turnnewsapp.com Open in urlscan Pro
52.187.36.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Submission: On April 27 via api (April 27th 2022, 11:11:59 am UTC) from SG — Scanned from DE

Summary HTTP 305 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 56 IPs in 10 countries across 47 domains to perform 305 HTTP transactions. The main IP is 52.187.36.104, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is turnnewsapp.com. The Cisco Umbrella rank of the primary domain is 522911.
TLS certificate: Issued by R3 on April 27th 2022. Valid for: 3 months.

This is the only time turnnewsapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	52.187.36.104 52.187.36.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.87 108.157.4.87	16509 (AMAZON-02) (AMAZON-02)
1	184.30.25.99 184.30.25.99	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	35.156.233.6 35.156.233.6	16509 (AMAZON-02) (AMAZON-02)
21	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 3	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
47	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
28	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 20	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 7	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.51.47 3.120.51.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	54.64.181.170 54.64.181.170	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 1	52.18.148.209 52.18.148.209	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.183.160 18.194.183.160	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	108.157.4.35 108.157.4.35	16509 (AMAZON-02) (AMAZON-02)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2600:9000:231... 2600:9000:2315:ca00:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:e000:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.4.170.196 52.4.170.196	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
305	56

4 52.187.36.104 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

turnnewsapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

tnapcdn2.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-87.dus51.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-99.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

imgv.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.233.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-233-6.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.23 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.20.157.55 (Milan, Italy) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.51.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-47.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.181.170 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-181-170.ap-northeast-1.compute.amazonaws.com

sslcode.adgeek.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.116 (Reilingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal90004.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-209.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-160.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-35.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:ca00:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:e000:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.170.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-170-196.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 Failed	421 KB
46	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 cm.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	265 KB
35	criteo.net static.criteo.net — Cisco Umbrella Rank: 628 csm.eu.criteo.net — Cisco Umbrella Rank: 8498	368 KB
32	azureedge.net tnapcdn2.azureedge.net imgv.azureedge.net	434 KB
15	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 64 www.google.com — Cisco Umbrella Rank: 2	1 KB
12	popin.cc api.popin.cc — Cisco Umbrella Rank: 23367 tw.popin.cc — Cisco Umbrella Rank: 60897 log.popin.cc — Cisco Umbrella Rank: 27268 r.popin.cc — Cisco Umbrella Rank: 26723 inrecsys.popin.cc — Cisco Umbrella Rank: 27974	111 KB
12	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12524 ads.eu.criteo.com — Cisco Umbrella Rank: 8495 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15229 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10847	72 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	239 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37255 hal90004.redintelligence.net — Cisco Umbrella Rank: 341417	57 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	281 KB
7	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 528 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	7 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	250 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 565	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9242	1 KB
4	turnnewsapp.com turnnewsapp.com — Cisco Umbrella Rank: 522911	124 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 778	809 B
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 48187 medialead.de — Cisco Umbrella Rank: 47852	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 226	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 318	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 50486 s.trvdp.com — Cisco Umbrella Rank: 49785	202 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 43127	5 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 567	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 834	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 14988	1 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1394	592 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1434	486 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1043	927 B
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8109	12 KB
2	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4914 l.sharethis.com — Cisco Umbrella Rank: 4426	42 KB
2	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3795	26 KB
1	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4032	559 B
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5559	726 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3003	375 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 82229	312 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 47083	630 B
1	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 8474	500 B
1	adgeek.com.tw sslcode.adgeek.com.tw — Cisco Umbrella Rank: 414586	2 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 404	22 KB
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 536	763 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 870	356 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 12382	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	14 KB
0	netmng.com Failed google2waycm.netmng.com Failed
305	47

	Domain	Requested by
47	tpc.googlesyndication.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com turnnewsapp.com googleads.g.doubleclick.net
28	static.criteo.net	ads.eu.criteo.com
24	tnapcdn2.azureedge.net	turnnewsapp.com tnapcdn2.azureedge.net
21	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net turnnewsapp.com
20	cm.g.doubleclick.net	4 redirects turnnewsapp.com 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	www.googletagservices.com 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
11	www.google.com	2 redirects 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com tpc.googlesyndication.com turnnewsapp.com
8	imgv.azureedge.net	turnnewsapp.com
8	www.googletagservices.com	turnnewsapp.com 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7	csm.eu.criteo.net	ads.eu.criteo.com
7	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	hal90004.redintelligence.net	1 redirects 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com hal90004.redintelligence.net
5	googleads.g.doubleclick.net	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com turnnewsapp.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	turnnewsapp.com www.googletagmanager.com
4	hal9000.redintelligence.net	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com hal90004.redintelligence.net
4	api.popin.cc	turnnewsapp.com api.popin.cc
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	cat.fr.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	turnnewsapp.com	turnnewsapp.com tnapcdn2.azureedge.net
3	r.popin.cc
3	log.popin.cc
3	onetag-sys.com	2 redirects 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	rtb.nl.eu.criteo.com	turnnewsapp.com
3	sb.scorecardresearch.com	1 redirects turnnewsapp.com
2	stg.truvidplayer.com	turnnewsapp.com go.trvdp.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ap.lijit.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.awin1.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	ag.innovid.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
2	rtb.openx.net	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
2	cms.quantserve.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
2	hm.baidu.com	turnnewsapp.com
2	static.addtoany.com	turnnewsapp.com static.addtoany.com
1	inrecsys.popin.cc
1	in.treasuredata.com	api.popin.cc
1	data.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	go.trvdp.com	stg.truvidplayer.com
1	tw.popin.cc	api.popin.cc
1	pixel.everesttech.net	1 redirects
1	fonts.googleapis.com	hal90004.redintelligence.net
1	ad-server.eu	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	pb.media01.eu	hal90004.redintelligence.net
1	ads.yap.yahoo.com	s.yimg.com
1	sslcode.adgeek.com.tw
1	s.yimg.com	turnnewsapp.com
1	d.agkn.com	1 redirects
1	odr.mookie1.com	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	turnnewsapp.com
1	l.sharethis.com	platform-api.sharethis.com
1	d.line-scdn.net	turnnewsapp.com
1	platform-api.sharethis.com	turnnewsapp.com
1	cdnjs.cloudflare.com	turnnewsapp.com
0	google2waycm.netmng.com Failed	213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
305	66

This site contains links to these domains. Also see Links.

Domain
greenearth.turnnewsapp.com
readers.ctee.com.tw
mycte.turnnewsapp.com
benliton.com
life.taiwan368.com.tw
trace.popin.cc
traffic.popin.cc
itunes.apple.com
play.google.com
onelink.to
www.facebook.com
ftdesign.tw

Subject Issuer	Validity	Valid
turnnewsapp.com R3	`2022-04-27` - `2022-07-26`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-03-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-04-25` - `2022-06-15`	2 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.adgeek.com.tw Sectigo RSA Domain Validation Secure Server CA	`2022-01-11` - `2023-01-11`	a year	crt.sh
m.yap.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-02` - `2022-08-03`	5 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Frame ID: 642D0BC4CF5BA9402A1A3B5D8DA7CECA
Requests: 97 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: B8E3724798DCA91B1CB08FD0EAAE7F27
Requests: 1 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC98C7C1048FE3EE9445497B24809554
Requests: 1 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12ACCC7E1B698326816BBAF6C29B5740
Requests: 10 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46DD203C0B660FCACD43F8D1E589EE2F
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wADXDgIu-fKAAEcruquCvVuMqGZt87MkA&u=%7CEIFsa0k%2B5PO2lMMF%2BsuCSATyqMfiGCuhHcVk0DZzpyg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR4gVdBR-5ATnG8SNiBv8q8BsOXF0xFMfkxesTWqpisMthi0Y65eIghAVh83fDWNqFU3NBCuKyty7TE8pD9BoaDsF-46h8oB0cWYwDdsS8z5z46RIsUle8Bi6uex7AZ7M07kJK1ZlYyKxjzhEcm1Y-F-9nXwSnd4iWxAzuQM2ieknE91MVrcMGD3vd8dGgSpc8Hf4CD8Ts0aWV1fNwpkynrlSlHDFSyHDYFP7niZx6YyKNqgq7hPCXc1ipEMypEuz-PptaWU0uhIFMouDs2iH2FuHg12N-9C_mcaWzgeWUsR9ZrqM0FCPIpAevKLcH9MC22UJ4TLGeWWvOD5X09pQBPwgESGNxPx5kAfWlB2yrmBYzduJu3wX9Id&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClWer8yRpYri4DcrP7_UPrrmE4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQLYj3VkVNqxPuACAKgDAaoEsgJP0NTo-aliVmFNi7qf7XKVBqu-zCF6XqQjUJdpS4eXewwnbvbPs7Y8vy013DtLZN3WVpXLDN0dDJZJfsaZVlj_yqVaNDs00RRQAaAKuFIah3w27b7mizvgQ-K2KztZYrNY2HAWDkdRqsISPgf6Sp5aIuuBvvbflebbpbu5nN6M_b4bmlxf1r9e3NmgNrDZpjPrM3Jdhr9NB90ZPSeQeJKE-5x7Q52jPd-DEK2apkyJC1LYm71LKD2Ba07SpMDUElWWyj9aUTkyvVrf45VcnvwgRg80X_aBLO16pn9T0VkQxSibrjGbbK1f9yO5xNXceOwSEJvITX-in1XCV8P2XRuQdNAbIyeZunNkGiasi1TObAeUKXdm-Q-G6n6Db6wghq1EpAaqvFONlHj4kFzjBWui75fgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0poSsc_QVTpq2F3Mj5VSUE6eGlJA%26client%3Dca-pub-8239792739044091%26adurl%3D
Frame ID: 6DF7CAA17E7EBFC981947FF5596115C0
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wABLawIu8iBAAekS-xB17v4kCPX9nYkCw&u=%7CEIFsa0k%2B5POyiKSioqWeK96h7Q1H6UiYiJRvSJiXHmU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOi8aedtujpvHWJVGiaagjsRJMCNNuAVCjnS4I3JTXQePCAax6VDsPif98rpRyLdMPubCzPdX2VlCI0PlpsK2OY-cyx63niSo7QUHWPtsRb9F9iCzyLh8FkD3oAQP1lx6aqNJtJGYCPrbO9vTRbUeWhykg3_XI0HujiBsAcieKxIgpX9LQPCDHl_MZ3YydcnUmuRQuRo5DsEkH9lw8jevdAjtljCP9f5BIHS7fOemUCTOHMDW6BpaWq9TILuKMAXDIKZ7xItP6A_Y50G2dQnx4AOLMUUQMwyMTG3mvkIcJpOBDx3rnj3MKYj5xm57yDh1Bx859rPEgn1M-7YJZ1bSvfmfPTXTZDkIT5zgERXafZ7ForzbaMPF6Zyv_SiG0X4lE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9h18yRpYqzbBIGR7_UPy8ieoALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoErQJP0N_P1EOEuF5jexWLS6d2nZZGgONWHuvKu0JPyUY5qorA8c6mReJ9onp-QfRQCcqvnfayxC4dWZWouojjS3S2d3N6bH9QyURJyQ1lUEp1s0pfGz6iTSMNIFZIMOJOBasXslHu_rWlD8Zm4v6JDh85UragcbwyodtUMTGNJWeTI_EkntMgtBL6zOVHZl4gIaP6ClUk0hyYw3GRwE7NPfN2PGXjwGcApZunb05rbAML5xv8sl0w8JKh--f_aFx7eaAjydJw08H5Tg2WbWuq1SZmXKXmw-_ni80l4AYzb5yfsQ4RSeUVJ_MjZd-1JRX37dUjFDl9HLOSbAtvinz-ftoH5o8-LuG2UYj4CSeVYVQxxaatP6twtyi4BAhxuN6Vn4Sv7s3kVjCgaFG8i1754AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouLBNUsXwMOmEWxnrQGNcnBzZig%26client%3Dca-pub-8239792739044091%26adurl%3D
Frame ID: 56A2049C1EA5AF4F848C9AD899E86D54
Requests: 10 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CCA0AC1F7D1C6F23E675D7C0F3A8B320
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAE0TYIu-LWAAEwN6K9G-5qPHwLkuE_sw&u=%7C4QYzjYUYg0B24P%2FVrSROjOQDuLN8%2FUit%2BgeEFi43Hk8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR5GpPtdUC19EkF0Kqn0Op0_Fq_K4O8GNUOGMY_tdJ5KpF8QhIyjGkx_U4CelQdUKI3Mk6DoiVaBLsipGQIdE4DxW5r9BZfoTSnpVQC75qVaL_sCaD81LTDcC0RJAlBSUAuUp2R-ZhJgJdh7LUPah2nBKp10xwRpdoSorZwHN8Ghwf9H3xNCf4cuhqcPqch_xmwtR-qALgHWqe69DKcB_tCDO4kYtcy7z3w9_1qu4WMV6a8AvzIt5itD0Ln5c2qGZZXli21UxW3WmPDnCmrWIbuGh_QNHGEWZz0CbQY_Apvr-kPaB_udLXUngbP2tSy_gsvkgzHh3nFSUM0jogBWD-FMZPKqAMeGYImSpe8nueZJEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHMh49CRpYraiE9bF7_UPt-CEiATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEsgJP0CnzGWJmyXWVWRB5HyDES-gJ8FqexxKsWxOjXYhk6m6e14n7ALUrUHi2RsdOh8ViQBOVCGKa7Cs_Aqa_grbLR4ernf9Z3Z7Qvs_Xl1cqqWOYS_kULNyXEW8HJG616ow25Q88UAOFev34l8gATIp0MFQ9XbfMtsuE7wP-q8NkMw3fhmJwEBIUrAb9jGAZea5hP9BVz4_ti583daxh6gSdGZB_5qHC6pk28dr-8YwuuUlmd-nnqkQsOE_hvF-272zPh9r09C11X0lfvz23ypNhThZpRK-JVWNUmAx9zksr6zOnkUU8dzCgqx8FNsjlYw4x8DAZlZ79nOIIeERFcEtRaJ2oisQ0iGvoXmf9N-NcJWg8IITf8NYUPiPrhX9ehJhl8dW6avxy-_6AV6ZsL3bmcv7gBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dO4fES1ucdFoQLZqYWZTi0wEOzA%26client%3Dca-pub-8239792739044091%26adurl%3D
Frame ID: CFA7743F9C1116ADA4FDF0A32D4A725A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1AA96F34B0163C71852EF8CCAF33D22
Requests: 9 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB091E70D5E5087228A8F70F09B2484A
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAG91wIu-d_AAfHxndK67p9IF-pDxayMQ&u=%7C4QYzjYUYg0AY1OUVpriRRY%2B0vl%2FpwltR6Amt5JLsWO0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOjXqDq-S3vvoWIMH1MvC2r_aOPpHHkvVOz3qnSAEbbQszune6XqpUSbxr0qZHIIDgkqZ3ChRg9YO1fsvR_mIN6YwNO50aIb1IT8mkdAw5_tUTzIDJFGrvHFsJbGgoQC4-Kv6pfOaEYsmhXFxsdd727DcPtwajmw2Oe_8NdHu67MvLEytBtIvjI_yvYXTOOkemwdTS6M4k2xgYOyUO5x7NxP7ZXPF0mQ0wI6ExESHZMela53KPZOzGMJxXueSKU_LVi10Xt18h-2j2QhfvAJS17joC98sppIDbNaoNATYtq0_RmYRT5YuMIOMf_HZx5luNBYc78IaJ0lraKf5ArXjgHDmTJqbk8-ElLdGH19CXpX9OhVWPTLiSKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA0U19CRpYtzuG__O7_UPxo-fyAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQIoSSGj3dCxPuACAKgDAaoErQJP0JwxGmRePnn_tqdHolcs_4jBEK2S2ulP_RMg_SGPhsetQhXhK_XiffRCqBNhr5fF9zHRhJjYiouISK8D2Cv0f9RKJYdyt23F6t00axlYhiw9Y5sXsoj4br3cRwz04SFhLdhFVAnmzvyW1B4qD3gkKcIQ28F1pFkslgNswsJbjrGI90RCvO51qBIs48USJ8YQrsOinv1X1Q-gRE44p2qHn2JuNLk9fdn9n-U7aKTmgoBnFK8drIiZoaJ-ZSrxD2s-qk0XfBxLXEe7Xh5QsH_J8DythDD48BMAIblYPZ6Y23txgQUe1N5UNkhHIvIbh7Pfv5YeSjl2aPKom5jFJnl2HTnDBxmuGNq2uDr3lBGdPGYrWcgSQH6G0EoodemIpaguaOvepwY_kUt1UnL94AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_31Nt5mV7DPTOt8ruzUq2JARqbFFQ%26client%3Dca-pub-8239792739044091%26adurl%3D
Frame ID: 6E9C7EFC3E7F8988CD70E26E9C88B60E
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81E48EE2DF2ACC54F844A87AF656A86F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E61729DADDB00F51F6517690A122FE6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE5C68A5D9AD7B1F891B67C4C316F5F0
Requests: 2 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C33BA1311FAF4A443C0207CD7172374A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXjjcRmtmXYIJu41GiOvXNn0zIUMn-H5d-pCvbgzN8AdxNJAOEh2em1NpWLJ6w9pdiVlrWLdPwx1x9xuNLKeDubx5qN1ywB70z32UDMClmRkI8FTu5ITWw4k5DiUKioJr81nJLfWxzp_LulwfMcyzI3or3w2d4jD-2j9tOLYLzLZRH5p40
Frame ID: 5D9ABD4BBBBCBCB95D4D62CAEF5CC988
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: EF08D2776152E01D0818B75A2D36227F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4473F2D33B7E196514C04C47395F87D
Requests: 3 HTTP requests in this frame

