 30 Mar 2020 10:33:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:08:36 GMT

GET
DATA 200
OK truncated
/ Frame E1EA 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E1EA 0
0 119ms
118ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT8WimVwJYcvDA6OT7gPA_4PICuSKt5Rktfi72YkOqtu_oNQBEAEg3J6hMWCVAqAB_7CkowPIAQmpAlqpvjoZX7c-qAMByAPLBKoExAFP0EGHrQnWL8YEby78JrG14EQiGphXX5Rg5xCcv9v6wnr1p6g9r4ksLL2V_z3k7LXnRrJUXH7K21jBCM3BtKwbafpANzZjb9nvr7KEP8nuT0PdT2IQyZNh2M-VibNZq-MWAMU04BKBQtKfKiOdB-mtQLPoCTXh6dfyDXFhug_pBvNIl0TbrDWKR2x0tBVQSCwGzuk5z9_UOKZexjBS7vhn0jdQgqPgauaZ-8fdv-GFW5s_jP6KNpoKFqJK1P0bSkrA1P6BwASem9LW3wOSBQQIBBgBkgUECAUYBKAGLoAHvdeELKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxC5f9IICQiA4YBwEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=urTPLVCoAKo&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481022&bpp=8&bdt=1328&idt=8&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=STxYb9HlJt&p=https%3A//newsoku.blog&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7E55 67 B
91 B 47ms
47ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
server: cafe
age: 34396
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 04 Aug 2021 05:38:05 GMT

GET
DATA 200
OK truncated
/ Frame A07B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbff3b2ccc0a56b645e86c07d041645f5caa4b920b9ec999e5a3b06d79ca12e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A07B 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 48360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:45:21 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame A07B 8 KB
8 KB 83ms
81ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12UgZGuz91jHLBpYNTamW0I1gjzFpiXgw96-v-_IHvinJEL07Dz_Xd7w6Vr0thBqrcgDTX4BWDJ7_poomcSGCskU28xep0Xj&skey=b1468649b9c42538&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A7%E5%BA%B7%E3%83%9C%E3%81%AA%E4%BA%BA%E6%9C%AC%E3%83%86%E6%97%A5%E3%83%A9%E5%81%A5%E3%83%99%E3%83%AB%E3%83%B3%E3%82%A3%E3%82%A2%E3%83%BC%E3%82%AE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58b43bff1c3d5ba08c43cd75d9183ffa29f7aa9563d6a78954947951d0d54714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 15:59:42 GMT
x-content-type-options: nosniff
age: 83499
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7996
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 02 Aug 2021 15:59:42 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame A07B 8 KB
8 KB 83ms
81ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQaioq12UgZGuz91jHLBpYNTamW0I1gjzFpiXgw96-v-_IHvinJEL07Dz_Xd7w6Vr0thBqrcgDTX4BWDJ7_poomcSGCskU28xep0Xj&skey=f8a75aa314b1396f&v=v28

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

563957261967c2e07ff50183cd07df30213796f23d0055655310172627d4c0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:37:46 GMT
x-content-type-options: nosniff
age: 20015
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7904
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 03 Aug 2021 09:37:46 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A07B 15 KB
15 KB 83ms
82ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 291ms
271ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=273702
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:22 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:11:21 GMT

GET
DATA 200
OK truncated
/ Frame 8598 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b7f074f00e3dcef825e768692d9893f2ce013741636e66678b5d66b87061d33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 8598 20 KB
20 KB 76ms
75ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:30:42 GMT
x-content-type-options: nosniff
age: 600040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:30:42 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 4474 188 KB
55 KB 144ms
92ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 4474 13 KB
5 KB 467ms
416ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 4474 87 KB
27 KB 336ms
285ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 4474 71 KB
16 KB 504ms
453ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 4474 4 KB
2 KB 423ms
373ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 4474 40 KB
13 KB 333ms
284ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 4474 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d6750d6fc41396b29fa117a5c99892c68a461f6f9600408996de5a9ad43655

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 background_img.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 33 KB
33 KB 47ms
46ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/background_img.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d13f808bb67864acf7117755a87e4c9c033416736075a7959176de663025d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33499
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 entdecke_ueber.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 2 KB
2 KB 67ms
67ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/entdecke_ueber.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eaa07a41373347d4a952ceeec9c707f8a41d45c253a95a782cf0a5727e4669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2180
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 40000.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 941 B
967 B 67ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/40000.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26f90071422a01b2d41f6e76aa7ef14053db9b988d9daa055d57e204d4083fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 Campingartikel.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 3 KB
3 KB 68ms
67ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/Campingartikel.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c689d09d8b6ecb19e622aa51f0db38e33dfcd35a3d26419bf4b8fcf235fe221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 dein.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 741 B
767 B 67ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/dein.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251d2b5423a0840a5487933246d2662ec3df5244480dd53c6231f12f60d58349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 741
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 onlineshop.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 2 KB
2 KB 68ms
68ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/onlineshop.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ffaecafd3168c8a1886374da78cf22b9410fc6687b5cc6e9d02d9029b46256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1652
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 fuer_camping.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 2 KB
2 KB 70ms
69ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/fuer_camping.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59af45ac1734c6a3c42f9341dbeebe8856eaea3f0cde6e89762540e54714f1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2135
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 logo_2zeilig_farbe.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 4474 6 KB
6 KB 75ms
74ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/logo_2zeilig_farbe.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a283c5f794ceb65117b3616612560b09199d82daa99f50187afaad1a2c5c732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5935
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4474 3 KB
3 KB 71ms
70ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 76108
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 03 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4474 344 B
368 B 71ms
70ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 59457
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Aug 2021 22:40:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4474 0
17 B 110ms
109ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSvsTmVwJYdidDtPi-gbz2rioB82jjPBj2J2cg8YOkJLJ48IBEAEg3J6hMWCVAqABvMbF1gPIAQmpApb4Vkes8rM-qAMByAMIqgTKAU_Qs38e-foZ1CX0mZxl1bLOvQQpNkjAXAh5iSuiluiejvEp0a46P9XQoglyuCinInnrXMoQtAQzz3RAc0YCX4qLOkPRBrsQ-vj1qqdY6frctzOJi2QEA2p-hq3T7qzvOaTuRSTXxK8WyqDOJfRn6yQt8Aken1LbmQP0Q3Gz_eNKBsWoF7qM6Oa5eZDWGUyv7bO9KZltp91T66TVyedo8R26qnIVLGeQ4KZH_BoTMHXa-KJl0YUCP66gltP5J3suAzYvB_mBrihqEtrABP2l4dHLA5IFBAgEGAGSBQQIBRgEoAYugAesubopqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEK-cCdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=a90OsRQj75c&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:11:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E1EA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3242211121824a52f16899d7178aa93d3f60bf8cce99a7aba750be943dd5be

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame EF63 35 KB
13 KB 102ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame A07B 56 KB
21 KB 78ms
60ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3168
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E1EA 15 KB
16 KB 79ms
79ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E1EA 15 KB
15 KB 80ms
79ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 48361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:45:21 GMT

GET
H2 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D08 35 KB
13 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8598 56 KB
21 KB 63ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003480866&bpp=5&bdt=1172&idt=5&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xXPdjPKJOx&p=https%3A//newsoku.blog&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3168
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H2 200 0.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 217ms
69ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/0.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

ba2820b0e1ef34d6e7b3cedae73f5cacd148e50d1cde26f45049b1aeeb5f012b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 19765
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: 7fbb9e106a6d2f299270aa61d8cccdc9
expires: Fri, 03 Sep 2021 09:41:57 GMT

GET
H2 200 5.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 170ms
68ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/5.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

abdf77d7d21070b537ca17c17dd4a569b3ac19b32af7a5a7d797d99781123fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 19765
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: 34fb7feb75bc5b0fca8fdf702a3ed129
expires: Fri, 03 Sep 2021 09:41:57 GMT

GET
H2 200 7.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 847 B
1 KB 105ms
69ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/7.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

2fdc1be927c5fc7bbe9e2d1f556e0abef235d7f04b14056c7e5a53dca617cfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 19765
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 847
x-llid: eee8bdfca40e789d31bacc393615d3fc
expires: Fri, 03 Sep 2021 09:41:57 GMT

GET
H2 200 6.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 847 B
1 KB 82ms
73ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/6.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

032d7424ff8648f023de44b87fecd221968b9e3452d64ad8b39867381d8ad53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 19766
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 847
x-llid: d98ade51f196ff6dd1ce646967cb86e5
expires: Fri, 03 Sep 2021 09:41:56 GMT

GET
H2 200 3.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 820ms
811ms Image
image/gif 178.79.227.24
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/3.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.24 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-24.vie.llnw.net

Software

nginx /

Resource Hash

6300d6629cba686ceec6b44c979a8c83127baa72d2fa10374aeb41005d4002db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: 41897047f6d93b148f6786e31a4f25ea
expires: Fri, 03 Sep 2021 15:11:23 GMT

GET
H2 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 03F0 35 KB
13 KB 95ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame E1EA 56 KB
21 KB 75ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3168
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5F78 70 KB
24 KB 83ms
74ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d07baa884f244fb349e91b1afd8aae10ad870cf17939f7177a53d1f0660659aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 105 of 1000 / last-modified: 1627988989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24735
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:22 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
279 B 1146ms
280ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlcmgdkFwB4dOG-TpkD-HFcFne7joKF-IZRny32f0s3ZOMBRnBptxZj-QQJVHuPp1CWpIq9pOp_QlKFI2PuNTBmR4-JZoRrs4qu635wYIc6U8UFCFZ0j550Ebpy
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:23 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