Frame: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 26DE072F03DA33738065BD4578602240
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html
Frame ID: BF1F52AD03AB4F364E91EEAF8791C175
Requests: 11 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29485500073531004444554011942004&actionid=981741&produktid=&dt_url=
Frame ID: 1607FA9D0A4B44555CF91C9CA2909DEC
Requests: 1 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Frame ID: 1DEAE910C56B8EC16A7E62F72E2FC6B5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5AFB684B33F15928E2C90A5D325B2FEA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 1BACF12503A78C081682A86531F3B627
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7A9C02266FAF0C69F1BA505301A3BFB5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6m3WTjrZb66tfJ7OtvV7ZjsBZcdc63qMdSdKxl38_nMM1ugQ8q-gufxT8oJWTCT9SjxnIV4DHdjnuT6CmzlmQzagR8QPVDTRGTXYVUS-xFk6WjOl85Ou8xsoC_GmugzskRXYkLSkOZoyHPi41aW02bNxqF2sVC_UerX0QqgAB0HWqB2QXWoHv6b1A2FNCKO6jEZ8MyXfFDCzKdmGN1mx1b6p3SWfUTG5pMIyTK7O8IGA80lgXYDXHRkV4xPXLdJAeksQ715cQ2vgmqqmdTbsIqWyF1LWyUPht5h7t-Yju-Fu2PLr-6vjVKiE9UAKpJ8tK3eBVIoP4BFkviQ&sig=Cg0ArKJSzLgF6uZ23_nmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7CECE703AF9881D452260F164A91619E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

《金融》綜所稅5月開徵金融機構祭優惠搶客 – 翻爆 – 翻報

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

305
Requests

90 %
HTTPS

40 %
IPv6

47
Domains

66
Subdomains

56
IPs

10
Countries

3007 kB
Transfer

7869 kB
Size

42
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://greenearth.turnnewsapp.com/
Title: 永續綠地球

Search URL Search Domain Scan URL

URL: https://readers.ctee.com.tw/
Title: 工商時報

Search URL Search Domain Scan URL

URL: https://mycte.turnnewsapp.com/
Title: 娛樂時尚

Search URL Search Domain Scan URL

URL: https://benliton.com/
Title: e便利通

Search URL Search Domain Scan URL

URL: https://life.taiwan368.com.tw/
Title: 台灣368品味生活

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=Ms2isYwMBVEfd5mGHMVQmpxPh86Ebl6EgNT1_N8VOZI&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1115952&impid=popin-turnnewsapp.com-1&offerid=15542612&test=0&time=1651057911&cp=-gRLXsJIvOyQvVFwN2FsZngtpshGmJnhlHuREC84vh8&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=2222&trackingid=96cc4e89ff1786dac5d4fb71c1a0745a&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=ITrX82_fAp9DRoJzO2YlijfIsrFPe_1UnTr6p1day2NcFkapgUhVaVTxuocuMVndRtgiw7_joyfMSYGUd_ErwTeVb0Jy85IW1imexNsT7upG85-4nHusFPUY2578VVJ9-WdSQiHOzT5wvsL_3QMy0GbAv1JfM-uhE5__w8QZ75mwqpGVN4lYG66rHbzUrS0T-NPO_A8YW6QzxTbO3LUBCAUklDBtUTYW9PYYAtMl383b-pTDQOuZXDOWdMHE99a9HQ38Y_91-1BjdlowXyoz-qwTGx8mXbjKINP5QGwiiplBnwdKHhfKFJj1NjWC4Cgg&bm=1&la=de&cn=tw&cid=3553085&info=oEakXhpOwT-3pjW2k4eJ4_pALqpngH_5wurQwJyr61N1d4aA47olncSj65J8oPY_&sid=1__12__24&sp=Ms2isYwMBVEfd5mGHMVQmpxPh86Ebl6EgNT1_N8VOZI&scp=1NMBqgQEzZSSZyNM0PU7WuILw_SLPnos-RR22VCms2A&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=aNtkOgqMe4bkBnUUC78M86ZUb9cJEu5tDHe6d7YfjB8&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=m&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA95645002022041315185209

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=NktzIehSmGQ6tT02Pl0aDVqsh8cYFN1TVC1m0YJMcdU&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1273071&impid=popin-turnnewsapp.com-1&offerid=17019204&test=0&time=1651057911&cp=-gRLXsJIvOyQvVFwN2FsZngtpshGmJnhlHuREC84vh8&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=19452&trackingid=897e654f2d185f3c58e856c3b6ad6ba0&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=IPaLNjlVusIHdJpl12ywgK7doQTW_oL8TZKxgR93cvGM2s7IwzZU_eSYZFUTqpZjmtRDKyD1vsN9l0t8ZwH0u7YC0NZeNH8E-7ctnI5kTwPyZdNKKgKgR6ETINHJ4gS4&bm=1&la=de&cn=tw&cid=3632101&info=4enVsQzbKxQOFDE3kAsuS31lvPbbWT-_XyqJmmjftwAC9YvVKfjCBYFaK0ps-eNC&sid=1__12__24&sp=NktzIehSmGQ6tT02Pl0aDVqsh8cYFN1TVC1m0YJMcdU&scp=1NMBqgQEzZSSZyNM0PU7WuILw_SLPnos-RR22VCms2A&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=2PpCdmkmaEDbWmpeqw0E3I4GjHL1XJPKFFqwzNkjWxo&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA06668002022042610415583

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=HHahC8iZTM2TyABpIsCt-zFcV2jsPCn6dVmveQ_GIz0&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1270769&impid=popin-turnnewsapp.com-1&offerid=13837508&test=0&time=1651057911&cp=9u-iJ3GB1zc0ZQAuJa8aKBxROgNY1ReFLqCG2LBwVFA&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=1406&trackingid=fa1e091c7edc28cffc74a04078dca515&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=cZOaN9I0tFaLI1dVbuioQBkTCeEjYh1dMqrRG78_zlJ2XAHbal0z5K7tu4iRdGUgdoY3Gm6rZO_2omM2rWaFe6Q6yue9koBKAfczNUEpJTwJsTlrtV2aQ4Rc0LcvodaWtfYyDUrdB--c_zIMPpzDW6dRpWWsieEdkwQByqLUnm0OyJOIF3OiQy1xX8CoUaPmEi_2DqOmnaZUtGtVoFvu7h3CvIzWETv9bZ6zYpPU7F7yerhBfgf6Qc_wIqrgS_L50VbZPAUMZ_WFAXA0KVJRnxq147pGe6sMXfcgV-WLXm0&bm=1&la=de&cn=tw&cid=3461819&info=YUbKF1XkmByGwhxBc4hGxSVBtTahWH9O6bzbOoBkuaU&sid=1__12__24&sp=HHahC8iZTM2TyABpIsCt-zFcV2jsPCn6dVmveQ_GIz0&scp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=HHahC8iZTM2TyABpIsCt-zFcV2jsPCn6dVmveQ_GIz0&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=m&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA07659002022042515410084