POST
H2 204 csi
csi.gstatic.com/ Frame A07B 0
348 B 126ms
38ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krw78mj8&chm=1&ctx=2&gqid=mFwJYeK8OpnL7_UP4P6nuA0&qqid=COektMmRlfICFRIF4AodMGoFHA&met.4=fb.hu~lb.pj~ol.vx~bdt.-yy~bpp.-9~idt.-9~dtd.-3~dt.-1c&met.3=555.u1~556.u2_2~734.vc~749.vq_7~735.yv_2~734.zn~734.13b~113.13x_8~112.13w_9&met.1=1.krw78lfb~6.1~7.1~8.1~9.1~10.1~12.2~13.dc~14.dm~15.ej~16.pk~17.pk~18.pk~19.vk~20.vk~21.vx&met.7=CAUQCBgBMOkDOP0IaAJw3wN4uM4BgAHjzAGIAfuJBbABAbgBAw~CBIQBxgBIMcEKMcEMKsFOGRoygRwqQV4pgSAAZ4DiAGVB6oBGgoYTm90byBTYW5zIEpQOjMwMCw0MDAsNzAwsAEBuAED~CBIQBxgBIMcEKMcEMKsFOGRoygRwqwV4wAWAAc8EiAGgH6oBEAoOUm9ib3RvOjMwMCw0MDCwAQG4AQM~CBwQChgBIP8EKP8EMPIFOHNojQVw8QV4_waAAb4GiAH_CrABAbgBAw~CAkQChgBIIcFKIcFMPMFOGtojQVw8gV4-juAAbo7iAH-kQGwAQG4AQM~CB4QChgBIIgFKIgFMPQFOG1ojQVw9AV4pQuAAbsKiAHhE7ABAbgBAw~CCoQChgBIIgFKIgFMPEFOGk~CBwQChgBIIgFKIgFMPQFOGxojQVw8wV4pzGAAbwwiAGKcLABAbgBAw~CBsQChgBIIgFKIgFMPgFOHA~CCEQBBgBII0FKI0FMIIGOHVojwVwgQZ4FbABAbgBAw~CBcQAhgBILQFKLQFMNkGOKYBaLUFcNkGeNcggAHcH4gB3B-wAQG4AQM~CBcQAhgBILQFKLQFMNkGOKUBaLUFcNgGePwSgAHZEYgB2RGwAQG4AQM~CBMQAhgBIK0HKK0HMMEHOBRorgdwwAd4v3uAAfR6iAH0eqoBDAoGcm9ib3RvEBsYArABAbgBAw~CBQQAhgBIMEHKMEHMJsIOFpoxwdwmQh43j6AAbw-iAG8PqoBFAoQYjE0Njg2NDliOWM0MjUzOBAcsAEBuAED~CBQQAhgBIMIHKMIHMJsIOFloyAdwmQh4gj6AAeA9iAHgPaoBFAoQZjhhNzVhYTMxNGIxMzk2ZhAcsAEBuAED~CBMQAhgBIMIHKMIHMJsIOFloyAdwmgh49nqAAch6iAHIeqoBDAoGcm9ib3RvEBsYArABAbgBAw~CCgQChgBIM0JKM0JMK8KOGNo4wlwoAp4kKoBgAGMqAGIAd--A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8598 0
54 B 101ms
39ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krw78mn6&chm=1&ctx=2&gqid=mFwJYf6cN5q4lQecoYigBw&qqid=CPuHscmRlfICFaSX3godg_cDgg&met.4=fb.jr~lb.vc~ol.107~bdt.-xg~bpp.-r~idt.-r~dtd.-4~dt.-w&met.3=555.z7~556.z7_1~734.zj_1~749.101_5~736.10f~735.11o_1~734.141~113.19c_3~112.19c_3~734.1dd&met.1=1.krw78ldu~6.1~7.1~8.1~9.1~10.1~12.2~13.g6~14.hb~15.go~16.vc~17.vc~18.vd~19.zo~20.zo~21.107~22.mf~23.mf&met.7=CAUQCBgBKAEw7wQ4lwpoAnDGBHju1AGAAbnTAYgBlNUFsAEBuAED~CBIQBxgBIL4FKL4FMKUGOGZowgVwpAZ46QSAAfgDiAHODaoBGQoXR29vZ2xlIFNhbnMgRGlzcGxheTo0MDCwAQG4AQM~CBwQChgBIMUFKMUFMKoGOGZoxQVwqgZ4-waAAb4GiAH_CrABAbgBAw~CAkQChgBINAFKNAFMLoGOGlo0QVwtQZ49zuAAbo7iAH-kQGwAQG4AQM~CB4QChgBINEFKNEFMLsGOGpo0gVwugZ4-AqAAbsKiAHhE7ABAbgBAw~CCoQChgBINEFKNEFMLMGOGI~CBwQChgBINEFKNEFMI0HOLsBaNMFcLsGePkwgAG8MIgBinCwAQG4AQM~CBsQChgBINIFKNIFMMAGOG4~CBsQAhgBINQFKNQFMJYGOEI~CBsQAhgBINQFKNQFMIkGODQ~CBsQAhgBINUFKNUFMKUGOFA~CBsQAhgBINUFKNUFMKIGOE4~CAQQAhgBINUFKNYIMIkJOLQDaNkIcIUJeK-NAYAB84sBiAHziwGQAdUFmAGNB7ABAbgBAw~CCEQBBgBIKcGKKcGMMIHOJsBaK4GcMEHeBWwAQG4AQM~CBMQAhgBIIoJKIoJMNoJOFBojglw2Ql4zKMBgAGkowGIAaSjAaoBFwoRZ29vZ2xlc2Fuc2Rpc3BsYXkQDxgCsAEBuAED~CCgQChgBIMAKKMAKMIsLOExowgpwgAt40agBgAGMqAGIAd--A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame E1EA 0
17 B 246ms
126ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krw78mrz&chm=1&ctx=2&gqid=mVwJYazwAqSX9u8P9qWTuAo&qqid=CIv0ucmRlfICFaOJewodwP8AqQ&met.4=fb.j6~lb.v3~ol.x6~bdt.-11e~bpp.-a~idt.-a~dtd.-1~dt.-i&met.3=555.wc~556.wc_1~749.x0_6~734.y7~735.yq_1~734.15d~734.19z~113.1a8_2~112.1a7_3&met.1=1.krw78lhs~6.0~7.0~8.0~9.0~10.0~12.2~13.e0~14.e1~15.fm~16.v3~17.v3~18.v3~19.wr~20.wr~21.x6&met.7=CAUQCBgBMPkDOKoJaAJw-AN42csBgAGkygGIAb30BLABAbgBAw~CBIQBxgBIJoFKJoFMIQGOGponwVwggZ4nQWAAYIFiAH-LqoBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBILAFKLAFMPUFOEVAswVItAVQtAVY7AVgtAVotAVw7AV42QaAAb4GiAH_CrABAbgBAw~CAkQChgBILcFKLcFMPAFODpouAVw7QV41TuAAbo7iAH-kQGwAQG4AQM~CB4QChgBILcFKLcFMPcFOEBouQVw9QV41gqAAbsKiAHhE7ABAbgBAw~CCoQChgBILgFKLgFMMgGOJEB~CBwQChgBILgFKLgFMPYFOD5ougVw8AV41zCAAbwwiAGKcLABAbgBAw~CBsQChgBILgFKLgFMKAGOGg~CBcQAhgBIMwFKMwFMIcGODtozQVw_QV4jnmAAfV4iAH1eLABAbgBAw~CCEQBBgBIOgFKOgFMOEGOHlo6gVw4QZ4EbABAbgBAw~CBMQAhgBIKYJKKYJMPkJOFNoqAlw9wl4gnyAAdR7iAHUe6oBDAoGcm9ib3RvEBsYArABAbgBAw~CBMQAhgBIKcJKKcJMPoJOFNoqAlw-Al4onuAAfR6iAH0eqoBDAoGcm9ib3RvEBsYArABAbgBAw~CCgQChgBIM4JKM4JMKAKOFNo4QlwoAp4qKgBgAGMqAGIAd--A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107240354000/ 20 KB
7 KB 218ms
65ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26bfa3b7da51af82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
85 B 84ms
83ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1339347751&t=pageview&_s=1&dl=https%3A%2F%2Fnewsoku.blog%2F&ul=en-us&de=UTF-8&dt=NEWSOKU%20BLOG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2077179457&gjid=1613348268&cid=235413816.1628003480&tid=UA-35173878-27&_gid=1100843853.1628003483&_r=1&gtm=2ou820&z=1133325148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CC6D 70 KB
24 KB 71ms
70ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

550623b3e80d6d369c3bb5df31407fac501c3785ded3d147d5c62c3eca76923b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 599 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24729
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:22 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
279 B 1113ms
279ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlcmhf2CIDnm7w6asm0Wk8D4ROFr1SB3o4gCxflS3mdPziAHSOo8OVJgJlzkjAYij1jL-R8XmgkEZPC1kmXqEqgDBikCnrh1kxfbi4jocDJeLefeZc0H7gYuJst
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:23 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 pubads_impl_2021080201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F78 328 KB
114 KB 70ms
69ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 08:47:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116893
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 86ms
86ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-35173878-27&cid=235413816.1628003480&jid=2077179457&gjid=1613348268&_gid=1100843853.1628003483&_u=YAhAAUAAAAAAAC~&z=2040055492

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Aug 2021 15:11:23 GMT
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1875 70 KB
24 KB 82ms
82ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5af90f767aa897d01a00198f932b204982d226eef2af2345e7619165cd93c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 286 of 1000 / last-modified: 1627988989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24730
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:23 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
279 B 1095ms
277ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlcmiimfoD-FWsi6PJFoR0SNEMq80MoGHED85ZXtZ6ulB1-jZpPQfW7INZ2LwGFOPL3S3ttJNm0qHRzxbs3508dPYUWxe6GSV0l376aRnHZihfQfCoFggo2DM5A
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:24 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 7B22 3 KB
3 KB 409ms
331ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 2747
expires: Tue, 03 Aug 2021 16:11:23 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
279 B 1117ms
278ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlcmikv0sBEmYJER59Nua6927I2R2n3Z2u_l51dOSsygTAia9qHzYIYuN6gIEPwfuPijj1TGfRS6Lz9uRiv75kSf_BQ1PtdD2MY8ljajv2uKY_YqiVH90ybmuiK
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:24 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 82ms
81ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-35173878-27&cid=235413816.1628003480&jid=2077179457&_u=YAhAAUAAAAAAAC~&z=77022010

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 109ms
108ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-35173878-27&cid=235413816.1628003480&jid=2077179457&_u=YAhAAUAAAAAAAC~&z=77022010

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ADCE 70 KB
24 KB 82ms
81ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