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=zshHxGyFlpPjz-k6pdGRikiA1xKmMi-Od_Qn0_b1ETU&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1115952&impid=popin-turnnewsapp.com-1&offerid=13220188&test=0&time=1651057911&cp=-gRLXsJIvOyQvVFwN2FsZngtpshGmJnhlHuREC84vh8&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=2222&trackingid=4d840f330b5fedee49462537e1b434d4&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=m0VEuslP0uJVM8DhZsDqrLi0XgNSQuqLU0xBb8aaDzTyjZhHlb1klp7ajtYYAvnIGddcgMy8KMxj6Kk2gYGlKs4GIKx8tFqoFTYfASwoKqeFUW6Dao1wfLh--k5EY7-plAWoCc7UpkiIlas__tDlHUxTqwFL-ZDehpRmY1OMiMvp1oIgOUp2sgoTbwAjpugozc6P8FtH8VZYhy7Uuqs_93IYuQv9bdIZNOWn1XO0EtGZtYfQogAeFKRgcIYB72VPJxasdp8TG5iYK555AsFdDwyXcu7AHcgc82okOXDKphJ488x6GiqGIL9T_Fs1UdHH&bm=1&la=de&cn=tw&cid=3428927&info=oFr7Saac92IjAZfXOz2l6eBVNj2Re93TsEbGy1U6aQZ-VGkw79cEP1nkE-KtwQaz&sid=1__12__24&sp=zshHxGyFlpPjz-k6pdGRikiA1xKmMi-Od_Qn0_b1ETU&scp=1NMBqgQEzZSSZyNM0PU7WuILw_SLPnos-RR22VCms2A&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=SVlbcSteywGaM5BbaEaCouOfHtYutsbwJMCs9dsptaA&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=m&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=X6WchEnrfcKhyPIRv6LkOtO1q0mCZ1ZJlFQSCC45DCU&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1284932&impid=popin-turnnewsapp.com-1&offerid=16882597&test=0&time=1651057911&cp=-gRLXsJIvOyQvVFwN2FsZngtpshGmJnhlHuREC84vh8&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=19992&trackingid=73c3fac9985f7cebc3b52125ae99fa7b&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=3SPr4NFWXTzCpjZarogkoycAkWNK6ppTXn6lgB_O2vnCy7HhAivpro5r0pGrPSfMs4hQLQ0797apxD_Mq0y8359TUrLFkOo5qTybcKgOsel_hcWKzkRlijR3MBcz3jSi4Nm6BNrJCL-gWSKAmqJ-a8sKKExi03qU36KwjaEPtwkRu-ini_ubhyBPjhegBRIcmy3S6lVnfRjO3nayDyoP2g&bm=1&la=de&cn=tw&cid=3625153&info=zMee8CLvNuisJEfNcPf2n6EoVR6b0X72nqilRV7PlFxDheEhd7l6CYzO64BG2LDk&sid=1__12__24&sp=X6WchEnrfcKhyPIRv6LkOtO1q0mCZ1ZJlFQSCC45DCU&scp=1NMBqgQEzZSSZyNM0PU7WuILw_SLPnos-RR22VCms2A&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=LiKpBBwkORCbWbjKuQEj4hEZDJwZRQcAYoCY0xhP-os&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=m&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=5c-AhPmETJkGzyWMa41Dm_M5EA_cMoGwNA6qP7KrNW4&evt=102&rid=c67c6fab-2569-407a-abba-01506d6e11f5&campaignid=1285825&impid=popin-turnnewsapp.com-1&offerid=16814333&test=0&time=1651057911&cp=-gRLXsJIvOyQvVFwN2FsZngtpshGmJnhlHuREC84vh8&clickid=45_c67c6fab-2569-407a-abba-01506d6e11f5_popin-turnnewsapp.com-1&acid=19225&trackingid=1a73b1fca4f0c4d79e78c095dd7accb1&uid=a3bd76c79cea9c5a2971651057910874&jt=2&url=d1hzXH3jPWzZBqXUYvHIznligEdJAFRSa76LFNn6UfCO1PeZQw-M0h06lnCZXFkvbIIxQBT1rK4Cn0uAmldZRBdn94jLdvKyyp1VIC8beQ5odPyodsLNxWuvnlKkafDOgx7DsPmoSvJfnWvVownyiM-FOAWya6RaKvACkyupYHiw3wCYkprU6Cx9HCsgeslZ&bm=1&la=de&cn=tw&cid=3621906&info=jTdkEPWCHs87WSv-uuX6rlAnMi_rth_99odXjqHisy4MEgWPipRGL0IrHH-PG-gT&sid=1__12__24&sp=5c-AhPmETJkGzyWMa41Dm_M5EA_cMoGwNA6qP7KrNW4&scp=1NMBqgQEzZSSZyNM0PU7WuILw_SLPnos-RR22VCms2A&acu=TWD&scu=USD&sgcp=58-MD4xtbf235WcT-oiJhrL-pcE-wllMIDfFmbU3VII&gprice=yPizJoKm6aaeSXxdJXaRonx42Lh2C12Y98FHcD44ts8&gcp=ZPE7yvZUgcFyHZ90_njQ2y3z5KM9G7QcuEPFcNWC8Pw&ah=tw.popin.cc&pb=m&de=turnnewsapp.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA88131002022041912390262

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA07659002022042115264331

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2FA86127002022032915342578

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/tw/app/fan-bao-for-iphone/id1033416067?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=tw.com.chinatimes.anr

Search URL Search Domain Scan URL

URL: https://onelink.to/n9atq2

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%E7%BF%BB%E7%88%86-1433876320017413/

Search URL Search Domain Scan URL

URL: https://ftdesign.tw/
Title: FT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://sb.scorecardresearch.com/b?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&c7=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&c7=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&c9=

Request Chain 146

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELu_KqNnia-jbEeK8rnq9Ws&google_cver=1&google_push=AYg5qPJhK1LIXM-45U-DiM3QIDO2RNwhELOie1PgemyGmHD5cxQIOYyCIbRQ4eHOrXskXTWG9ZAds98_znp6yt8mit2F0ihOj6p7aA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELu_KqNnia-jbEeK8rnq9Ws&google_cver=1&google_push=AYg5qPJhK1LIXM-45U-DiM3QIDO2RNwhELOie1PgemyGmHD5cxQIOYyCIbRQ4eHOrXskXTWG9ZAds98_znp6yt8mit2F0ihOj6p7aA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-M7tiqlRaOmgfKbMa6oKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhK1LIXM-45U-DiM3QIDO2RNwhELOie1PgemyGmHD5cxQIOYyCIbRQ4eHOrXskXTWG9ZAds98_znp6yt8mit2F0ihOj6p7aA

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJpiosU-211ud3D8ypY_d9T6mG43Ew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEQtMTctNDQyVg==&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJpiosU-211ud3D8ypY_d9T6mG43Ew

Request Chain 148

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_cver=1&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsYDnZRcreefRcldkftTVH90qsxmT9dP4IokM1kG5nNSP23nRqvxJA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsYDnZRcreefRcldkftTVH90qsxmT9dP4IokM1kG5nNSP23nRqvxJA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9CIAJBo9hMHWCSWRpgAABLIAAAAB&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsYDnZRcreefRcldkftTVH90qsxmT9dP4IokM1kG5nNSP23nRqvxJA&google_cver=1

Request Chain 153

https://d.agkn.com/pixel/2175/?google_gid=CAESEOe5f1DnT1hM-gzH89PiGj0&google_cver=1&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A&google_hm=Q0FFU0VPZTVmMURuVDFoTS1nekg4OVBpR2ow

Request Chain 155

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELu_KqNnia-jbEeK8rnq9Ws&google_cver=1&google_push=AYg5qPLsJquMyvZ4KUWvao6iPRlPwGbfH1EJxcpY1_LB3tF3dqk59PHCxIIhxHGVUYkdSoeQKXh2QW_Egnp2nAWoUMp8ls3gMHZmbA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELu_KqNnia-jbEeK8rnq9Ws&google_cver=1&google_push=AYg5qPLsJquMyvZ4KUWvao6iPRlPwGbfH1EJxcpY1_LB3tF3dqk59PHCxIIhxHGVUYkdSoeQKXh2QW_Egnp2nAWoUMp8ls3gMHZmbA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vR6CYpnxTJu0qQGI1FQFEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsJquMyvZ4KUWvao6iPRlPwGbfH1EJxcpY1_LB3tF3dqk59PHCxIIhxHGVUYkdSoeQKXh2QW_Egnp2nAWoUMp8ls3gMHZmbA

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7rpE_VWM6Bwi9NmSDt9pQmp2Xe2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEktQi1KNzg4&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7rpE_VWM6Bwi9NmSDt9pQmp2Xe2g

Request Chain 157

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_cver=1&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg9BaO1t8QpOhCF_80Q7RO596E HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg9BaO1t8QpOhCF_80Q7RO596E&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9Kzf7bR-SEC_GQYdxQAABIkAAAIB&google_cver=1&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg9BaO1t8QpOhCF_80Q7RO596E&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1

Request Chain 215

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ymkk9Kzf7bR.SEC-GQYdxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1&google_hm=2

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECEFY7ZHvmOXrF0M6ia0wSU&google_cver=1

Request Chain 217

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODczMjU4MTE2MDQ5MzQyODc4Mw%3D%3D

Request Chain 220

https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 227

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29485500073531004444554011942004&actionid=981741&produktid=&dt_url=

Request Chain 230

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 256

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ueSEBhmJEQ7W5SMe1T4dmpXHW607lynrZfNC_nGQxP0NypAyA6uzOPlR0E&google_gid=CAESEAnTa8fDVV2U_D5u5Ubcg4c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1razlnQUFBQ2pPYTFiag&google_push=AYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ueSEBhmJEQ7W5SMe1T4dmpXHW607lynrZfNC_nGQxP0NypAyA6uzOPlR0E

Request Chain 257

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-LytiAu_yYWt3QccDgP9yCn37DCfvWsTxDOEU2gSHLz1PvWl6PLvxZ1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-LytiAu_yYWt3QccDgP9yCn37DCfvWsTxDOEU2gSHLz1PvWl6PLvxZ1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NGJySnhlZFcxTkpGQWk1&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-LytiAu_yYWt3QccDgP9yCn37DCfvWsTxDOEU2gSHLz1PvWl6PLvxZ1

Request Chain 258

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2OvbvYREqMkX1cqhKdKVAtZVJ2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDkwWUQtMy00MUFB&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2OvbvYREqMkX1cqhKdKVAtZVJ2

Request Chain 259

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDxSm4CZccqxi6lICuU2GaE&google_cver=1&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDxSm4CZccqxi6lICuU2GaE&google_cver=1&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo&google_hm=570c633ba5440b67e81919ad

Request Chain 260

https://onetag-sys.com/sync/i,19/?google_gid=CAESELUNQC-BAknSGF1d6CVkW_Y&google_cver=1&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV

Request Chain 261

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELUNQC-BAknSGF1d6CVkW_Y&google_cver=1&google_push=AYg5qPLRe7g6GDbyNjNnuGY4HCQFGX0zR11_AJe9iwCEKZD25tC1fkCGCukqFxv8Os0JIPuBOsH9QKaeRiZpU2anyLtGrkRfWLtjbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLRe7g6GDbyNjNnuGY4HCQFGX0zR11_AJe9iwCEKZD25tC1fkCGCukqFxv8Os0JIPuBOsH9QKaeRiZpU2anyLtGrkRfWLtjbw HTTP 302
https://onetag-sys.com/sync/i,19/?google_error=5

Request Chain 275

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 277

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

305 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request @@www.chinatimes.com--realtimenews--20220426003222-260410 Show response
turnnewsapp.com/livenews/finance/ 100 KB
23 KB 1920ms
1586ms Document
text/html 52.187.36.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.187.36.104 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / PHP/7.2.13

Resource Hash

0bb9d1bf05ac965c4f6b170fa5f190d210664b813c522920d5a4b4a3d4510edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 11:11:45 GMT
fastcgi-cache: MISS
server: nginx
vary: Accept-Encoding
x-cache-scheme: http
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.13
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
tnapcdn2.azureedge.net/wp-content/plugins/contact-form-7/includes/css/ 2 KB
938 B 84ms
12ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF2) /

Resource Hash

1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 905847
x-cache: HIT
content-length: 656
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 16 Apr 2018 14:21:44 GMT
server: ECAcc (frc/8FF2)
x-frame-options: SAMEORIGIN
etag: "5ad4b178-693"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 webfonts.css
tnapcdn2.azureedge.net/wp-content/themes/publisher/css/ 4 KB
549 B 102ms
30ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/css/webfonts.css?ver=4.9.18

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E97) /

Resource Hash

e6ad41fe0b269c88835b4941e2330ae598dd3a310d47d3b217f1e294619695fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 963807
x-cache: HIT
content-length: 450
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 22 Apr 2019 12:44:55 GMT
server: ECAcc (frc/8E97)
x-frame-options: SAMEORIGIN
etag: "5cbdb747-1065"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 amy_main.css
tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/ 53 KB
6 KB 102ms
31ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/amy_main.css

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F44) /

Resource Hash

59af1214f80f19f1eb0e609312209ad2b0484f4145614a94a86539dad0e00dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16178
x-cache: HIT
content-length: 5776
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Fri, 04 May 2018 09:15:08 GMT
server: ECAcc (frc/8F44)
x-frame-options: SAMEORIGIN
etag: "5aec249c-d393"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 addtoany.min.css
tnapcdn2.azureedge.net/wp-content/plugins/add-to-any/ 1 KB
585 B 85ms
14ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F77) /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1169539
x-cache: HIT
content-length: 487
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Wed, 30 Mar 2022 10:10:00 GMT
server: ECAcc (frc/8F77)
x-frame-options: SAMEORIGIN
etag: "62442c78-5ef"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 66ms
27ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4874
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 70271e8b8a3c9ba6-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
tnapcdn2.azureedge.net/wp-includes/js/jquery/ 95 KB
33 KB 108ms
36ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F98) /

Resource Hash

cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21884
x-cache: HIT
content-length: 33804
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 16 Aug 2021 18:34:57 GMT
server: ECAcc (frc/8F98)
x-frame-options: SAMEORIGIN
etag: "611aafd1-17a6a+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
tnapcdn2.azureedge.net/wp-includes/js/jquery/ 10 KB
4 KB 99ms
27ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE5) /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21884
x-cache: HIT
content-length: 4014
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Fri, 13 Apr 2018 09:03:02 GMT
server: ECAcc (frc/8FE5)
x-frame-options: SAMEORIGIN
etag: "5ad07246-2748+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 addtoany.min.js Show response
tnapcdn2.azureedge.net/wp-content/plugins/add-to-any/ 129 B
204 B 13ms
10ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F9D) /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141628
x-cache: HIT
content-length: 126
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Wed, 30 Mar 2022 10:10:00 GMT
server: ECAcc (frc/8F9D)
x-frame-options: SAMEORIGIN
etag: "62442c78-81+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 css-lazy-load.min.js Show response
tnapcdn2.azureedge.net/wp-content/plugins/wp-disable/js/ 1 KB
699 B 105ms
33ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/wp-disable/js/css-lazy-load.min.js?ver=4.9.18

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1F) /

Resource Hash

253d8b908a5d3770fce2e7a9c469dd59cd4a341c0b7185d428030a879d02036d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21883
x-cache: HIT
content-length: 598
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Tue, 17 Aug 2021 16:28:06 GMT
server: ECAcc (frc/8F1F)
x-frame-options: SAMEORIGIN
etag: "611be396-4fe+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 modernizr.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.2/ 50 KB
14 KB 64ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.2/modernizr.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3421025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13382
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FdMumV%2BK6YIOI5mDsvENSC8%2FSD4E4GaDlb6w3wuUE9qGa2lFmPrVMzudK%2FDLRMPxDOyEmCLuLfU9Xliv9XQ6eSAGZYFzxLaPOSgITpMwMDHMbzvwC%2FWa0PUmcLx3XsVno4Z9RLZ4jA5WNXwyhKSQF%2BB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70271e8b8a4b6904-FRA
expires: Mon, 17 Apr 2023 11:11:46 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 51ms
10ms Script
text/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-87.dus51.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:01:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 591
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: Mafrbr_r3uE-Fg0sNnERV49KQxL9hcOZvo2j4yG8KQ5o18t473S_lQ==

GET
H2 200 loader.min.js Show response
d.line-scdn.net/r/web/social-plugin/js/thirdparty/ 5 KB
2 KB 170ms
8ms Script
application/javascript 184.30.25.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.25.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-25-99.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

f89298795c0af60fffc022d76855f3f4f3926d3a519d78ff09438823bfb92c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "95fff2b31670765184673e81af755722"
x-amz-request-id: tx00000000000001e339737-00621f64ef-f4beee5-jp2
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
content-length: 1588
last-modified: Thu, 24 Feb 2022 10:22:20 GMT
server: VOS
x-amz-meta-s3cmd-attrs: md5:95fff2b31670765184673e81af755722
date: Wed, 27 Apr 2022 11:11:46 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=135088
accept-ranges: bytes
expires: Fri, 29 Apr 2022 00:43:14 GMT

GET
H2 200 vue.min.js Show response
tnapcdn2.azureedge.net/wp-includes/js/ 91 KB
33 KB 105ms
34ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-includes/js/vue.min.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F2B) /

Resource Hash

72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351193
x-cache: HIT
content-length: 34096
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Thu, 20 Jun 2019 09:54:23 GMT
server: ECAcc (frc/8F2B)
x-frame-options: SAMEORIGIN
etag: "5d0b57cf-16deb+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
29 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcfb691fb59571e9bec752c087ee8d17bed93bfbf20691b4c40a5777feb0e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28711
x-xss-protection: 0
server: sffe
etag: "1198 / 203 of 1000 / last-modified: 1651055637"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H2 200 smart-app-banner.css
tnapcdn2.azureedge.net/smart-app-banner/dist/ 6 KB
1 KB 103ms
32ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/smart-app-banner/dist/smart-app-banner.css

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F74) /

Resource Hash

c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
x-cache: HIT
content-length: 1297
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 10 Dec 2018 06:56:27 GMT
server: ECAcc (frc/8F74)
x-frame-options: SAMEORIGIN
etag: "5c0e0e1b-17bc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 smart-app-banner.js Show response
turnnewsapp.com/smart-app-banner/dist/ 25 KB
25 KB 164ms
164ms Script
application/javascript 52.187.36.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://turnnewsapp.com/smart-app-banner/dist/smart-app-banner.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.187.36.104 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:45 GMT
x-cache-scheme: http
last-modified: Mon, 10 Dec 2018 06:56:27 GMT
server: nginx
etag: "5c0e0e1b-63df"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25567
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 26a873950ac113e45d1fd3e96959ca80.css
tnapcdn2.azureedge.net/wp-content/bs-booster-cache/ 704 KB
101 KB 86ms
15ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/bs-booster-cache/26a873950ac113e45d1fd3e96959ca80.css

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F20) /

Resource Hash

2894dfe7bce6520193b05aa5f602f2740447bc9329a4afe9b0e3a5e416a26556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1184587
x-cache: HIT
content-length: 103185
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 11 Apr 2022 01:13:51 GMT
server: ECAcc (frc/8F20)
x-frame-options: SAMEORIGIN
etag: W/"625380cf-b004d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 1fde288b37d2eb24456c31e37909e839.css
tnapcdn2.azureedge.net/wp-content/bs-booster-cache/ 46 KB
6 KB 688ms
617ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/bs-booster-cache/1fde288b37d2eb24456c31e37909e839.css

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx /

Resource Hash

5fc44213f47ad560bc6f53e4237e6e59c1a3939ba60e091767efcb32d17dcd6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-cache-scheme: http
last-modified: Wed, 27 Apr 2022 11:07:43 GMT
server: nginx
etag: W/"626923ff-b83e"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=1209600
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 logo.jpg
imgv.azureedge.net/wpupload/2019/04/ 10 KB
10 KB 176ms
9ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2019/04/logo.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F33) /
Resource Hash: 44ff50f75f6bc158bab50f4e2c677dfec0bc5c6a22955c2d4f26d352d56cce60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:46 GMT
age: 820886
x-cache: HIT
content-length: 9997
x-ms-lease-status: unlocked
last-modified: Mon, 22 Apr 2019 11:16:04 GMT
server: ECAcc (frc/8F33)
x-ms-blob-committed-block-count: 1
etag: 0x8D6C713E9079C96
content-type: image/jpeg
x-ms-request-id: 88307263-c01e-000f-53b0-52758c000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
39 KB 136ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCNVZWH

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8f75c47aab52860c3b422ea0b6a2601fbfc03feda66e324749faab819fabe13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39180
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
40 KB 204ms
120ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVSHM5K

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d7f9bb7b1a2a042e4aec02eae0538ee0fa3444e7b30a1775c9c58d0233e4904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41166
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 182ms
98ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMN8QWS

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

284a8f0641c82d76d4b45bb6d3e2708cd18e65046adfc6cf71de3975eda2870b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39858
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H2 200 appstore.png
tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/ 4 KB
4 KB 18ms
16ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/appstore.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAB) /

Resource Hash

f9afdeab68ea42e6498e4cd13d50bb5ff0f0774ce9739a59093249cc37d349c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Thu, 29 Mar 2018 02:56:44 GMT
server: ECAcc (frc/8FAB)
age: 787489
etag: "5abc55ec-ffc"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 4092
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 googleplay.png
tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/ 5 KB
5 KB 16ms
15ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/googleplay.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F52) /

Resource Hash

a5cf033c46c3ebb60101ea75c29a99d4c3261c7b4f070046c2cd521ae14ea77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Thu, 29 Mar 2018 02:56:44 GMT
server: ECAcc (frc/8F52)
age: 787489
etag: "5abc55ec-13e4"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5092
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 apk.png
tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/ 2 KB
2 KB 16ms
15ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/apk.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD8) /

Resource Hash

6e0b3c51a9c918145ce300f24b2e5ac149bb8aa53c01beb530818a10e6b90a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Thu, 29 Mar 2018 02:56:44 GMT
server: ECAcc (frc/8FD8)
age: 787489
etag: "5abc55ec-6c0"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1728
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 fb.png
tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/ 856 B
929 B 16ms
16ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/images/app_icon/fb.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F92) /

Resource Hash

ab2f5ae60a8e09ad331a29e8ee9795ab9ab58cf82088121977f0672bb49699e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Thu, 29 Mar 2018 02:56:44 GMT
server: ECAcc (frc/8F92)
age: 787489
etag: "5abc55ec-358"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 856
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 better-post-views.min.js Show response
tnapcdn2.azureedge.net/wp-content/plugins/better-post-views/js/ 336 B
317 B 10ms
10ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/better-post-views/js/better-post-views.min.js?ver=1.5.1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F27) /

Resource Hash

cc0dd54d8c653172eebaffb647e3d7fb1d7fc8afde84ed6af00f324a9a393e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741111
x-cache: HIT
content-length: 217
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 26 Feb 2018 09:53:38 GMT
server: ECAcc (frc/8F27)
x-frame-options: SAMEORIGIN
etag: "5a93d922-150+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 scripts.js Show response
tnapcdn2.azureedge.net/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 17ms
15ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F09) /

Resource Hash

14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292598
x-cache: HIT
content-length: 4036
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 16 Apr 2018 14:21:45 GMT
server: ECAcc (frc/8F09)
x-frame-options: SAMEORIGIN
etag: "5ad4b179-38d7+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 advertising.min.js Show response
tnapcdn2.azureedge.net/wp-content/plugins/better-adsmanager/js/ 29 B
122 B 12ms
10ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.16.3

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7A) /

Resource Hash

c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Wed, 10 Jan 2018 07:26:04 GMT
server: ECAcc (frc/8F7A)
age: 21882
etag: "5a55c00c-1d"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1209600
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 29
x-xss-protection: 1; mode=block
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 6221698c0608299b16af3c569222c88c.js Show response
tnapcdn2.azureedge.net/wp-content/bs-booster-cache/ 251 KB
72 KB 12ms
11ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/bs-booster-cache/6221698c0608299b16af3c569222c88c.js?ver=4.9.18

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF2) /

Resource Hash

c88b6395065db15a517fb4aae1612c9b5ab0a66f1f190d4cb64a0c61d6efbb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141631
x-cache: HIT
content-length: 73258
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Tue, 12 Apr 2022 01:13:51 GMT
server: ECAcc (frc/8FF2)
x-frame-options: SAMEORIGIN
etag: "6254d24f-3eb19+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 fontawesome-webfont.woff2
turnnewsapp.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 175ms
175ms Font
application/octet-stream 52.187.36.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://turnnewsapp.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-content/bs-booster-cache/26a873950ac113e45d1fd3e96959ca80.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.187.36.104 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnapcdn2.azureedge.net/
Origin: https://turnnewsapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-cache-scheme: http
last-modified: Wed, 10 Jan 2018 07:35:27 GMT
server: nginx
etag: "5a55c23f-12d68"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77160
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 44ms
10ms XHR
text/plain 35.156.233.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=turnnewsapp.com&location=%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&product=custom-share-buttons&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=110%E5%B9%B4%E5%BA%A6%E7%B6%9C%E5%90%88%E6%89%80%E5%BE%97%E7%A8%855%E6%9C%881%E6%97%A5%E5%B0%87%E9%96%8B%E5%BE%B5%EF%BC%8C%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%87%BA%E5%90%84%E5%BC%8F%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%E6%88%B6%EF%BC%8C%E5%85%B6%E4%B8%AD%EF%BC%8C%E5%85%86%E8%B1%90%E9%8A%80%E4%BF%A1%E8%B2%B8%E5%89%8D3%E5%80%8B%E6%9C%88%E5%88%A9%E7%8E%87%E5%83%850.1%25%E3%80%82%20%20%E5%85%86%E8%B1%90%E9%87%91(2886)%E6%97%97%E4%B8%8B%E5%85%86%E8%B1%90%E9%8A%80%E8%A1%8C%E9%87%9D%E5%B0%8D%E7%B9%B3%E7%A8%85%E5%AD%A3%EF%BC%8C%E6%8E%A8%E5%87%BA%E7%B7%9A%E4%B8%8A%E4%BF%A1%E8%B2%B8%E5%84%AA%E6%83%A0%E6%96%B9%E6%A1%88%EF%BC%8C%E8%A9%B2%E6%96%B9%E6%A1%88%E6%8E%A1%E4%BA%8C%E6%AE%B5%E5%BC%8F%E5%88%A9%E7%8E%87%EF%BC%8C%E7%AC%AC%E4%B8%80%E6%AE%B5(...