550623b3e80d6d369c3bb5df31407fac501c3785ded3d147d5c62c3eca76923b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 321 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24729
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:23 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
279 B 1110ms
276ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlcmi9x_wCVnrLVejrObfXvQFofKZSv3KJmLGhnVa3gtMgZxHpcveTD9LvPW8LDKEoHVj9KHGr9SGeP0MPjivZp_sMGfR6fDXodbPd6VY3I8sO9xV7GxBpUblQm
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:24 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CC6D 325 KB
113 KB 98ms
95ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8598 42 B
108 B 105ms
104ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDsIdBIB1Bwv7TRDdlCcSBq1FI4bDUwnN7ESRLlB1_pJLyt-c9xpmwvH7jPs2byUKGmkMKNhNx0jrfD7Ptnz5imncv2QK8HksLc6wUIG6SG-Tsi1-z5EQr_KOHuA&sai=AMfl-YQ5TAnPas_WKRInDdLvzaZb96zg-gh5j49of_OqpIDtV9SswnH2Hmm9SBIU55Idm2tfI629EZMILvTq&sig=Cg0ArKJSzG1J4z9m7KYbEAE&id=lidar2&mcvt=1180&p=0,0,280,1106&mtos=1180,1180,1180,1180,1180&tos=1180,0,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3236041453&rs=2&met=mue&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ Frame 5F78 107 B
853 B 276ms
95ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5F78 107 B
165 B 93ms
88ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5F78 70 KB
18 KB 335ms
334ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1463723284937073&correlator=2936883141739528&output=ldjh&impl=fifs&eid=31062103%2C20211866&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223620&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628003483&dt=1628003483503&dlt=1628003482375&idt=1042&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=815&adys=6049&adks=159821761&ucis=e1gpwbi6ndth&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=235413816.1628003480&ga_sid=1628003484&ga_hid=1689562202&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

091664df5b077189efc9b718608eee8e0145d5f0b8d339a1c58091682ba32531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18024
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6804 6 KB
0 168ms
82ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:23 GMT
expires: Wed, 03 Aug 2022 15:11:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1875 325 KB
113 KB 70ms
69ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:23 GMT

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ADCE 325 KB
113 KB 80ms
80ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:23 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 4474 0
17 B 125ms
124ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1628003483568&qqid=CJjOxMmRlfICFVOx3godcy0OdQ&rt=any.link.8t.99.59.2k.1a.2.17bx.16ld~any.script.8t.e0.11.bk.0.0.3tf.3r5~any.script.8u.bs.2g.7x.0.0.lk7.lho~any.script.8u.ek.k.cl.0.0.cyt.cvi~any.script.8u.cz.17.ad.0.0.1c6.19x~any.script.8v.9b.4.7t.0.0.9ym.9wc~any.css.8z.2a.z.1a.0.0.pvd.puj~any.css.90.23.7.1v.0.0.1p9.1ok~any.css.91.22.7.1v.0.0.qv.q5~any.css.91.26.a.1v.0.0.20g.1zq~any.css.92.25.a.1v.0.0.lb.kl~any.css.93.25.9.1w.0.0.1am.19w~any.css.94.25.6.1x.0.0.1o1.1nb~any.css.94.25.2.22.0.0.4ll.4kv~any.img.95.25.2.1y.0.0.2bi.2au~any.img.95.25.2.1y.0.0.a8.9k~any.img.96.37.0.31.0.0.h.0&met.a4a=dcl.0~ol.3~nvs.1628003481795~ini.1628003483570
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 7B22 16 KB
6 KB 975ms
357ms Script
application/x-javascript 54.64.230.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000090646&href=https%3A%2F%2Fnewsoku.blog%2F&serial=88066702489849&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.64.230.133 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-64-230-133.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

79d0add571cb1425641ed075c94e39c594554e7ba0876607bad8f4e403412209

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 15:11:24 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ Frame CC6D 107 B
122 B 149ms
96ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame CC6D 107 B
122 B 29ms
27ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CC6D 110 KB
24 KB 341ms
332ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1888152301674675&correlator=4218802820055261&output=ldjh&impl=fifs&eid=31062030%2C31061181%2C31060888%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223350&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628003483&dt=1628003483999&dlt=1628003482930&idt=813&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=1728&adks=990452131&ucis=8o5a006av8u2&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=235413816.1628003480&ga_sid=1628003484&ga_hid=1556098804&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

23c82c051817731699afc8a9e7391579f94d16046dceb185488216db7e996e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24274
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6791 6 KB
0 117ms
82ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ Frame 1875 107 B
122 B 99ms
86ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1875 107 B
122 B 32ms
20ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1875 75 KB
19 KB 656ms
645ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=392919081533847&correlator=1084047268716429&output=ldjh&impl=fifs&eid=31061423%2C31062102%2C31062079%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223351&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1628003484&dt=1628003484297&dlt=1628003483141&idt=1003&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=5054&adks=4214609656&ucis=frsapn3bdtq&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=235413816.1628003480&ga_sid=1628003484&ga_hid=1896034670&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fc28967c36277932cc65894cb669334ed4d5fc2d8fdc8d15924c5adc2dea547c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 32B3 6 KB
3 KB 220ms
86ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 52D3 6 KB
3 KB 294ms
177ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:23 GMT
expires: Wed, 03 Aug 2022 15:11:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F78 73 KB
27 KB 155ms
86ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:24 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5F78 11 KB
8 KB 93ms
76ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f4208f1099c130ce10247cf80fa46c626abbeedadb3b7e7c1feaabd0135c0502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8632
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ Frame ADCE 107 B
122 B 223ms
191ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame ADCE 107 B
122 B 51ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ADCE 70 KB
18 KB 394ms
379ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=197926289219724&correlator=3593759626028983&output=ldjh&impl=fifs&eid=31062087%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223618&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D6ea06d852f7d84c2-22952b2f95c80021%3AT%3D1628003483%3AS%3DALNI_MYtGlofZKXRtRbtXW4UAuAO07EDRQ&bc=31&abxe=1&lmt=1628003484&dt=1628003484494&dlt=1628003483215&idt=1206&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=7058&adks=3029384592&ucis=26x5ftur26uk&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=235413816.1628003480&ga_sid=1628003485&ga_hid=1749268886&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

14b6671e80db28b6ea631c46b01ed05d8039cef8bc45345ba3a77537908f82f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18092
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB1A 0
0 516ms
64ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 07BB 6 KB
3 KB 243ms
206ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC6D 73 KB
27 KB 393ms
384ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:24 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CC6D 11 KB
8 KB 313ms
189ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d5e23251e6170d9cf2658e2a317d7901706636267b0b29480d33b0d3ade3dd00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8527
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F78 17 KB
6 KB 402ms
94ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H2 200 brain.js Show response
cdn-fluct.sh.adingo.jp/nativead/ Frame F63B 17 KB
17 KB 357ms
315ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/nativead/brain.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000090646&href=https%3A%2F%2Fnewsoku.blog%2F&serial=88066702489849&guid=ON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50e9eac0952feb208cb45b749e0e758faed9e41e814c2e1193ba44c1acd64356

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
via: 1.1 google
last-modified: Thu, 15 Nov 2018 08:27:45 GMT
server: nginx
x-goog-meta-goog-reserved-file-mtime: 1541652271
etag: "15e6b5035860af06495b3f5ec4b900db"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 17182
expires: Tue, 03 Aug 2021 16:11:25 GMT

GET
H2 200 /
i.adingo.jp/ Frame 7B22 43 B
308 B 988ms
277ms Image
image/gif 210.140.201.11
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.adingo.jp/?p=U_KbNXSjb93DGrZR4yzJlBeyEvIf_aNaavPaybXpSifj1ZibxHiEaNAUEglKEeEGtW0muSUD6bvbqAlrtNwZWAY0Joc3GcGQyNBgVCDwSLlkDQv4_OeXrBlRuU7DnhXpKFY3G_T_atVISHA-QnfX00tNJ-BGqdPU3YLxzOIkWoxsCmBG4Yy1j5GK5GSWFl00-dIdJqken5V6J0teyVVnHBMvg9nAoNXK7ZlasymmLjmkpemFTQzZh1etVyd7GV8wIkkJ3jEWQMtnx11pubDWfrLhOQJI4eCDHBebi42p9stPZD183Gr-K5WahltSnxqi7GB1Ax37AtpNBgZG6E0.&v=stCc45idVZYhmEpi&k=3&R=

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.201.11 Adachi, Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:25 GMT
server: nginx
strict-transport-security: max-age=63072000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CC6D 17 KB
6 KB 117ms
103ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 container.html Show response
4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 89DE 6 KB
3 KB 106ms
106ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADCE 73 KB
27 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADCE 11 KB
9 KB 94ms
94ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75b72d43aa23ea2d0481c32898bbd8f875f7085abe39ba875e19b695a31b24ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8662
x-xss-protection: 0

GET
H2 200 container.html Show response
854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF22 6 KB
3 KB 78ms
77ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:11:24 GMT
expires: Wed, 03 Aug 2022 15:11:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1875 73 KB
27 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1875 11 KB
8 KB 91ms
90ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef69558d0985b871e74039ca0fea43a2aaabfc5b070e2c5812b3604fa7c56e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8594
x-xss-protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 52D3 4 KB
617 B 110ms
109ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:09:09 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 52D3 1 KB
865 B 61ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 52D3 0
0 98ms
98ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqH2Am1wJYeqxJJqF-gaGloSYDurk5upio-6EkpwOZBABIK7h0DBg8a38haQfoAHZ1_e_A8gBCakCNZvgKF1Lfz7gAgCoAwHIA5sEqgTnAU_Ql3ZGYp1f4hpT3rmOljjdVpvMz-EjuFfGLTvyq_oXy6dRU-gEeva28mk4NEFLj7sx4u5om84ZdavUL1WoY63hBHy4BhXRc8WsqrCPNItz9mFcY_SWPz2kYm7l2t6keuZ5LigBW83NRYpUA9dS9fCAt3xxS7934EPg4FDzUYXs8EnmVDAC7rINyO-a9mgESSRBQGdr4ltmCRYXT6Lxh6zo5NtxEBvzoFc92HlxSdLMUHGG8srpOJvGSMXO7J4xVvEkR63iSlxkmqseVrHIbyEOwzzJ0YFLzhTd5RBuWGNKRNf1cUt_VMAEhd6MiMgD4AQBkgUECAQYAZIFBAgFGASgBi6AB4-oiECoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQkDXSCAkIiOGAcBABGB3yCBthZHgtc3Vic3luLTkwMjg1MzY4MDI3NjkzMjGACgPICwGYDIvPspLdA7gTgwTYEw7QFQGYFgGAFwGyFxoKGAgAEhRwdWItMjgwMTMyNjk5MDU2ODUwOA&sigh=B4Us4wwMbVg&template_id=515
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 52D3 18 KB
7 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 52D3 2 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52D3 124 KB
37 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 52D3 14 KB
6 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 52D3 26 KB
11 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H3-29 200 7107941511371563768
tpc.googlesyndication.com/simgad/ Frame 52D3 1 KB
1 KB 64ms
63ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7107941511371563768?w=100&h=100

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df4fa17e2de0ae26a52975fbd0d4ca793e3556ccf311d1169be6a167957a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 22:05:20 GMT
x-content-type-options: nosniff
age: 61565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1221
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 09:28:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 data=K8ozwD5W9qLVz0FUOIihbBbHqi147luYZ8kNVvg2SuLSGUQwW3WjLWDBmmsHssuiTfj5Mf27DC59dhsyZnYuA4iu
mts0.google.com/vt/ Frame 52D3 18 KB
18 KB 370ms
124ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=K8ozwD5W9qLVz0FUOIihbBbHqi147luYZ8kNVvg2SuLSGUQwW3WjLWDBmmsHssuiTfj5Mf27DC59dhsyZnYuA4iu

Requested by

Host: 64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
URL: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

a3060f26ced495141facc77ce00b0086e7af28bfe495df9bb072571afa9de473

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18308
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 0e357ffa85b9cb819
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=153
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 15:13:58 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADCE 17 KB
6 KB 83ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame 07BB 8 KB
3 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:58:16 GMT

GET
H3-29 200 8704ff99b8ce9c5307d7beb036548341.js Show response
www.gstatic.com/mysidia/ Frame 07BB 130 KB
48 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8704ff99b8ce9c5307d7beb036548341.js?tag=video_location/web_och

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac7aa1ac8785ebbaabc13270e1916861834921f059dadf96d48817dbee9c4f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49234
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 23:06:07 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 07BB 3 KB
578 B 115ms
114ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:04:02 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 07BB 1 KB
865 B 126ms
107ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 07BB 18 KB
7 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 07BB 2 KB
1 KB 120ms
97ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07BB 124 KB
37 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 07BB 14 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 07BB 0
0 117ms
101ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFhT4ArmfbFxESwCl3qxFqy92Mr9teH7hhXXReo-QX_SI2PBurJCaUn8CEFoHUroJxkPbL
Requested by: Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 07BB 26 KB
11 KB 104ms
100ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1875 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 22DD 12 KB
5 KB 64ms
53ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:08:42 GMT
expires: Wed, 03 Aug 2022 15:08:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C90 783 B
781 B 106ms
99ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ffd01fe260f80c7329c638bb758a6a64518ae05b491e2990d3264928add9a6c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NJOg4Kwrk/EUbvYTYAwmuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:11:25 GMT
date: Tue, 03 Aug 2021 15:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NJOg4Kwrk/EUbvYTYAwmuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CB8E 12 KB
5 KB 60ms
54ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:08:42 GMT
expires: Wed, 03 Aug 2022 15:08:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E62 783 B
741 B 103ms
101ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ecb9b9a174c34e4bfc4ecf20013a055cd3b1d35a68a176f854b5656bf0191ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XqqdY6tAzgTIxB0UfN6nxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:11:25 GMT
date: Tue, 03 Aug 2021 15:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XqqdY6tAzgTIxB0UfN6nxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 52D3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10915932b0003f2d6c5ccfa61fd64b82239e723b4ad813c70adf1fb2ac246a2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 52D3 16 KB
16 KB 75ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 597238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:17:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 52D3 15 KB
15 KB 74ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 89DE 4 KB
617 B 144ms
104ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:05:42 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 89DE 1 KB
865 B 108ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 89DE 0
0 125ms
103ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD8q5nFwJYbW2JNnjgQfL2ImwAvrW1PRj-byjmOgNZBABIK7h0DBg8a38haQfoAHZ1_e_A8gBCakCJb4_wsFKfz7gAgCoAwHIA5sEqgTnAU_QqvuG6nsn9b0wbGNZ-DqhWEISbYHyqh8yk-Y7hk7PQCXzEvhhMKvvHVI8B-9HST8o6gwE0XvJExOf5yW3Q6ueddBs9PIevlnfFPN-oPUzBCU-Dp_OQqfl_4AvocJJFN7H2AehNWPxOcLQC40wpBPvGivjpDCbxC2ZN9uYVvHgPQuxOLwq92OFqhQ2Z-uIONpMAd6VSiVYKo9d_3BZB0IaiRMu5VB0NUxsKhPQ08P1-trAlbdM1ZxkPQxxdRSJYup7yBI1BKtrHkS60hr5drGHdGl9jVYYAnL9tBLWIrcLeqGjzD26WsAEjKLYq8oD4AQBkgUECAQYAZIFBAgFGASgBi6AB4-oiECoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQkDXSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTkwMjg1MzY4MDI3NjkzMjGACgPICwGYDMHFl9_RA7gTgwTYEw7QFQGYFgGAFwGyFxoKGAgAEhRwdWItMjgwMTMyNjk5MDU2ODUwOA&sigh=He3mUlwFZkA&template_id=515
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 89DE 18 KB
7 KB 100ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 89DE 2 KB
1 KB 101ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89DE 124 KB
37 KB 104ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 89DE 14 KB
6 KB 100ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 89DE 0
0 122ms
99ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtP6xfcULdIkqccE6SB84UFTbjhbxy14tySu7vNwSgTLs03mzay8JQZPwp4s92zAycqrN6
Requested by: Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 89DE 26 KB
11 KB 120ms
98ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame EF22 8 KB
3 KB 122ms
98ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:58:16 GMT

GET
H3-29 200 0d7568bd98a04fd5619c2fe674d05208.js Show response
www.gstatic.com/mysidia/ Frame EF22 10 KB
4 KB 115ms
98ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d7568bd98a04fd5619c2fe674d05208.js?tag=location/location_extension_square_och

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70939c38357ed8eea2c22ddf3f4ce239ccf6244c27f16b58b15e8e6cfb8344fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 09:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4528
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 08:06:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 09:16:57 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame EF22 3 KB
578 B 118ms
104ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:03:08 GMT
server: ESF
date: Tue, 03 Aug 2021 15:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame EF22 1 KB
865 B 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame EF22 18 KB
7 KB 95ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame EF22 2 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF22 124 KB
37 KB 116ms
100ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame EF22 14 KB
6 KB 95ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:10:55 GMT

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame EF22 26 KB
11 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 21:48:56 GMT

GET
H3-29 200 12145448042571963804
tpc.googlesyndication.com/simgad/ Frame 89DE 439 B
467 B 85ms
78ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12145448042571963804?w=100&h=100

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e72d5194556a1e6bf01d217736c792ff30c1eca4b56847c3ca884da4028f720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:58:26 GMT
x-content-type-options: nosniff
age: 22379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 439
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 14:46:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:58:26 GMT

GET
H2 200 data=7C5Pvkkpc2lv5027HtwaY6N8-mh4awvfC0BWTHDmN1do18V_d4md65_PjuMJ6GBU-mUOAPqFnD2wHubmQl85r4eN
mts0.google.com/vt/ Frame 89DE 14 KB
14 KB 198ms
193ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=7C5Pvkkpc2lv5027HtwaY6N8-mh4awvfC0BWTHDmN1do18V_d4md65_PjuMJ6GBU-mUOAPqFnD2wHubmQl85r4eN

Requested by

Host: 4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
URL: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

6b548461f9548258317bb8de73f52ec5228cc8fdbe32442b8c02b47839ceadac

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13845
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 045953e26cc2c273b
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1468
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 15:35:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7704 12 KB
5 KB 57ms
56ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:08:42 GMT
expires: Wed, 03 Aug 2022 15:08:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D42 783 B
529 B 173ms
173ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56c35510c5427450fb0d2c302a5c09494f985c65807eef81bc3058f568a70c93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vTClRveoLtvTurOrdyreTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:11:25 GMT
date: Tue, 03 Aug 2021 15:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vTClRveoLtvTurOrdyreTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 508
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200 v2 Show response
sh.zucks.net/opt/native/api/ Frame F63B 492 B
1 KB 1391ms
309ms XHR
application/json 18.180.188.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/native/api/v2?frameid=357343

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/nativead/brain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.180.188.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-180-188-164.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

c7da846da1a049f397a4c11c3ec1e9fcd58682687e58edae7f96e4a968ea881e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 03 Aug 2021 15:11:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 15:11:26 GMT
transfer-encoding: chunked
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Access-Control-Allow-Origin: https://newsoku.blog
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FB25 12 KB
5 KB 111ms
94ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:08:42 GMT
expires: Wed, 03 Aug 2022 15:08:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B8F 783 B
537 B 117ms
103ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

810d753f21e9213e856ed9f4e375e4f1b3381081afc48a5c832dc558bb649db2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V4JXNLOpkqLUNVxqkok96A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:11:25 GMT
date: Tue, 03 Aug 2021 15:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-V4JXNLOpkqLUNVxqkok96A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 105ms
88ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~krw78l3j&c=4407007712394310&e=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&ctx=1&met.3=779.1bn_1~164.1bu_1~165.1br_4~166.1bf_q~326.1i3_2~216.1i0_5~215.1i0_5~843.1hy_6~161.1i5_3~868.1i9~889.1ik~639.1ip~160.1ip~914.1ip~189.1iv~112.1lz_5~629.1no_2&met.9=1.1dl~13.1iq~2.1mg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 8532719170398217909
tpc.googlesyndication.com/simgad/ Frame 07BB 162 KB
162 KB 94ms
89ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8532719170398217909

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

937b5332ecba19e8fda305f7e28cb402c5262dfa6848295c72133cd4c0bff066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:28:11 GMT
x-content-type-options: nosniff
age: 103394
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165763
x-xss-protection: 0
last-modified: Wed, 26 May 2021 09:01:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 10:28:11 GMT

GET
H3-29 200 5376684450121284871
tpc.googlesyndication.com/simgad/ Frame 07BB 1 KB
1 KB 94ms
88ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5376684450121284871?w=100&h=100

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a736a557bd568494a46c94af566e9827ca4086857266b17154f946f87c811e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:31:57 GMT
x-content-type-options: nosniff
age: 38368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1355
x-xss-protection: 0
last-modified: Fri, 14 May 2021 12:06:09 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 04:31:57 GMT