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.233.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-233-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://turnnewsapp.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame B8E3 741 B
554 B 26ms
26ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 154586
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 70271e8bfb549ba6-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 11:11:46 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H2 200 pubads_impl_2022042501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 114ms
32ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 10:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126856
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 08:44:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Apr 2023 10:30:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
741 B 124ms
43ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=turnnewsapp.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d3589cd4bfabe49134038c5c0206d0dfd1624f9631fbbf1d6ee700031e6bae20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 131ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MG9KYKHBE0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNVZWH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0114c1fd666acce213b037152912acfe1f7c037be79e144e5d5f4108410cab96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67749
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 146ms
70ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-02QF6DE9S0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNVZWH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30adc40695cfee2d78a70c7439a376f466763eb5042d261f1ef1370b3cb74e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67669
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:11:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCNVZWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5816
date: Wed, 27 Apr 2022 09:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Apr 2022 11:34:50 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
12ms Script
application/javascript 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 03:22:39 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 28148
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: XANPQ2QWZZDihbCwMfJ0ua8M0qzA2vV0tEdcMtB1u1qh-82p4GMzJg==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E...
https://sb.scorecardresearch.com/b2?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%...

0
190 B

15ms
14ms

Image
text/plain

108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&c7=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&c9=
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: _ZhHMW-4JSfZDQ2LZ_V4YboRTDuChxhWJk2R9k_aT7AOqiYyueQrTw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=9457284&ns__t=1651057906718&ns_c=UTF-8&cv=3.5&c8=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&c7=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&c9=
date: Wed, 27 Apr 2022 11:11:46 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: e00QbhCm4vuu7lQJ53hcS4NL3siAro0-1JMEDto8CXjf8vrxi3o6Qw==
x-cache: Miss from cloudfront

GET
H2 200 archivo-v3-latin-600.woff2
tnapcdn2.azureedge.net/wp-content/themes/publisher/fonts/ 17 KB
18 KB 29ms
10ms Font
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/fonts/archivo-v3-latin-600.woff2

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-content/themes/publisher/css/webfonts.css?ver=4.9.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4C) /

Resource Hash

ff94f2ff683ad9b47d04db9b4054b8614ebaab64f6c7fd1756348c2d7fe4dc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnapcdn2.azureedge.net/wp-content/themes/publisher/css/webfonts.css?ver=4.9.18
Origin: https://turnnewsapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-content-type-options: nosniff
age: 387975
x-cache: HIT
content-length: 17684
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Wed, 02 May 2018 08:23:26 GMT
server: ECAcc (frc/8F4C)
etag: "5ae9757e-4514"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

GET
H2 200 archivo-v3-latin-regular.woff2
tnapcdn2.azureedge.net/wp-content/themes/publisher/fonts/ 17 KB
17 KB 10ms
10ms Font
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/themes/publisher/fonts/archivo-v3-latin-regular.woff2

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-content/themes/publisher/css/webfonts.css?ver=4.9.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F05) /

Resource Hash

7e234b43a45b719a607228464cf9bd7db056ec971072e9b6311c01c43820c34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnapcdn2.azureedge.net/wp-content/themes/publisher/css/webfonts.css?ver=4.9.18
Origin: https://turnnewsapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
x-content-type-options: nosniff
age: 16176
x-cache: HIT
content-length: 17272
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Wed, 02 May 2018 08:23:28 GMT
server: ECAcc (frc/8F05)
etag: "5ae97580-4378"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 125ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1385509129&t=pageview&_s=1&dl=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&ul=en-us&de=UTF-8&dt=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=895060038&gjid=250802642&cid=370995894.1651057907&tid=UA-89193612-7&_gid=1079773675.1651057907&_r=1&gtm=2wg4p0PCNVZWH&z=917779409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://turnnewsapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 121ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1385509129&t=pageview&_s=1&dl=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&ul=en-us&de=UTF-8&dt=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=2086590474&gjid=1353108602&cid=370995894.1651057907&tid=UA-123959537-6&_gid=1079773675.1651057907&_r=1&gtm=2wg4p0KMN8QWS&z=1196220996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://turnnewsapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
51ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 277ms
212ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=326879910431150&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnews_all_top_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=1&adks=179211431&didk=1776888936&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1651057906969&lmt=1651057906&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=633&adys=39&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x97&msz=970x-1&fws=4&ohw=696&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

47143522f29857e01e5882b606731cdff90bef6328467b0fdb01411370bb9509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC98 6 KB
4 KB 172ms
49ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 368ms
325ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=326879910431150&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnews_content_RT_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=2&adks=363493275&didk=88932270&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1651057906994&lmt=1651057906&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=1026&adys=252&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=307x25&msz=300x0&fws=4&ohw=307&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3cc919cb94b48faf4419f5e0951aefc12a72945bdc6bc9d5a1128a8f90acb910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10002
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1070ms
410ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?a453a17b06d6346eae5cc1295ed473b8

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4c4b1d8508a9ec185263e7822b2e0f357258f95e51531a11d4f253264153279c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:47 GMT
Content-Encoding: gzip
Server: apache
Etag: 58d4255b06136c8ba1d20ddd3b3e7f69
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11014

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MG9KYKHBE0&gtm=2oe4p0&_p=1385509129&_z=ccd.NbB&cid=370995894.1651057907&ul=en-us&sr=1600x1200&_s=1&sid=1651057906&sct=1&seg=0&dl=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&dt=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MG9KYKHBE0&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-02QF6DE9S0&gtm=2oe4p0&_p=1385509129&_z=ccd.NbB&cid=370995894.1651057907&ul=en-us&sr=1600x1200&_s=1&sid=1651057906&sct=1&seg=0&dl=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&dt=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-02QF6DE9S0&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-awesome.css
tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/ 27 KB
5 KB 7ms
7ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/font-awesome.css

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-content/plugins/wp-disable/js/css-lazy-load.min.js?ver=4.9.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1A) /

Resource Hash

977710f6ff8b5ae9efb7ab3628365e3020baf7850de234098719edc7808ee142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
x-cache: HIT
content-length: 5078
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Mon, 22 Apr 2019 12:48:25 GMT
server: ECAcc (frc/8F1A)
x-frame-options: SAMEORIGIN
etag: "5cbdb819-6a0c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:47 GMT

POST
H2 200 admin-ajax.php Show response
turnnewsapp.com/ft-admin/ 56 B
312 B 1551ms
1551ms XHR
text/html 52.187.36.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://turnnewsapp.com/ft-admin/admin-ajax.php

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.187.36.104 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / PHP/7.2.13

Resource Hash

d0ded4a27ac8b313b9b8ac1a5f78ebe82c00241a100f285878417f793a050884

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-powered-by: PHP/7.2.13
p3p: CP="NOI"
x-xss-protection: 1; mode=block
pragma: no-cache
x-cache-scheme: http
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, no-cache, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fontawesome-webfont.woff
tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/fonts/ 82 KB
82 KB 10ms
10ms Font
application/font-woff 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: tnapcdn2.azureedge.net
URL: https://tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/font-awesome.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA5) /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnapcdn2.azureedge.net/wp-content/plugins/VC_amy_slider/css/fontawesome/font-awesome.css
Origin: https://turnnewsapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
x-content-type-options: nosniff
age: 16177
x-cache: HIT
content-length: 83760
x-xss-protection: 1; mode=block
x-cache-scheme: http
last-modified: Wed, 10 Jan 2018 07:29:31 GMT
server: ECAcc (frc/8EA5)
etag: "5a55c0db-14730"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 0427-01-86x64.png
imgv.azureedge.net/wpupload/2022/04/ 10 KB
10 KB 661ms
659ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/0427-01-86x64.png
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5e8e12a8f691bfb0ec7d172cec47f683819945feafbc98d6dffcb953cc2926d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 08:30:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA282831501EFC
content-type: image/png
x-ms-request-id: 9a8ee02e-f01e-0059-2027-5a8463000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 10088
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 ct06075-3520-27-12-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 3 KB
3 KB 635ms
633ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/ct06075-3520-27-12-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 636d605a652f5adce7b9b1d6d82bd530a057078f88d6510d8144dcc5f79c23d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 05:10:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA280C34E4FF3C
content-type: image/jpeg
x-ms-request-id: 68c64836-c01e-000f-7e27-5a758c000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 3119
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 042701-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 2 KB
2 KB 729ms
726ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/042701-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2e7ba5da0793528c3f2cc53bcd7c73b9aa9bcaf88de21a4b409f9c115f1a8f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 08:54:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA282B843A7D82
content-type: image/jpeg
x-ms-request-id: 73348e79-701e-000a-5227-5aa757000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 2274
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 ct06115-6858-0427-01-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 3 KB
3 KB 654ms
652ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/ct06115-6858-0427-01-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f338a945aef9b859ceffae9184bfd061b93d419d2be48fb1d898dada3222f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 08:38:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA28294E1A0071
content-type: image/jpeg
x-ms-request-id: dcd7357a-801e-001e-3027-5aef38000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 2800
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 0427-1-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 2 KB
2 KB 720ms
718ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/0427-1-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f00f35d7f4d4b37e3108f704b10f8da7e29cdbeae9f690325645cec41e431d72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 08:21:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA2826EF095BD1
content-type: image/jpeg
x-ms-request-id: dcd7359d-801e-001e-5027-5aef38000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 2039
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 ct06075-3520-27-11-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 3 KB
3 KB 641ms
640ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/ct06075-3520-27-11-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f6b18b2e7c12836d2f778d867f7726510a5b924e53cc136877c933490608ba7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Wed, 27 Apr 2022 05:04:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DA280B5ADC0512
content-type: image/jpeg
x-ms-request-id: 884b02f5-901e-004f-3027-5a72b4000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
content-length: 2882
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H2 200 ct06075-3520-27-10-86x64.jpg
imgv.azureedge.net/wpupload/2022/04/ 3 KB
3 KB 11ms
9ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgv.azureedge.net/wpupload/2022/04/ct06075-3520-27-10-86x64.jpg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F27) /
Resource Hash: 24f6b8427921b5527105265ae811ecbe0253cf8de4993f677b05d6bcee78aacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-blob-type: AppendBlob
date: Wed, 27 Apr 2022 11:11:47 GMT
age: 15782
x-cache: HIT
content-length: 3064
x-ms-lease-status: unlocked
last-modified: Wed, 27 Apr 2022 05:01:30 GMT
server: ECAcc (frc/8F27)
x-ms-blob-committed-block-count: 1
etag: 0x8DA280AFE36FDD2
content-type: image/jpeg
x-ms-request-id: 4e446d23-501e-0032-4202-5a0397000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Wed, 11 May 2022 11:11:47 GMT

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12AC 6 KB
3 KB 120ms
42ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46DD 6 KB
3 KB 52ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 46DD 0
0 71ms
71ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBCyK8yRpYri4DcrP7_UPrrmE4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQLYj3VkVNqxPuACAKgDAaoErwJP0NTo-aliVmFNi7qf7XKVBqu-zCF6XqQjUJdpS4eXewwnbvbPs7Y8vy013DtLZN3WVpXLDN0dDJZJfsaZVlj_yqVaNDs00RRQAaAKuFIah3w27b7mizvgQ-K2KztZYrNY2HAWDkdRqsISPgf6Sp5aIuuBvvbflebbpbu5nN6M_b4bmlxf1r9e3NmgNrDZpjPrM3Jdhr9NB90ZPSeQeJKE-5x7Q52jPd-DEK2apkyJC1LYm71LKD2Ba07SpMDUElWWyj9aUTkyvVrf45VcnvwgRg80X_aBLO16pn9T0VkQxSibrjGbbK1f9yO5xNXceOwSEJvITX-in1XCV8P2XRuQdNAbIyeZunNkWCSNGdNB8BQrtWPFKTIgEneXZRoqqLXGEM6XGqEyilTgFfZnFtTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MjM5NzkyNzM5MDQ0MDkxGK2MbA&sigh=u6ILnnZl9Tw&uach_m=[UACH]&cid=CAQSPwCNIrLME25pmpSNFVg5p0QCN4rDn_6Y6lMwsRs35bFMajFaRe8uKzwM8OJqH0ueuQHJ14qAmlE5T4Wt1shQ_hgB
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 46DD 0
0 222ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEuGBMNACmAKdg2ICAgAAAH7A1XbzGAsyEPIkaWJF-TIROpS4dwkNkQASAAA&wp=Ymkk8wADXDgIu-fKAAEcruquCvVuMqGZt87MkA