GET
H3-29 200 data=xX85eU4tXUgjnt8-xIhn6bpsPcWI3sTEQmcjSBaCDu5VE7rEFNZ8YExl23DdUdJtHacioyg_bkcfykOmBpM
mts0.google.com/vt/ Frame 07BB 25 KB
25 KB 246ms
144ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=xX85eU4tXUgjnt8-xIhn6bpsPcWI3sTEQmcjSBaCDu5VE7rEFNZ8YExl23DdUdJtHacioyg_bkcfykOmBpM

Requested by

Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

478cc6c9bfa96aaf25251e3cc4ab3b56691b7bc9dbb93aa694b252936598a8de

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=72
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25480
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 040ccda5443517329
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:11:25 GMT

GET
DATA 200
OK truncated
/ Frame 07BB 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 07BB 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-29 204 csi
csi.gstatic.com/ Frame 07BB 0
17 B 140ms
134ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krw78p1h&c=1433307210017&slotId=716653605008.5&qqid=CLaH88qRlfICFc9A4AodthAKRw&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1&umsem=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/8704ff99b8ce9c5307d7beb036548341.js?tag=video_location/web_och
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 07BB 0
0 101ms
98ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv0i-nFwJYbbJBc-BgQe2oai4BPrW1PRj5LbA7c0NZBABIK7h0DBg8a38haQfoAHZ1_e_A8gBCakCNZvgKF1Lfz7gAgCoAwHIA5sEqgTkAU_QHcSR4DYTMaTlaxiKS4oaEudrvOx_pNka8X4Kq4kmQTSgORkZxF6t4q8kmkNsp1YtuAUjdMYfkt5AvIl1LuZa1njpKxBFV_eXeYpFomQKDiF_spOH34ZIwPkv20Oo6zMlTq85sVgmxGIWo_hWjBIX5Nf9pDbVQJw3eVupE6rGCXFBTtFDUFBNEqO8WqOYYgEmlmjS5DHRW5dfEhp_KY7vEOzgFlBM5lZoD6PaCAGAIQABx4AE73qJZEEMZL1v-MhY3-SakYF4LmDtjOWOmlucAHIs6LuLo4ItOWcrflCsfvz3p8AEiImJpMsD4AQBkgUECAQYAZIFBAgFGASgBi6AB4-oiECoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQs5wC0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi05MDI4NTM2ODAyNzY5MzIxgAoDyAsBmAyoqK6gywO4E6EE2BMO0BUBmBYBgBcBshcaChgIABIUcHViLTI4MDEzMjY5OTA1Njg1MDg&sigh=7VeOjUQP-So&template_id=545
Requested by: Host: f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
URL: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 07BB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a96ac819d82d1ba80e2f60f3f2d9559da35cc194b425234523df09d1028fe88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 csi
csi.gstatic.com/ 0
17 B 133ms
133ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~krw78l75&c=4407007712394310&e=31062031%2C22316437%2C31061180%2C44741898%2C20211866%2C31061691%2C31062065%2C31061692&ctx=1&met.3=112.1pl_1~247.1vh~248.1vh~326.1vw~164.1vj_d~165.1ve_h~161.1vw~868.1vy~889.1w2~639.1wf~160.1wf~914.1wf~247.1xi~248.1xi~326.1xj~164.1xi_1~165.1wg_13~161.1xj~868.1xk~889.1xn~639.1xv~160.1xv~914.1xv~247.1zr~248.1zr~326.1zz~164.1zy_1~165.1zq_9~161.1zz~868.202~889.205~639.20c~160.20c~914.20c~189.20j~189.225~189.227~247.24h~248.24h~326.24j~164.24i_1~165.24g_2~161.24j~868.24o~889.24x~639.253~160.253~914.253~247.25z~248.25z~326.267~164.260_7~165.25y_9~161.267~868.268~889.269~639.26f~160.26f~914.26f~189.26f~189.284~168.2qp~168.2qp~168.2qp~168.2qp~168.2qp~168.2qp~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq~168.2qq_6~168.2qq_6~168.2qw~168.2qw~168.2qw~168.2qw~168.2qw_2~168.2qw_2~168.2qy~168.2qy~168.2qy~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2ri~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2rj~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vf~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2vg~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wi~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2wj~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg~168.2yg_4~168.2yg_4~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yk~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yl~168.2yy~168.2yl_d~168.2yy~168.2yy~168.2yy~168.2yy~168.2yy~168.2yy
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

videoplayback Show response
r1---sn-4g5lznez.googlevideo.com/ Frame 07BB
Redirect Chain

https://r1---sn-5goeen7r.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&mh=K4&mm=31&mn=sn-5goee...
https://r1---sn-4g5lznez.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

266 KB
267 KB

80ms
26ms

XHR
video/webm

2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=272462&dur=15.000&lmt=1621867376024965&txp=6316224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMB4Q6BpbF1xj_mBhcbZJK56NXqKkd7sp3z4rmFIAq8wCIAU_repSbTZfDsmYzJEV-3ymbEhqmpd6N7WKYF1iUJwf&range=0-999999&redirect_counter=1&rm=sn-5gol67e&req_id=ddd5b33d098aa560&cms_redirect=yes&ipbypass=yes&mh=K4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5lznez&ms=au&mt=1628002520&mv=u&mvi=1&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJUTXvW4hvN1BjOEuXlBbR2suz422oWP-mIaI2jFgo1OAiEA9676eVZolY1eWbqPcZsuo-6W2Sl-2MvAXE3GEPkLm-k%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3ca77ab22b3271656aba67ef1889285001275bf66c2c9f0b98a79eaacdb58a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:11:26 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 272462
Last-Modified: Mon, 24 May 2021 14:42:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=28498
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 03 Aug 2021 15:11:26 GMT

Redirect headers

Date: Tue, 03 Aug 2021 15:11:26 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r1---sn-4g5lznez.googlevideo.com/videoplayback?expire=1628032284&ei=nFwJYY3vEJeCgAftr53ABA&ip=86.106.103.4&id=46305c0b408a2654&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=272462&dur=15.000&lmt=1621867376024965&txp=6316224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMB4Q6BpbF1xj_mBhcbZJK56NXqKkd7sp3z4rmFIAq8wCIAU_repSbTZfDsmYzJEV-3ymbEhqmpd6N7WKYF1iUJwf&range=0-999999&redirect_counter=1&rm=sn-5gol67e&req_id=ddd5b33d098aa560&cms_redirect=yes&ipbypass=yes&mh=K4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5lznez&ms=au&mt=1628002520&mv=u&mvi=1&pl=52&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJUTXvW4hvN1BjOEuXlBbR2suz422oWP-mIaI2jFgo1OAiEA9676eVZolY1eWbqPcZsuo-6W2Sl-2MvAXE3GEPkLm-k%3D
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
Expires: Tue, 03 Aug 2021 15:11:26 GMT

GET
DATA 200
OK truncated
/ Frame 89DE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f4c89d2ce3fe547c103673108550e1f50eab105a429a31a3270ee740edd789c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 data=NYdWuxNQrXEB2vXV_OAxg79xotuvfvStVnyaj-jQN5Ad984DtFA-xLY9N8mHVMAmEXkA8TzFqUzBwHHqFdnGdXcZJHRCZx6rcd9kbaAuiGWLFxY2QlBiBDCDdBo
mts0.google.com/vt/ Frame EF22 24 KB
24 KB 148ms
147ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=NYdWuxNQrXEB2vXV_OAxg79xotuvfvStVnyaj-jQN5Ad984DtFA-xLY9N8mHVMAmEXkA8TzFqUzBwHHqFdnGdXcZJHRCZx6rcd9kbaAuiGWLFxY2QlBiBDCDdBo

Requested by

Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

7fb3ac3e065780d8ddc634c5c0926eff6a06e41d7a3a06089f109855d258cd06

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=62
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24334
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 0802e16ec1b80bedb
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:11:25 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 89DE 16 KB
16 KB 79ms
78ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 597238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:17:27 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 89DE 15 KB
15 KB 81ms
80ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF22 0
0 96ms
96ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTAsOnFwJYZDfF8e8gQe6zTT61tT0Y7qOkcGgDu22iuegCxABIK7h0DBg8a38haQfoAHZ1_e_A8gBCakCA_vDLIRIfz7gAgCoAwHIA5sEqgTqAU_QNhHXioe8uruBkr4MDf5tyysgWAThDpwjRTXfhjJGJ0WiZjuWr5TJzKM6utUP-GKHunqiBHWXsoSCa0tqREHj9YR1kQi_2cVVTLVp-w3SnzzOauMqyOevvs6V3HwXyL1UiSMgz6yWeYiWt2yhl4_4ZvWOF4rS3XNimzMlXGu9dra5LP0PcgEcFT-9_apoEKYc9o1I52LyqsyoM-f4bEKOAvBEJoS3TlMUIUEbIyMFci2vv3d3zCV83Mu_Hp-RdSB825MeComubY56_9omz30dn1luQ7YLgpP3sDLZwwKUBuvUcU6a5QfDqcAEy-T5m8gD4AQBkgUECAQYAZIFBAgFGASgBi6AB4-oiECoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQs4UB0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi05MDI4NTM2ODAyNzY5MzIxgAoDyAsBmAyxjK7EvwO4E4ME2BMO0BUBmBYBgBcBshcaChgIABIUcHViLTI4MDEzMjY5OTA1Njg1MDg&sigh=6gHDjqFctrc&template_id=515
Requested by: Host: 854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
URL: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EF22 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdcbe31bd088370a8175b6925c68c633882c23ff66253fb8d2a5b7a6bb12634b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 22DD 35 KB
13 KB 77ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 14:43:43 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame CB8E 35 KB
13 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 14:43:43 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 07BB 21 KB
21 KB 75ms
73ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 5103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:46:22 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 07BB 21 KB
21 KB 92ms
80ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 46147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 02:22:18 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7704 35 KB
13 KB 74ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 15:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 15:06:14 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame FB25 35 KB
13 KB 82ms
78ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 15:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 15:06:14 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF22 21 KB
21 KB 75ms
74ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 5104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:46:22 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF22 21 KB
21 KB 74ms
74ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 46148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 02:22:18 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 74ms
73ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210729&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ce1593bd2dd2145285e8dbdc8e8b47fbf1c914edfbabaaee4e18dd888573eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8631
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
103ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=newsoku.blog&doc=complete&pg_h=7640&pg_w=1600&pg_hs=7640&c=2&aa_c=2&av_h=397.500&av_w=798&av_a=258690&s=69&all_s=69&b=4198.203&all_b=4198.203&d=0.135&all_d=0.208&ard=0.034&all_ard=0.085&dt=d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 42ms
15ms Preflight
text/plain 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Server

2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://newsoku.blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 03 Aug 2021 15:11:26 GMT
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 67907a7caca32c42-FRA
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 35ms
35ms XHR
text/plain 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 03 Aug 2021 15:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 67907a7cccda2c42-FRA
vary: Origin

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 394ms
392ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:11:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F839 12 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:08:42 GMT
expires: Wed, 03 Aug 2022 15:08:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 872D 783 B
534 B 96ms
96ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f759bb8e41aa90d6b8c1b97cb02d2fc5feb93d2f1972b253863fdd22a26911ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AAB+Yds/DZvlCOtSfP6CFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:11:26 GMT
date: Tue, 03 Aug 2021 15:11:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AAB+Yds/DZvlCOtSfP6CFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame F839 35 KB
13 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 14:43:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC6D 0
20 B 146ms
142ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=1888152301674675&bg=!FBelF1PNAAals0SOpbM7ACkAdvg8WqDir2MobF13K82yNnYLemxeSUSDPXjH5yz3VJbXxhoBNr_7SAIAAAOQUgAAAEdoAQcKAOvVgBbXoFcGu5jOBNZLnCxvXEEMMxhn4J1VCiIli4kRWeJy1FEQs8EQqjmgnDUKJC_Vfn3NHGAwE_04j7O5ItkAuwbYCZY9MSu4smNu5dxj1z3LHY54NN9qmCEGRlOoYg5q250OdZ1rBEJfLs73oW1WXfspfZR3L_VmZXyfbFvDse964UPPDW0hzAnQWL6gCCVMg-LeVm26V7gW9KQCXV_BmMngmn0B1fw_Qg_NX4i3SgTDcuekk86u1QTYwjKRI9NDZiOxEeWUT7D7dIoeKO72yTkfNgtkcivW1kxvCifPvmR1GSDKgbmvhhE0mQKNZh2wYB_9u7YbnWQsu-9QZJDYz1y4rfco6Vq7ZCi1EU7kyPKR_maeEUSlj3hmhYBTLhecNVNA20UcJu7uC75bKDML5l_lMuB2q5norNt-dYtinmFOKVaP6csS481m1MTcNHvKoQEpxWg4JVEwp9Xm3a8th8EH9PCmvo_NvckQNmpiCgKkLNj8oxSmwGaCtZU6C1wpnsMau1FBPlHPd5Gjukg9tk_zijQYLpKMGtLdMMFUELBjQUYSNCtLHmnicimb8yWC3NOzfAceiTEOU6z67qK0-wRPNQGhtZn0LwjJlRfBEFwNF5FmmVRnNZdt6fp-YuiQHaFGrJbpo1HLFsvVPwgcSDfshGKCWPm2yTAQlyaXxDfVEERR83nruqMbGhFcV6-gMDeDr2jor8NsCTdxSPJkOP8E1fTnoW7Vf3r1OV-mt4iCsazqNEnm8xq2HNSV4CdJsgF8VLBnk11XQD4Gytm70xi62ZIcW-OR0R1Pte0Dz3pcJd6AUcpMKW8-_MWSAgzc5Nc2wQ0NYk4bPu7zd3wwhVvq2mYI8zgj9MZhgH72-3zs9ueh_HG2nEEVBTbq5UTKjY9PG5E6k8T3Lb6dfEvd_A3s7bzJs17YfAy97aWqiMDJwv7SOw1zd-Mn_iMtvyiYCwT9TLGebVO09PMwDbw4vTmrxl8ZwPG0Ir1ML5gBtbgNYX6fp1SaDBE2qYlkltm3HLTmvbQH0P40T7JwdKdKwdDVpoaZzXpmj5nT5lRI3XsXMrh0o_AFyyhs7HahWdyuHk6NubI8ivsbBqVwht3p85QEFOi3xJbcaIDb1o622JNtYDIFAaQwHU5IXEdR7ihdHF-jlgrwbOBplLzBINmhKhm9OLxaOV9r-90