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 247137
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6DF7 45 KB
18 KB 91ms
34ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wADXDgIu-fKAAEcruquCvVuMqGZt87MkA&u=%7CEIFsa0k%2B5PO2lMMF%2BsuCSATyqMfiGCuhHcVk0DZzpyg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR4gVdBR-5ATnG8SNiBv8q8BsOXF0xFMfkxesTWqpisMthi0Y65eIghAVh83fDWNqFU3NBCuKyty7TE8pD9BoaDsF-46h8oB0cWYwDdsS8z5z46RIsUle8Bi6uex7AZ7M07kJK1ZlYyKxjzhEcm1Y-F-9nXwSnd4iWxAzuQM2ieknE91MVrcMGD3vd8dGgSpc8Hf4CD8Ts0aWV1fNwpkynrlSlHDFSyHDYFP7niZx6YyKNqgq7hPCXc1ipEMypEuz-PptaWU0uhIFMouDs2iH2FuHg12N-9C_mcaWzgeWUsR9ZrqM0FCPIpAevKLcH9MC22UJ4TLGeWWvOD5X09pQBPwgESGNxPx5kAfWlB2yrmBYzduJu3wX9Id&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClWer8yRpYri4DcrP7_UPrrmE4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQLYj3VkVNqxPuACAKgDAaoEsgJP0NTo-aliVmFNi7qf7XKVBqu-zCF6XqQjUJdpS4eXewwnbvbPs7Y8vy013DtLZN3WVpXLDN0dDJZJfsaZVlj_yqVaNDs00RRQAaAKuFIah3w27b7mizvgQ-K2KztZYrNY2HAWDkdRqsISPgf6Sp5aIuuBvvbflebbpbu5nN6M_b4bmlxf1r9e3NmgNrDZpjPrM3Jdhr9NB90ZPSeQeJKE-5x7Q52jPd-DEK2apkyJC1LYm71LKD2Ba07SpMDUElWWyj9aUTkyvVrf45VcnvwgRg80X_aBLO16pn9T0VkQxSibrjGbbK1f9yO5xNXceOwSEJvITX-in1XCV8P2XRuQdNAbIyeZunNkGiasi1TObAeUKXdm-Q-G6n6Db6wghq1EpAaqvFONlHj4kFzjBWui75fgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0poSsc_QVTpq2F3Mj5VSUE6eGlJA%26client%3Dca-pub-8239792739044091%26adurl%3D

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

53c4eb7c3da9a3bedc8095131f426e4d18bfa999c92f2d0e666b2eb5710bd157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9cpDs5FRI3NhTQLvT6VP1B3PXqZal_XqLFw4x7E62Xumh1fNuDb2RBQXHgxyuJEjguK4AaBVNIWG5_UcuCaZcdQnE-oSeGGiMw4fe03PKpul9wRcnagWjcMNLWIswok1kt2Seio2L6ASH5GZBqklUMyhfCUNCFSAh1O8pNUyWHG11DH7anfBPoMd1H7YSD4DTsdUtEcxi8IfNcg8xKKc0VuNcEwOZoXpsBfctQHEe9ilNNwzkwd_2D7wFf7dyeaGDJyasQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5058746
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 46DD 3 KB
1 KB 169ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:11:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 46DD 15 KB
7 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:10:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46DD 0
0 133ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgdbL_Njpvv5Oo59Zr4Vfso7iURXPoOJ_NezkggvOWIGwAEJJwlczWA-DgxPyD8gMAGjQYLMZpky5Ogym_lg-hHhTtlg
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 46DD 22 KB
7 KB 133ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 12:29:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46DD 119 KB
36 KB 124ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 12AC 0
0 71ms
71ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvLjD8yRpYqzbBIGR7_UPy8ieoALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEqgJP0N_P1EOEuF5jexWLS6d2nZZGgONWHuvKu0JPyUY5qorA8c6mReJ9onp-QfRQCcqvnfayxC4dWZWouojjS3S2d3N6bH9QyURJyQ1lUEp1s0pfGz6iTSMNIFZIMOJOBasXslHu_rWlD8Zm4v6JDh85UragcbwyodtUMTGNJWeTI_EkntMgtBL6zOVHZl4gIaP6ClUk0hyYw3GRwE7NPfN2PGXjwGcApZunb05rbAML5xv8sl0w8JKh--f_aFx7eaAjydJw08H5Tg2WbWuq1SZmXKXmw-_ni80l4AYzb5yfsQ4RSeUVJ_MjZd-1JRX37dUjFDl9HLOSbAtvinz-ftoH5o8-LqO0cBp_hruG3sglZnaQmVN5oyIODiZpOmpdoiJdUdPITrUK7EID4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODIzOTc5MjczOTA0NDA5MRitjGw&sigh=cJc7k0wTfcc&uach_m=[UACH]&cid=CAQSPwCNIrLMSTVofguvI7PkM4dHvfR8gYCto8deXJ-ik-AIbZfqKuIGsVfnQAqtjRdfY9i8644gnjDlLcGrejDO0xgB
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 12AC 0
0 255ms
85ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEufCMMoHWp2DYgICAAAAqCSsxrSfdyAQ8iRpYibTDq2ZfOnOL2C_ABIAAA&wp=Ymkk8wABLawIu8iBAAekS-xB17v4kCPX9nYkCw

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 238829
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 56A2 46 KB
18 KB 121ms
68ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wABLawIu8iBAAekS-xB17v4kCPX9nYkCw&u=%7CEIFsa0k%2B5POyiKSioqWeK96h7Q1H6UiYiJRvSJiXHmU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOi8aedtujpvHWJVGiaagjsRJMCNNuAVCjnS4I3JTXQePCAax6VDsPif98rpRyLdMPubCzPdX2VlCI0PlpsK2OY-cyx63niSo7QUHWPtsRb9F9iCzyLh8FkD3oAQP1lx6aqNJtJGYCPrbO9vTRbUeWhykg3_XI0HujiBsAcieKxIgpX9LQPCDHl_MZ3YydcnUmuRQuRo5DsEkH9lw8jevdAjtljCP9f5BIHS7fOemUCTOHMDW6BpaWq9TILuKMAXDIKZ7xItP6A_Y50G2dQnx4AOLMUUQMwyMTG3mvkIcJpOBDx3rnj3MKYj5xm57yDh1Bx859rPEgn1M-7YJZ1bSvfmfPTXTZDkIT5zgERXafZ7ForzbaMPF6Zyv_SiG0X4lE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9h18yRpYqzbBIGR7_UPy8ieoALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoErQJP0N_P1EOEuF5jexWLS6d2nZZGgONWHuvKu0JPyUY5qorA8c6mReJ9onp-QfRQCcqvnfayxC4dWZWouojjS3S2d3N6bH9QyURJyQ1lUEp1s0pfGz6iTSMNIFZIMOJOBasXslHu_rWlD8Zm4v6JDh85UragcbwyodtUMTGNJWeTI_EkntMgtBL6zOVHZl4gIaP6ClUk0hyYw3GRwE7NPfN2PGXjwGcApZunb05rbAML5xv8sl0w8JKh--f_aFx7eaAjydJw08H5Tg2WbWuq1SZmXKXmw-_ni80l4AYzb5yfsQ4RSeUVJ_MjZd-1JRX37dUjFDl9HLOSbAtvinz-ftoH5o8-LuG2UYj4CSeVYVQxxaatP6twtyi4BAhxuN6Vn4Sv7s3kVjCgaFG8i1754AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouLBNUsXwMOmEWxnrQGNcnBzZig%26client%3Dca-pub-8239792739044091%26adurl%3D

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

979e11f3df739171e62a72351e456d4812436b8d78ffccbf8d0e140a67743380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LE05RJFRI3NhTQLvCyGnx5eDuV720Hw5GNFTQf7qUjMjkCrn_Y7cb2CplJAujPClsCArt2OWvahaZPaCK4kpfw0w9xyuggcoPgQHEzlW2wHmQclEVRX7ENOGkkcxFBKKAS7UAIib4DnbexormZS9RLNSUsGkr_7MC2rEhqIdZftKBOhsgnHngKgvk4H2iQtdo1VtvD7fOTUSl88u8_HCylj4ywtse_IHorhffC-CF6K_FWKflVShnD5xVjsysowlrChBysHXlF7lPpPs"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 6823802
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 12AC 3 KB
1 KB 166ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:11:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12AC 119 KB
36 KB 139ms
68ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 12AC 15 KB
6 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:10:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 12AC 0
0 128ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlHNp0yeYnwkBAZy3Av8yuWGqtXTHKQ-vZW7nVnU6daTe140cR-tipPyFqyHKybFVPp6KEgp3ZJH027i6hWPH2MjGRiA
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 12AC 22 KB
7 KB 160ms
75ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 12:29:48 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6DF7 2 KB
1 KB 47ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wADXDgIu-fKAAEcruquCvVuMqGZt87MkA&u=%7CEIFsa0k%2B5PO2lMMF%2BsuCSATyqMfiGCuhHcVk0DZzpyg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR4gVdBR-5ATnG8SNiBv8q8BsOXF0xFMfkxesTWqpisMthi0Y65eIghAVh83fDWNqFU3NBCuKyty7TE8pD9BoaDsF-46h8oB0cWYwDdsS8z5z46RIsUle8Bi6uex7AZ7M07kJK1ZlYyKxjzhEcm1Y-F-9nXwSnd4iWxAzuQM2ieknE91MVrcMGD3vd8dGgSpc8Hf4CD8Ts0aWV1fNwpkynrlSlHDFSyHDYFP7niZx6YyKNqgq7hPCXc1ipEMypEuz-PptaWU0uhIFMouDs2iH2FuHg12N-9C_mcaWzgeWUsR9ZrqM0FCPIpAevKLcH9MC22UJ4TLGeWWvOD5X09pQBPwgESGNxPx5kAfWlB2yrmBYzduJu3wX9Id&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClWer8yRpYri4DcrP7_UPrrmE4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQLYj3VkVNqxPuACAKgDAaoEsgJP0NTo-aliVmFNi7qf7XKVBqu-zCF6XqQjUJdpS4eXewwnbvbPs7Y8vy013DtLZN3WVpXLDN0dDJZJfsaZVlj_yqVaNDs00RRQAaAKuFIah3w27b7mizvgQ-K2KztZYrNY2HAWDkdRqsISPgf6Sp5aIuuBvvbflebbpbu5nN6M_b4bmlxf1r9e3NmgNrDZpjPrM3Jdhr9NB90ZPSeQeJKE-5x7Q52jPd-DEK2apkyJC1LYm71LKD2Ba07SpMDUElWWyj9aUTkyvVrf45VcnvwgRg80X_aBLO16pn9T0VkQxSibrjGbbK1f9yO5xNXceOwSEJvITX-in1XCV8P2XRuQdNAbIyeZunNkGiasi1TObAeUKXdm-Q-G6n6Db6wghq1EpAaqvFONlHj4kFzjBWui75fgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0poSsc_QVTpq2F3Mj5VSUE6eGlJA%26client%3Dca-pub-8239792739044091%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6DF7 2 KB
1 KB 48ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6DF7 308 B
637 B 46ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6DF7 507 B
835 B 46ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6DF7 43 B
348 B 80ms
27ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9tuq0SC1FSYz-WCjs-znaKGb1tqv-KNnUM0CljSWEiuFIZlQIIDZYZw8uQx9vLzoOMeqJMje_RU9X-yt7thV-Dkj0Mmw7e_gY-t7oqVPKElVTi0xaaY1UPBKkRtkncYHbfan1QU5sbiOkLFFc-rzC9C5uCz4Y0scLGzeXYHhnkEqLCETDjMUopfXQ4CdEN8-Xpn3XJAzlMJxyCc22PkNdcXfgrrRpHzRpdwEWFDgNGDJCHCzI2gYODggNzsbaySoIJ6Gwyh4bsg1JRYqxIZRGS9qvCRhegnSBCHe6O7UinWCR9bsSMuug4TgEjbmbryLSkbnGGmHF3OEzEsWTCoQK5wPYE2SpFvVCiH7YSuBa7_UQjZv84hi31c00VrpzMTODD_5bSWIK0bhZFNNewOL9-Tks4d50zSlismU0ltI-sJ6f1Mdgqw0Dzqm6e2eXhXIPkE3QQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:46 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2590953
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg
static.criteo.net/design/dt/90764/220415/ Frame 6DF7 98 KB
99 KB 48ms
18ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