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADCE 0
20 B 144ms
141ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=197926289219724&bg=!lZalltLNAAals0SOpbM7ACkAdvg8Wrd2ppwYixOl1SSp507m3tQ8RjW6liSs7fztEnZMgd0pPyaZfwIAAANbUgAAADJoAQcKAJIA8Clx3cgloh18-Pi29BhncxZMT0o5UbeTWlkWQmaXSkQvplatLZ7mDlcbsqUQb3hy0rnmMOq_5MDtbvOoL3UzrAq9Vq_X7d94aQWd24L9w2q0D24BrN93zy3xBXtU1iw4Fb-fIEfHXq8G2WETjm28Y0vi90s9BpQA4ti6uQULxrvlNCFZGR4KXJjR6X5jMEYBTZkClNcE7o7hRB5CaTX-AkxBy_Suc5VBQLrXLjdshXy0cdj6mY8AGSfeRP3IEQjHRh2BijUKpDA70RCVYEiarxndt4dW9kmlyBuMI9mdDxSygy_4jm2-GDvR7hnLkB8LKGhsDJ2RO_LzWRCCWaLwoaXrgXMxgnTNzXUXYfKvfyU8Cm5xJPCLiQNIvwBrq7v2cYbTPYU8N5IK2fJBMoh2F5IUUa9ztZaavOeeH0VOgFnp05XO4ENlXM8mEJqlI5Q5TdwqwTC82pY5LPwhHqIIIs8flltGfGPklszzPUDxc4H_gUMjiADNFcysfwXY7doEPY_s9eXwuK3iWuw0boSwvEEs6lt3q5UPRb6i0Xd2vWQwdtqPMIWYlHQsfZegSxTD1Y_7acIipUJVX6O1efw5RstAf1yW2p6wMuh2wAwUEUQzjJtSy94hbVNC7x6gDydRe8G4ca7_Na699Vsazefi2C3kcc7l4wXdxEOmwLsuNz10XXfBY3Q1T1-LYlgAZ_nu9LOHJktByfZKwCbKZm4ZoW5yE3G3jfMXPu3aBoSXTit2MEF2a93QsnMFEoM_Ma3jk7o8oemXPGRURAFxAcp8pc16MVtcSv_oIotINBgFL81ntihesNnos6V4b1vEwgrn2950hxnr1KoFbzpUasKTjEzaavz6WdPUikWYmzz_NIRYrEnS3f_AygIYrJw0sRCSNMu3eD0j_IMtQBHk86gyFVeYXD6iLb8Q9YHWICaYwzBA2A_pGlGCTnZZYi_SPeqUgqYfB7dF6IoszeN5zysJqL2YwcVqMouewtokcuYutv6j2rbEsAVyirfM2BqI3DNv-yepCz-wNHr_82YuM8WCqRZnjbLa0PWPobPWrxSqDvPHrD_1cGI8cA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F78 0
20 B 138ms
137ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080201&jk=1463723284937073&bg=!U1ClUBTNAAals0SOpbM7ACkAdvg8WqlTghkH2R6QFcmth4oSb8M2Q-A_R8IgaC4BRk1CLfw6sICSpwIAAAPXUgAAACJoAQeZAof9k_ZfW1UCOQo9-27Kvsr_cSUKF_QrFq00v0xKzPvq8TIqUOv31V78VS7cGhFEamgen0xfZTCTw10LwRkqx53QFp4tqnChUltTsLRdoUiYbH5TIJUzXnL2PV4j0Or5iqh4J7IOv_B_Ah4dOCyLIcOcZbixavUfuGr__G6NENR3PVPzHNqvKjKXiAZsLOAycBNmRNsWB_Vu5oahMZxTznOevlLmsK05L1-tGfGsTgOiGcbLfPd53B79bXx2eRIe-NZWu5_mFqygS5m_1LyzR7TE-wMEvnjjU5nBGrI803GwO9KCmA0IsfRF_RHnM1T1cs_Ht9uKYAVXm5XV8sRq1ow3tPfwo9o-t6W6P5I-ncYioX5gh6P5nrT2nmkEW-lb2UWBLdy8wN0qAoi3K4UaA_nT7nzVaIbyphepeayBEMwsEU2SUG--w1ftAQdavh_E2-NxGEu5p3lTqin1UZL6SMcshCiKcXRnSfdWuv5d3rHfJiXSl3KMnvHXetSA4qT7F123YYU_o3arFqtWYN8vtUVBFNLfyylCn8fndm_7-NqyNvQundGWELlOcvJaWn5zJPzcc-K53vpcgRzH_dws6uiBDY1SxfnjQCD9osP3EQklFhDql2BkH5eTq8jaGhGut1nvXrwc3QTTPmvzdY2UMjpzrsq2sVIS9U_95oM3Fy2EPDOSVT6QXSBw4sq8h9-xEiowedaRLbXag5ZuQFZLFS_4aoutbXqGj_ycms_S4eNDNBF8LNrANxrkziWF6Mdaw-quNgoKeykWiQ5yQi7Jhy8xZpKaP2TaL6k-mkQw5AlpCLUcsqRUczpaStzffonw_RSGwIQ3CS4YNGKPQslKMlJIvDz5KNlCYw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1875 0
20 B 141ms
139ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=392919081533847&bg=!JySlJGDNAAals0SOpbM7ACkAdvg8WgYW9-H7xqhrAHFq8X_Re1w71j2ucJ8Q6PePB3tpCi3WyCSNKAIAAANvUgAAABdoAQeZAoZav_LTWEuH89VEoI7_zeWl5yYJC5TLO07_HXm1omIhtQkw0roims14rXK_iQfRAMs8iQTml1sDVeW650crWiemS7HscZwSkKs84dun5eVsh1CdzJKTBZk2a1LLX8N8IpqAZo0p0e123msDWJuAiytaFkdoLIGIBPG3pU67_O5T5i7AKf-gNARB6z7WkpOCo68q64Cdo6fcL_qZKGgQxXmvAPWo2ec47UUn966C9BE5kk-9R7JDYCUPy8KJgzGrOpYwbDspS2FnASKNYOZoaEPuD7_GdF8XgBMO1gYT4lAHXWdpmNwIDkduLecVU4TXOg0wXr3jAYDhSqHORE7DFkd_28C57AIt-BLo2_EhK7uwkYaWEbplRilosKPfsZUwx1O9Q7NPbsNvcVVenXEISnddYNAdup-uFiP4DwcvuH1de4rbMsDZ9yL7UeEL7QRQPekdHDcxxtlzx49d4QI2kGXppbLIvr_YCV7QoRAZnMSBFcHx4BACwiC_3qRilXxMPwi-MmAP38DZDErZRePUlLzaFSX37fultsBVs63p2Abi4KGHaZ3hUbwD-RIBC6kD07_lsfOfQ3cvlWD66A0UN3kOSEopaNl37s-7aCUHDJ1_mQDxqH5NuTvyYIfu6wE7rGz4RaID8N8LhfZaUEVGKCudlRATUQubD9KAUZXswr3gdt3A89cQpdXaJHAj8AsefsWIcDikUL17t_E99rDPq6FhK22FSqkj97xzMhyXk-7PAYnjVWN_hJgOzj41EHpSZCtn4QQeVcz6MaW3cOJjzM61MfMvgTHk86hpdKOf73H4W5fhUW709CbSzOnWgWt829YE6GiV4JES2aU7riqhXECofgpC2ALk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 07BB 0
17 B 131ms
131ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~krw78p2c&c=1433307210017&slotId=716653605008.5&qqid=CLaH88qRlfICFc9A4AodthAKRw&met.4=msms_oso.krw78p6m~lvlcl.krw78plq&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp9%22&msms_cs0=150000&msms_ns=1&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/8704ff99b8ce9c5307d7beb036548341.js?tag=video_location/web_och
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ 0
17 B 130ms
129ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~krw78oyl&c=4407007712394310&e=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&ctx=1&met.1=1.krw78jhk~6.0~7.1~8.2~9.2~10.3l~11.1p~12.3l~13.ys~14.16y~15.yu~16.2cm~17.2co~18.2cp~19.5wy~20.5wy~21.5x0~22.19d~23.19d
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/rum_fy2019.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ 0
17 B 128ms
128ms Ping
image/gif 2a00:1450:4009:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~krw78p5i&c=4407007712394310&e=31062031%2C22316437%2C31061180%2C44741898%2C20211866%2C31061691%2C31062065%2C31061692&ctx=1&met.3=113.5y4_1~113.5y5_3&met.1=1.krw78jhk~6.0~7.1~8.2~9.2~10.3l~11.1p~12.3l~13.ys~14.16y~15.yu~16.2cm~17.2co~18.2cp~19.5wy~20.5wy~21.5x0~22.19d~23.19d
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:820::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
102ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210729&jk=4407007712394310&bg=!ERKlElbNAAals0SOpbM7ACkAdvg8WhYXIZPywL0dheBuGT2z7khyuPgaPnFBdZ2iISXsTLWWt1hrJwIAAAE6UgAAAApoAQcKACcjbbEhitroXxtav1q-sYcf_V5siyTMTD_XzIXVfmvpABIU6iTbOEyZAn7uF_xfZIW_JCTtqEaWu76oQWlGbhNUxxsC6ghQIQEjL-L3fHptUhJM3h2_RVA7VVPrKhaL3YiH8jeaLF3MXmaLYUGlVRTWkrT03G1yOVyrnno1MGt0LiiCFGDMV6aO_QOjScpOkSY6ZzkQUVjI-gxMKuNl2wwBV_NE1XxBh1sbFVvEFkeD2XiIpUBkDF2oMIyNJGjnGSuE9sRtx4G2AJTWOPWlP_msgxi5BUFqc0oKk8CSGwr17hRLw3Tj73xJBebGaMkRVf-3ocpi4NJ4seNtswBeZR-2SB7ap04jVwbAxYpV32KvRijPhvzUXOdsDLTJ0FTGSGjdmUWTlGQQ3TR9CCCZOPeWsGpbDpAUNr2zw109JYKXoTe2zhk0SccoX4fnMgIVZ9DOAAMFj-lVqse5opzs_Z2BWe1rFhYACCaSOI03kgpV6Rmm04z0Je0IxliZI_TN9ZbdIiX3U1IdgBNy547G8Qp1CIvtvbmV__A_0zRbQVspGJYG2wiEZHTvtai4RLi0M1f00YguGOrNRMu2QPn2mdNnilfg-0ucHRvWaC05C3hAu1L_0f_68IbiHvOLIhD5Hjo9ReAbkiES2qBxG-gu3At8mVKeYfjTXVbwfn9E41suMHwrZDVcc-uz5rWV-wT_i0c6ZZNSpzAMV_Br6m4MBHjbBn9dGBFlODa74RL_aKg5-vp7kxnCywwIvqOsjZb4yZ32zIWYlDNqx84SMiRTJcRyq8oK0vLvHmofsnGxxPGfy3dj8FxZphxwT9wm9zRJ12c5DRQu7krz35wgw_6Lf0rWtihP3zRBiu7svkxAxfHD6mhpjV8KJRL6gY0FLqbDInJenZ5-QC78nw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloudflareinsights.com
URL: https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 05:34:59	Name: IDE Value: AHWqTUmnCXV0hYT2CjXu6dJh4xS4C3vgdlbEIx9jzitQyl1dnlxAQPjFSTu6ANZGMFc
			.newsoku.blog/	1970-01-20 05:34:59	Name: __gads Value: ID=746b245124b92029:T=1628003484:S=ALNI_MZ2V8Zrd0PzcN-F8ZEZSo6_4WaCrA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js(Line 54) Message: q2w3_sidebar_options not found!
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003479&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003481192&bpp=1&bdt=1499&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=5563500818245&rume=1&frm=20&pv=1&ga_vid=235413816.1628003480&ga_sid=1628003480&ga_hid=1339347751&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061381%2C31061485%2C20211866%2C31061691%2C31062065%2C31061692&oid=2&pvsid=4407007712394310&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQjL0ydXhR&p=https%3A//newsoku.blog&dtd=18
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=300px, min-height=250px styles on the div element with id=div-gpt-ad-1614561692654-0. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b14f2b281421832f44f7013a21b2649.safeframe.googlesyndication.com
64510f5396618b07bf0332fe8ca71d70.safeframe.googlesyndication.com
854e759d03896a10da405e6ab3a80667.safeframe.googlesyndication.com
ad.jp.ap.valuecommerce.com
adservice.google.com
adservice.google.de
adservice.google.se
blogroll.livedoor.net
cache.send.microadinc.com
cdn-fluct.sh.adingo.jp
cdn.ampproject.org
cloudflareinsights.com
counter1-cdn-ssl.fc2.com
counter1.fc2.com
csi.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
f47b5cc504ce17eb5c2669975f771f6b.safeframe.googlesyndication.com
feedrapp.lliy.biz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.adingo.jp
i.imgvc.com
j.microad.net
jgl.microad.net
mlb.valuecommerce.com
mts0.google.com
newsoku.blog
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-4g5lznez.googlevideo.com
r1---sn-5goeen7r.googlevideo.com
rranking9.ziyu.net
s-rtb.send.microadinc.com
securepubads.g.doubleclick.net
sh.adingo.jp
sh.zucks.net
ssp.send.microadinc.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cloudflareinsights.com
103.142.125.193
103.142.125.195
104.111.228.89
13.224.96.123
130.211.14.194
133.242.86.196
142.250.184.226
147.92.191.167
178.79.227.24
18.180.188.164
210.140.201.11
210.152.186.219
2606:4700:3033::6815:3978
2606:4700:3036::6815:1f43
2606:4700::6810:5f41
2a00:1450:4001:11::6
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4009:820::2003
2a00:1450:400c:c06::9d
2a00:1450:400f:11::7
2a02:2638:1::13
2a04:4e42:3::737
34.212.109.130
54.64.230.133
01df4fa17e2de0ae26a52975fbd0d4ca793e3556ccf311d1169be6a167957a75
032d7424ff8648f023de44b87fecd221968b9e3452d64ad8b39867381d8ad53c
091664df5b077189efc9b718608eee8e0145d5f0b8d339a1c58091682ba32531
0b80f6bab833ac724ca1abba7179e4cc76eded869df0929184e4f5a1145f960a
0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f67a744ec50567f11b95186ba88b16abdccb649be04777f4108430c2429929f
0fbc6ac50de1f945ff7ef890477b738e8bfc6adf498ab8321fafb86ea29fd2b7
10915932b0003f2d6c5ccfa61fd64b82239e723b4ad813c70adf1fb2ac246a2e
13b4cb1e8f744dbc4085d2d55103bf1be6f2eefbdca1b7b78fd9447bfe279c95