15d3ebf6868fa719dee4db0b7d63fd82cd08292f262b286a8b69235cd700746e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-188fd"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 100605
expires: Sat, 22 Apr 2023 11:11:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6DF7 0
128 B 216ms
72ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9cpDs5FRI3NhTQLvT6VP1B3PXqZal_XqLFw4x7E62Xumh1fNuDb2RBQXHgxyuJEjguK4AaBVNIWG5_UcuCaZcdQnE-oSeGGiMw4fe03PKpul9wRcnagWjcMNLWIswok1kt2Seio2L6ASH5GZBqklUMyhfCUNCFSAh1O8pNUyWHG11DH7anfBPoMd1H7YSD4DTsdUtEcxi8IfNcg8xKKc0VuNcEwOZoXpsBfctQHEe9ilNNwzkwd_2D7wFf7dyeaGDJyasQ&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:45 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6DF7 2 KB
1 KB 70ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6DF7 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 56A2 2 KB
1 KB 54ms
52ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk8wABLawIu8iBAAekS-xB17v4kCPX9nYkCw&u=%7CEIFsa0k%2B5POyiKSioqWeK96h7Q1H6UiYiJRvSJiXHmU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOi8aedtujpvHWJVGiaagjsRJMCNNuAVCjnS4I3JTXQePCAax6VDsPif98rpRyLdMPubCzPdX2VlCI0PlpsK2OY-cyx63niSo7QUHWPtsRb9F9iCzyLh8FkD3oAQP1lx6aqNJtJGYCPrbO9vTRbUeWhykg3_XI0HujiBsAcieKxIgpX9LQPCDHl_MZ3YydcnUmuRQuRo5DsEkH9lw8jevdAjtljCP9f5BIHS7fOemUCTOHMDW6BpaWq9TILuKMAXDIKZ7xItP6A_Y50G2dQnx4AOLMUUQMwyMTG3mvkIcJpOBDx3rnj3MKYj5xm57yDh1Bx859rPEgn1M-7YJZ1bSvfmfPTXTZDkIT5zgERXafZ7ForzbaMPF6Zyv_SiG0X4lE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9h18yRpYqzbBIGR7_UPy8ieoALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoErQJP0N_P1EOEuF5jexWLS6d2nZZGgONWHuvKu0JPyUY5qorA8c6mReJ9onp-QfRQCcqvnfayxC4dWZWouojjS3S2d3N6bH9QyURJyQ1lUEp1s0pfGz6iTSMNIFZIMOJOBasXslHu_rWlD8Zm4v6JDh85UragcbwyodtUMTGNJWeTI_EkntMgtBL6zOVHZl4gIaP6ClUk0hyYw3GRwE7NPfN2PGXjwGcApZunb05rbAML5xv8sl0w8JKh--f_aFx7eaAjydJw08H5Tg2WbWuq1SZmXKXmw-_ni80l4AYzb5yfsQ4RSeUVJ_MjZd-1JRX37dUjFDl9HLOSbAtvinz-ftoH5o8-LuG2UYj4CSeVYVQxxaatP6twtyi4BAhxuN6Vn4Sv7s3kVjCgaFG8i1754AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouLBNUsXwMOmEWxnrQGNcnBzZig%26client%3Dca-pub-8239792739044091%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 56A2 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 56A2 308 B
636 B 58ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 56A2 507 B
835 B 60ms
60ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 56A2 43 B
347 B 44ms
27ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EkTpCSZu5F_9StRanpezJTkBInRtpTZW7lbDv-ybJtnt_h2mEVwrWQDB1G5EsP-_0_F22OB2WXu3i7dISWC1HAE7-jbVTbn0NKssp39osmK008iQ8mzfYGfyJUPF94ZdIF84akPVyxsM3TyXbD6e81wNHLiRgOQsls7cjmZdESyTL9PSIQCCdhp0GZOCMsbUVm3Ep_fIgzCFM71Clo5qDIGEwK4UkbNqK8Y3UnI17FoDWK3KayqjN4M0VG7X3QjxlI5qvY4zOoGKGfF1a9QPsrE01bdnBWmxG0GskoZWy4GMbSiiUfbFjagma2O0Emp6vzw2Hp9poes3854SlVdFVswkoG_2xO1T6hg2EV1uELZfMVqFFKaYZRVzApw9Bbz_ur7pv93tYROmLHHXquP2P0DfpFGs_ORMuVqpSIN_XougIa6wp40_cDizhAjPlgDL--ihBA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:47 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3137820
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 be315a367a5f4e92800cf56a5c6fedab_image_ad_970x90.jpeg
static.criteo.net/design/dt/90764/220415/ Frame 56A2 71 KB
72 KB 52ms
52ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/be315a367a5f4e92800cf56a5c6fedab_image_ad_970x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fce25f7d874cb94e558d84bb989bd0b5adbc5ad7e41617820ef59af65558b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-11d95"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 73109
expires: Sat, 22 Apr 2023 11:11:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 56A2 0
127 B 191ms
72ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=LE05RJFRI3NhTQLvCyGnx5eDuV720Hw5GNFTQf7qUjMjkCrn_Y7cb2CplJAujPClsCArt2OWvahaZPaCK4kpfw0w9xyuggcoPgQHEzlW2wHmQclEVRX7ENOGkkcxFBKKAS7UAIib4DnbexormZS9RLNSUsGkr_7MC2rEhqIdZftKBOhsgnHngKgvk4H2iQtdo1VtvD7fOTUSl88u8_HCylj4ywtse_IHorhffC-CF6K_FWKflVShnD5xVjsysowlrChBysHXlF7lPpPs&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 56A2 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 56A2 2 KB
1 KB 51ms
51ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:47 GMT

GET
DATA 200
OK truncated
/ Frame 46DD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b35f4ab09440a26489947e4856a37b90dae92cf4275c8ef969a7736ee59bf2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 12AC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee5d2f36d0488739e1b20fd0fe9973d90410f7efe1ed08b631880233412e9db6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 215ms
214ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnews_content_RT_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=3&adks=363493275&didk=88932270&sfv=1-0-38&ecs=20220427&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3Db125f5596cf3c33c-227468f684cd00ee%3AT%3D1651057907%3AS%3DALNI_MasVU6XKpKtrdD7keAKemEuHfrXXQ&abxe=1&dt=1651057908257&lmt=1651057908&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=1046&adys=259&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=342x-1&msz=336x-1&fws=4&ohw=342&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

682f73b047f94716a79c0254eb706ffc3b8afebaf468ede719b72443a1f2a2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11840
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 319ms
318ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnews_all_top_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=4&adks=179211431&didk=1776888936&sfv=1-0-38&ecs=20220427&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3Db125f5596cf3c33c-227468f684cd00ee%3AT%3D1651057907%3AS%3DALNI_MasVU6XKpKtrdD7keAKemEuHfrXXQ&abxe=1&dt=1651057908270&lmt=1651057908&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=375&adys=75&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=1050x90&msz=970x-1&fws=4&ohw=1050&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

84cf5df131fbdeb0b077d893fefb98d75cc5e7f307802a6541e53b4db80df483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 46DD 0
0

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CCA0 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CCA0 0
0 75ms
75ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Crrl49CRpYraiE9bF7_UPt-CEiATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoErwJP0CnzGWJmyXWVWRB5HyDES-gJ8FqexxKsWxOjXYhk6m6e14n7ALUrUHi2RsdOh8ViQBOVCGKa7Cs_Aqa_grbLR4ernf9Z3Z7Qvs_Xl1cqqWOYS_kULNyXEW8HJG616ow25Q88UAOFev34l8gATIp0MFQ9XbfMtsuE7wP-q8NkMw3fhmJwEBIUrAb9jGAZea5hP9BVz4_ti583daxh6gSdGZB_5qHC6pk28dr-8YwuuUlmd-nnqkQsOE_hvF-272zPh9r09C11X0lfvz23ypNhThZpRK-JVWNUmAx9zksr6zOnkUU8dzCgqx8FNsjlYw4x8DAZlZ79nOIIeERFcEtRaJ2oisQ0iGvoHGXcpWTTuXuDvJB8IOuyxir_j8lUqoDnRR2HzA7N5dKY0gzoPMngBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MjM5NzkyNzM5MDQ0MDkxGK2MbA&sigh=XA1qxy3Ila4&uach_m=[UACH]&cid=CAQSPACNIrLMvFiozvsjpzYTIkWme0AtQsTKWvO6gzQRFtkL7FgWxW2CTnzIuOMpVfuJlI7e_3kzjZS87o4s7xgB
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CCA0 0
0 19ms
18ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEuGBMNACmAKdg2ICAgAAAH7A1XbzGAsyEPQkaWIJc2QgZ3JgIe6_ugASAAA&wp=Ymkk9AAE0TYIu-LWAAEwN6K9G-5qPHwLkuE_sw

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 285378
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CFA7 43 KB
17 KB 38ms
37ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAE0TYIu-LWAAEwN6K9G-5qPHwLkuE_sw&u=%7C4QYzjYUYg0B24P%2FVrSROjOQDuLN8%2FUit%2BgeEFi43Hk8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR5GpPtdUC19EkF0Kqn0Op0_Fq_K4O8GNUOGMY_tdJ5KpF8QhIyjGkx_U4CelQdUKI3Mk6DoiVaBLsipGQIdE4DxW5r9BZfoTSnpVQC75qVaL_sCaD81LTDcC0RJAlBSUAuUp2R-ZhJgJdh7LUPah2nBKp10xwRpdoSorZwHN8Ghwf9H3xNCf4cuhqcPqch_xmwtR-qALgHWqe69DKcB_tCDO4kYtcy7z3w9_1qu4WMV6a8AvzIt5itD0Ln5c2qGZZXli21UxW3WmPDnCmrWIbuGh_QNHGEWZz0CbQY_Apvr-kPaB_udLXUngbP2tSy_gsvkgzHh3nFSUM0jogBWD-FMZPKqAMeGYImSpe8nueZJEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHMh49CRpYraiE9bF7_UPt-CEiATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEsgJP0CnzGWJmyXWVWRB5HyDES-gJ8FqexxKsWxOjXYhk6m6e14n7ALUrUHi2RsdOh8ViQBOVCGKa7Cs_Aqa_grbLR4ernf9Z3Z7Qvs_Xl1cqqWOYS_kULNyXEW8HJG616ow25Q88UAOFev34l8gATIp0MFQ9XbfMtsuE7wP-q8NkMw3fhmJwEBIUrAb9jGAZea5hP9BVz4_ti583daxh6gSdGZB_5qHC6pk28dr-8YwuuUlmd-nnqkQsOE_hvF-272zPh9r09C11X0lfvz23ypNhThZpRK-JVWNUmAx9zksr6zOnkUU8dzCgqx8FNsjlYw4x8DAZlZ79nOIIeERFcEtRaJ2oisQ0iGvoXmf9N-NcJWg8IITf8NYUPiPrhX9ehJhl8dW6avxy-_6AV6ZsL3bmcv7gBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dO4fES1ucdFoQLZqYWZTi0wEOzA%26client%3Dca-pub-8239792739044091%26adurl%3D

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c74b7be7c7c796bfc7d77f0103ca1396b5b5357be199ea74e751f2dd86a74993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gAEEGZFRI3NhTQLvucU8bBtaVq5zCx91xOqWGKdtZc1dxWWapyFhf6wJjn24jJXdYHuF4HyE6mM2NbMD-bUZy8t-OlotE7KMw_gpHFfHVh0PzI8LzZuLhFT-lPCVz3p0k4izBjV5v-I7EmtKbIjLzu3BR9YGdvTLWBstXc6G9iGZhet9VWqW5lftLgjP1M_uzb_w2oT-VezOsqJ5mSrQ0LWAeHcwY8bS1PltmihkD0thfxyQlNDljejMgX3hZxufYW4qrw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5155892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame CCA0 3 KB
1 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:05:39 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1AA 1 KB
1 KB 120ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 27 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame CCA0 15 KB
6 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:04:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CCA0 0
0 124ms
45ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2-dLStLwWS_kEZjOMEIi1w0zfWPnWy4QprNBh-qhZDnOx1MojMc7JelVZplMp5d3ulmwG8FI19_kt9Vi_KH6enniTtQ
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CCA0 22 KB
7 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 12:29:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCA0 119 KB
36 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:48 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 12AC 0
0

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB09 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CFA7 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAE0TYIu-LWAAEwN6K9G-5qPHwLkuE_sw&u=%7C4QYzjYUYg0B24P%2FVrSROjOQDuLN8%2FUit%2BgeEFi43Hk8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2Md40iWPZuezyOMoA1jMR5GpPtdUC19EkF0Kqn0Op0_Fq_K4O8GNUOGMY_tdJ5KpF8QhIyjGkx_U4CelQdUKI3Mk6DoiVaBLsipGQIdE4DxW5r9BZfoTSnpVQC75qVaL_sCaD81LTDcC0RJAlBSUAuUp2R-ZhJgJdh7LUPah2nBKp10xwRpdoSorZwHN8Ghwf9H3xNCf4cuhqcPqch_xmwtR-qALgHWqe69DKcB_tCDO4kYtcy7z3w9_1qu4WMV6a8AvzIt5itD0Ln5c2qGZZXli21UxW3WmPDnCmrWIbuGh_QNHGEWZz0CbQY_Apvr-kPaB_udLXUngbP2tSy_gsvkgzHh3nFSUM0jogBWD-FMZPKqAMeGYImSpe8nueZJEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHMh49CRpYraiE9bF7_UPt-CEiATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEsgJP0CnzGWJmyXWVWRB5HyDES-gJ8FqexxKsWxOjXYhk6m6e14n7ALUrUHi2RsdOh8ViQBOVCGKa7Cs_Aqa_grbLR4ernf9Z3Z7Qvs_Xl1cqqWOYS_kULNyXEW8HJG616ow25Q88UAOFev34l8gATIp0MFQ9XbfMtsuE7wP-q8NkMw3fhmJwEBIUrAb9jGAZea5hP9BVz4_ti583daxh6gSdGZB_5qHC6pk28dr-8YwuuUlmd-nnqkQsOE_hvF-272zPh9r09C11X0lfvz23ypNhThZpRK-JVWNUmAx9zksr6zOnkUU8dzCgqx8FNsjlYw4x8DAZlZ79nOIIeERFcEtRaJ2oisQ0iGvoXmf9N-NcJWg8IITf8NYUPiPrhX9ehJhl8dW6avxy-_6AV6ZsL3bmcv7gBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dO4fES1ucdFoQLZqYWZTi0wEOzA%26client%3Dca-pub-8239792739044091%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CFA7 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CFA7 308 B
636 B 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame CFA7 507 B
835 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame CFA7 43 B
347 B 34ms
33ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WIVgXiC1FSYz-WCjs-znaKGb1tpgpoZyt8EST7JFy9bvMSu8xrTi1Ngaz86y_JZMA8RcQ1wE9UoHhaTZn66FijzLbk-kwGNSjzcE_TAN26H80C7EQL_LLWNsNxOyvSqp8ltiVeqrnWP2Gcs_UsXTeU6yazvxi0qI4xcrECPR70YpIBEBtMsZcCxGyNO1OJMxc4dOH8o7dC0ixR8cfkXBEl03dnC1DYUy1uLZlQdgygVFM22XodArrLY86KsH8N55Q3Ni-Xy0hJDwPwP_XuQyxOfjME8Actn9BwYunSkEaHdov8U-w4-_LpeLALXynKiqIPRLiNg0zuB1Rvvnfs6y6ZPzUDycGYxj_TMN_sKNMtlP9P1X3RZCrNF7Dxaam0DntD3-xvCtPcDhGZhlWZhc2bDArWfTWsgaceJD2QIqCJqmUlpkxcWMH-hgV4HGwO_e9wp0fg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3106404
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg
static.criteo.net/design/dt/90764/220415/ Frame CFA7 98 KB
99 KB 15ms
15ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