14b6671e80db28b6ea631c46b01ed05d8039cef8bc45345ba3a77537908f82f6
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
18823a038c5c0161d2ee22fdce041611e8afdda41b9a32e1e8238225c7bafbff
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e16e0d17877ce76a0934640c8e399fa52cdac47d98838f652e4f359d0f6331b
1e50f76135cc95fff5370f1cc12cf75aaec06a62d6506be45de107fa968a245d
20c545eabaed46896274b25f4e094d2bc2418de4c0021e7e622ef79f6a634b8c
21161526e04840490e533e0233cabdd93eb1fe6632c84622e192c023c3bcc21b
21d6750d6fc41396b29fa117a5c99892c68a461f6f9600408996de5a9ad43655
23c82c051817731699afc8a9e7391579f94d16046dceb185488216db7e996e61
24180076912619bfdda14fe2cd15327c01d178bda15002cf9c2e4e8bb20abb8f
24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f
251d2b5423a0840a5487933246d2662ec3df5244480dd53c6231f12f60d58349
26f90071422a01b2d41f6e76aa7ef14053db9b988d9daa055d57e204d4083fbf
29704599256f0d47aeacc5201899be420d458cc274b6112583629fa109fb7a7c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2da5074483a5301aef786c6636809d4e7e532a62d97fff1eea7fcdee7c5b9da8
2f944bf60b63a4b07fc4da609acdb127450877f4437e6f310bf144ed5f48f1e7
2fdc1be927c5fc7bbe9e2d1f556e0abef235d7f04b14056c7e5a53dca617cfe0
30cf8ff8efb28ce78ad5cbea0755c2792592df5a30d9fbaab76fb1beeb5e5d0c
32e6605dc0bbe8af6c28bf89321a7ea8f2ababff2917aed4b7f9e3b5a20d0af0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ee4a8c8a79b4ad2409c2fa5a560647c1ae021e0e497a1583fecae77e9da829
37164eae97cf2355eb09b9e59d3b2d1f138fecfbdaa166a5983bc097c5090161
3b3c3a714f1f02c5a2170135d230c23391ed4876eec1b5a6b80a456ae7602350
3be64cdc9922577bc5151d37345f719d4e13990475ec503d087da5b3d62ae725
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3ca77ab22b3271656aba67ef1889285001275bf66c2c9f0b98a79eaacdb58a66
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
42a736a557bd568494a46c94af566e9827ca4086857266b17154f946f87c811e
4527c806df258be9d6ac87c7056b67493ed62b0ab9d77a65a77773cbc4c2cb66
45f6745419819a63088588ffa573dbf8648ee310a5b584a7309beeab5a81eb8b
46ffaecafd3168c8a1886374da78cf22b9410fc6687b5cc6e9d02d9029b46256
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
477985b51222038f2370de006db4a40db9d45d9b50d935936949c8b330e703e5
478cc6c9bfa96aaf25251e3cc4ab3b56691b7bc9dbb93aa694b252936598a8de
4abe57f15b190750b0c67ab6bba23a4343ead16332cfbf0e3d86c33866071002
4bbff3b2ccc0a56b645e86c07d041645f5caa4b920b9ec999e5a3b06d79ca12e
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
501a7ae1819132c01a6b60246548d24328181148ae316ec9e2c463e8181462f9
50e9eac0952feb208cb45b749e0e758faed9e41e814c2e1193ba44c1acd64356
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
550623b3e80d6d369c3bb5df31407fac501c3785ded3d147d5c62c3eca76923b
563957261967c2e07ff50183cd07df30213796f23d0055655310172627d4c0b3
56c35510c5427450fb0d2c302a5c09494f985c65807eef81bc3058f568a70c93
58b43bff1c3d5ba08c43cd75d9183ffa29f7aa9563d6a78954947951d0d54714
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59af45ac1734c6a3c42f9341dbeebe8856eaea3f0cde6e89762540e54714f1eb
5af90f767aa897d01a00198f932b204982d226eef2af2345e7619165cd93c744
5c3242211121824a52f16899d7178aa93d3f60bf8cce99a7aba750be943dd5be
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
5f4c89d2ce3fe547c103673108550e1f50eab105a429a31a3270ee740edd789c
5fa29d3f5fe844fdcce3218a722518d22c2329bc0c2aa5eade62c19c49b95140
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6300d6629cba686ceec6b44c979a8c83127baa72d2fa10374aeb41005d4002db
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
65212e8a1bd130b9edb5e59aa40996ac828e19951514f0dff9e241910f7d8670
675678da886bc41e8aa6abd26e2e0b0df1ab0f0b47603f1e731a15c3f89bf7b6
6b548461f9548258317bb8de73f52ec5228cc8fdbe32442b8c02b47839ceadac
6c64daf911643b5212275ae769d35ea84a159704fcee2594c92bd655b51fc7e5
708fdf58c59b51d6238338e255e5d077e6b6014c0e5fa0c58cc0fd3c013a4b96
70939c38357ed8eea2c22ddf3f4ce239ccf6244c27f16b58b15e8e6cfb8344fd
74619885e0bac5fd57a37f96fcf2a4806def17f6a968d40c184861cb461888b9
74ff61323de25fdedf2f46dd74d6b04afea2379d865db5377426b4fa818e50cd
75b72d43aa23ea2d0481c32898bbd8f875f7085abe39ba875e19b695a31b24ce
78a94c206bfcbb8c13f0991b653c71ff50b4feddc6818ae9edb88f048846ec15
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
79d0add571cb1425641ed075c94e39c594554e7ba0876607bad8f4e403412209
79d3fcf852afe5b44b28fb5c97a93c57d872cdc81d390fe58c5b6d8566a81e17
7c689d09d8b6ecb19e622aa51f0db38e33dfcd35a3d26419bf4b8fcf235fe221
7ecb9b9a174c34e4bfc4ecf20013a055cd3b1d35a68a176f854b5656bf0191ed
7fb3ac3e065780d8ddc634c5c0926eff6a06e41d7a3a06089f109855d258cd06
810d753f21e9213e856ed9f4e375e4f1b3381081afc48a5c832dc558bb649db2
82c1653d4bc31ced4bb1eb275e907679e076d6d32b36c6e3664cfae0868c4ed4
83805167ca9d6515ab4324cc1ff727562b69b89c8c687ad26502087dae743806
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8a96ac819d82d1ba80e2f60f3f2d9559da35cc194b425234523df09d1028fe88
8b7f074f00e3dcef825e768692d9893f2ce013741636e66678b5d66b87061d33
8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848
8eb2ef3f120cb7cdf7307489008aabe8f9ed2bd7a3731c1c3aed0a9e29c6d415
8ecd8a2a755277092117f555282f52424d3d041ec869e59112df2bbd408d6f95
91c6314f4d5591f0de4f253069af8f42be93e8756519f8ac6428db9aaac654ef
937b5332ecba19e8fda305f7e28cb402c5262dfa6848295c72133cd4c0bff066
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
951a39578447c900897fb1c1a5228bcfaa75ae369f88a491d9365a72fe373eb1
952105810639a287608d81a207f6457caa592cc224f48945e27bda7105a1a5a8
9a283c5f794ceb65117b3616612560b09199d82daa99f50187afaad1a2c5c732
9d13f808bb67864acf7117755a87e4c9c033416736075a7959176de663025d71
9e72d5194556a1e6bf01d217736c792ff30c1eca4b56847c3ca884da4028f720
a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe
a3060f26ced495141facc77ce00b0086e7af28bfe495df9bb072571afa9de473
a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5
a489692e0aa52e287bc5482b045f756e530a9b551ba55203d0bbff6147041b98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
abdf77d7d21070b537ca17c17dd4a569b3ac19b32af7a5a7d797d99781123fbe
ac7aa1ac8785ebbaabc13270e1916861834921f059dadf96d48817dbee9c4f62
ade5a8c440fbeb99a0308ba1f428cb6bdad1709e6e7eb36e19b35d1539579d7c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e3a5b1170e9be0242e5530b228d787eaf8c07b7d7a942d749e830792f92e34
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b90803e142f492a24c83d344a0ef126a004dbc03c1560d3a8d46ec5044983e11
ba2820b0e1ef34d6e7b3cedae73f5cacd148e50d1cde26f45049b1aeeb5f012b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bde3d472cdf3de9dd3488e188997b3670ffa591341ed2bd642970552e6225719
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be9f5b64ab7cb957b1bf05ae03871236d4454dc2e6cd5a9f980e8ffded323b70
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c54bad592dee9c726bf1781ed73e7ab8d5906d0f558a454011e3825c5ae185c1
c7da846da1a049f397a4c11c3ec1e9fcd58682687e58edae7f96e4a968ea881e
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdcbe31bd088370a8175b6925c68c633882c23ff66253fb8d2a5b7a6bb12634b
ce1593bd2dd2145285e8dbdc8e8b47fbf1c914edfbabaaee4e18dd888573eb10
d07baa884f244fb349e91b1afd8aae10ad870cf17939f7177a53d1f0660659aa
d5a7079611270b8f242e09cfb89559e4a7ba77243bf9a5aba175a7aeb9323b67
d5e23251e6170d9cf2658e2a317d7901706636267b0b29480d33b0d3ade3dd00
d8810da4c489a6a73ecaa3a4355666adfc1ade70a064d0a6a308a22bac71386c
d8cf2659b749a4aba188fc732018efc2381a6a87bd3a2df408aa8f70b1abe5bf
d9eaa07a41373347d4a952ceeec9c707f8a41d45c253a95a782cf0a5727e4669
dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
ddcbb7b6f3e6ca8ed9ba275cdecf2a46f6e52342ee3b1d5f1e7be868f168b450
de06e6da508472eb430576608ffb63fbf15dabf506b16df35f8235824c95c594
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc78f3ad3a129ded1162651abd7a8cf9060b5aa2cde7bb9e28c2e92921b5411
e353d4321b4e069a05fd434c4b17e7b5207f8a8bdf7326f3917f513b514c9781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ecbe90b63486893d97eacf04b3ae21234091e8723bda3771add4d5b4c97b54e8
edf5b617f0524e229c49b05768841a491d4c728785b05db385dda4148c9408fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50e059c48b99eae23ccaf901684f6cba677b1e21bacf3f8aa6177caf2a9004
ef69558d0985b871e74039ca0fea43a2aaabfc5b070e2c5812b3604fa7c56e75
efc5d619498ab39954429b729f3d9e464730c85d65d696028c74d8887c7364dc
f0aadba653a56f00f1d3fe4fea3c09e34c403a2b7b1a54be6a719779a95e760b
f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4208f1099c130ce10247cf80fa46c626abbeedadb3b7e7c1feaabd0135c0502
f47c010865dd2f8ca816ba441d757b2bd4b3bf4f615b8b682cca0e6f2670361d
f759bb8e41aa90d6b8c1b97cb02d2fc5feb93d2f1972b253863fdd22a26911ac
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc28967c36277932cc65894cb669334ed4d5fc2d8fdc8d15924c5adc2dea547c
fe745529ac873c24c86b6b46649df2f4c9a78b84c95ef72ff9575b471a1ef2f5
ff2ab99b8a325ee8f57b6265b56b11e531f5e0c901ad195727fd8b12ad8232c0
ffd01fe260f80c7329c638bb758a6a64518ae05b491e2990d3264928add9a6c9

newsoku.blog Open in urlscan Pro 2606:4700:3036::6815:1f43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

303 Requests

100 %HTTPS

68 %IPv6

26 Domains

49 Subdomains

43 IPs

7 Countries

3544 kBTransfer

8172 kBSize

2 Cookies

116 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

newsoku.blog Open in urlscan Pro
2606:4700:3036::6815:1f43 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

100 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

43
IPs

7
Countries

3544 kB
Transfer

8172 kB
Size

2
Cookies

303 HTTP transactions
12 data transactions