15d3ebf6868fa719dee4db0b7d63fd82cd08292f262b286a8b69235cd700746e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-188fd"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 100605
expires: Sat, 22 Apr 2023 11:11:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CFA7 0
127 B 62ms
62ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=gAEEGZFRI3NhTQLvucU8bBtaVq5zCx91xOqWGKdtZc1dxWWapyFhf6wJjn24jJXdYHuF4HyE6mM2NbMD-bUZy8t-OlotE7KMw_gpHFfHVh0PzI8LzZuLhFT-lPCVz3p0k4izBjV5v-I7EmtKbIjLzu3BR9YGdvTLWBstXc6G9iGZhet9VWqW5lftLgjP1M_uzb_w2oT-VezOsqJ5mSrQ0LWAeHcwY8bS1PltmihkD0thfxyQlNDljejMgX3hZxufYW4qrw&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CFA7 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CFA7 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CB09 0
0 74ms
73ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmzlW9CRpYtzuG__O7_UPxo-fyAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQIoSSGj3dCxPuACAKgDAaoEqgJP0JwxGmRePnn_tqdHolcs_4jBEK2S2ulP_RMg_SGPhsetQhXhK_XiffRCqBNhr5fF9zHRhJjYiouISK8D2Cv0f9RKJYdyt23F6t00axlYhiw9Y5sXsoj4br3cRwz04SFhLdhFVAnmzvyW1B4qD3gkKcIQ28F1pFkslgNswsJbjrGI90RCvO51qBIs48USJ8YQrsOinv1X1Q-gRE44p2qHn2JuNLk9fdn9n-U7aKTmgoBnFK8drIiZoaJ-ZSrxD2s-qk0XfBxLXEe7Xh5QsH_J8DythDD48BMAIblYPZ6Y23txgQUe1N5UNkhHIvIbh7Pfv5YeSjl2aPKom5jFJnl2HTnDB1usOUgxN6bkK42Jn7YW_zAbVHQw2mQw911AmA7c1_Xyv4OVFVjK4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODIzOTc5MjczOTA0NDA5MRitjGw&sigh=lg0DpCW54FY&uach_m=[UACH]&cid=CAQSPACNIrLM-sLmZngmqFG8dmApn8Uug6E6QxoX-tmSCJd1JIgZUpdDcxSrO5il_oAK_aV1N97ttFhrP2RvShgB
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CB09 0
0 15ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEufCMMoHWp2DYgICAAAAqCSsxrSfdyAQ9CRpYgTi_DivdC3Nv5tjABIAAA&wp=Ymkk9AAG91wIu-d_AAfHxndK67p9IF-pDxayMQ

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 276368
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6E9C 45 KB
18 KB 41ms
40ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAG91wIu-d_AAfHxndK67p9IF-pDxayMQ&u=%7C4QYzjYUYg0AY1OUVpriRRY%2B0vl%2FpwltR6Amt5JLsWO0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOjXqDq-S3vvoWIMH1MvC2r_aOPpHHkvVOz3qnSAEbbQszune6XqpUSbxr0qZHIIDgkqZ3ChRg9YO1fsvR_mIN6YwNO50aIb1IT8mkdAw5_tUTzIDJFGrvHFsJbGgoQC4-Kv6pfOaEYsmhXFxsdd727DcPtwajmw2Oe_8NdHu67MvLEytBtIvjI_yvYXTOOkemwdTS6M4k2xgYOyUO5x7NxP7ZXPF0mQ0wI6ExESHZMela53KPZOzGMJxXueSKU_LVi10Xt18h-2j2QhfvAJS17joC98sppIDbNaoNATYtq0_RmYRT5YuMIOMf_HZx5luNBYc78IaJ0lraKf5ArXjgHDmTJqbk8-ElLdGH19CXpX9OhVWPTLiSKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA0U19CRpYtzuG__O7_UPxo-fyAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQIoSSGj3dCxPuACAKgDAaoErQJP0JwxGmRePnn_tqdHolcs_4jBEK2S2ulP_RMg_SGPhsetQhXhK_XiffRCqBNhr5fF9zHRhJjYiouISK8D2Cv0f9RKJYdyt23F6t00axlYhiw9Y5sXsoj4br3cRwz04SFhLdhFVAnmzvyW1B4qD3gkKcIQ28F1pFkslgNswsJbjrGI90RCvO51qBIs48USJ8YQrsOinv1X1Q-gRE44p2qHn2JuNLk9fdn9n-U7aKTmgoBnFK8drIiZoaJ-ZSrxD2s-qk0XfBxLXEe7Xh5QsH_J8DythDD48BMAIblYPZ6Y23txgQUe1N5UNkhHIvIbh7Pfv5YeSjl2aPKom5jFJnl2HTnDBxmuGNq2uDr3lBGdPGYrWcgSQH6G0EoodemIpaguaOvepwY_kUt1UnL94AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_31Nt5mV7DPTOt8ruzUq2JARqbFFQ%26client%3Dca-pub-8239792739044091%26adurl%3D

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ebe46ff3b6f0a2a66d5d2ebbe731553aeea263f82125c3cdc18bfbeea786b147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HSuqUJFRI3NhTQLv7q-pFSVrk9u9AeQSNpWvqAx919yWxWbIex7xBp3vD3CWKNdW6SMeCW8Egi1zYV7QGBIVZRXkZYaVVzmBXRLzsyfF3ipI3ZxL4UUy2nRTotUinLsi18EHou4aJ4TjpP_4uRQinMBfq5lXIj9svjp3evM9xJYlpvGSIU0-6M1zsdq5eE6kXCVjvckhk1xxyaAr2kC53111okvxzpjnjbeWqxvIqBQEEkVzo_pKHonoccB4ULZwpBrYHQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5124434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame CB09 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:05:39 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 81E4 1 KB
783 B 38ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 27 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame CB09 15 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:04:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CB09 0
0 46ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVBdMDFidmapl_01wLChpHCeBwowfac4Vj4Y17Oy5ocGebPm_AZ5k5sPa6qVOHow7t_5_VcRl7unvo8fWLktDDdqdHEQ
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CB09 22 KB
7 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 12:29:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB09 119 KB
36 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:48 GMT

GET
DATA 200
OK truncated
/ Frame CCA0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77b9e44b9b2195d3edb884f20f5e352da96e0f8bdc15401069a3d7dc6c8d25b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6E9C 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymkk9AAG91wIu-d_AAfHxndK67p9IF-pDxayMQ&u=%7C4QYzjYUYg0AY1OUVpriRRY%2B0vl%2FpwltR6Amt5JLsWO0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdELP8eKu8vmOjXqDq-S3vvoWIMH1MvC2r_aOPpHHkvVOz3qnSAEbbQszune6XqpUSbxr0qZHIIDgkqZ3ChRg9YO1fsvR_mIN6YwNO50aIb1IT8mkdAw5_tUTzIDJFGrvHFsJbGgoQC4-Kv6pfOaEYsmhXFxsdd727DcPtwajmw2Oe_8NdHu67MvLEytBtIvjI_yvYXTOOkemwdTS6M4k2xgYOyUO5x7NxP7ZXPF0mQ0wI6ExESHZMela53KPZOzGMJxXueSKU_LVi10Xt18h-2j2QhfvAJS17joC98sppIDbNaoNATYtq0_RmYRT5YuMIOMf_HZx5luNBYc78IaJ0lraKf5ArXjgHDmTJqbk8-ElLdGH19CXpX9OhVWPTLiSKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCA0U19CRpYtzuG__O7_UPxo-fyAbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgyMzk3OTI3MzkwNDQwOTGgAdW20uoDyAEJqQIoSSGj3dCxPuACAKgDAaoErQJP0JwxGmRePnn_tqdHolcs_4jBEK2S2ulP_RMg_SGPhsetQhXhK_XiffRCqBNhr5fF9zHRhJjYiouISK8D2Cv0f9RKJYdyt23F6t00axlYhiw9Y5sXsoj4br3cRwz04SFhLdhFVAnmzvyW1B4qD3gkKcIQ28F1pFkslgNswsJbjrGI90RCvO51qBIs48USJ8YQrsOinv1X1Q-gRE44p2qHn2JuNLk9fdn9n-U7aKTmgoBnFK8drIiZoaJ-ZSrxD2s-qk0XfBxLXEe7Xh5QsH_J8DythDD48BMAIblYPZ6Y23txgQUe1N5UNkhHIvIbh7Pfv5YeSjl2aPKom5jFJnl2HTnDBxmuGNq2uDr3lBGdPGYrWcgSQH6G0EoodemIpaguaOvepwY_kUt1UnL94AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_31Nt5mV7DPTOt8ruzUq2JARqbFFQ%26client%3Dca-pub-8239792739044091%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6E9C 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6E9C 308 B
636 B 16ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6E9C 507 B
835 B 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6E9C 43 B
347 B 28ms
28ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=oLtsWCZu5F_9StRanpezJTkBInQHNyIiQxAxoI7jp0hUDRZJcokZRWm4p_PtDOlXoyGG2WpUzQpD9lxCqLp8RfE-VVYrppaDmObxP8m5swVD0GGRY305YODVkYriyBiidNc8-9FVr-NhEdQCvRBrilODLpBicxHBM20pxsoxKO8ixOq-meYQg9SluPJV3pcyfWvVJGcy3pmfUKeHT0Pm57qS8a0Bz1VTYmO3QWM0fBkRK-u6QiIlSCiyI22942p0c55KbWKDu_VbBVh27I0CT1wJoMhYIgPtvF_HDMiTKPA0GiEomI10eO9GAJ7UDlSrR9mXy6Ql2GXaKnM_l4792UhH6EqrkS46xhFo_a0IjFoSEf318s3OY4y2DBhPCnRUmEq5uZmY_neU9Psb-l4uOwBQ9Z9KbRp2QOhCud6c_81QqdqYKWVwxKUUTeXi60ro7wF9Nw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:47 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3260375
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 be315a367a5f4e92800cf56a5c6fedab_image_ad_970x90.jpeg
static.criteo.net/design/dt/90764/220415/ Frame 6E9C 71 KB
72 KB 17ms
17ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/be315a367a5f4e92800cf56a5c6fedab_image_ad_970x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fce25f7d874cb94e558d84bb989bd0b5adbc5ad7e41617820ef59af65558b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-11d95"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 73109
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
DATA 200
OK truncated
/ Frame CB09 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3da953302179eab7be4307e4497ff703cec0626f2b66aabc40c931557f25baf3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame B1AA 35 B
464 B 34ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI41wm541Ski06Z318vTCjU&google_cver=1&google_push=AYg5qPK-LjFjYyUrS1DO_IildaXtM2QoUJ96U-vvdXa9UaoET7bdOczcix8co3nBpm3IV96HgxXqTjUTsTSvzm-BtfGdvUHdII1Zsg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B1AA 43 B
356 B 79ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP1dJcjimryHiKrselUHtzU&google_push=AYg5qPJuKaIsPjf3oB07WdUT6cM6P2_PQeIzHkJ1ZmraS8TwJN9cY43vDT3_CUUtVjtiPAhzbM2QQAJJlDeTN7i4kJHqUzoi0Kw5EA&google_cver=1
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B1AA 43 B
351 B 90ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEB9WqWIktPyqJTn2JTnXySg&google_cver=1&google_push=AYg5qPLye407bg_0kaaJo3YSv_zXArFDbLCvAsB2w7teGuPUUExzslZpv9cLRskTrQkXLdXbyHRqUyc5OflK9rELMisDYT8o9Jmy
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cn6ffd6l86p9td26gugn4d338oj5h00b

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-M7tiqlRaOmgfKbMa6oKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-M7tiqlRaOmgfKbMa6oKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhK1LIXM-45U-DiM3QIDO2RNwhELOie1PgemyGmHD5cxQIOYyCIbRQ4eHOrXskXTWG9ZAds98_znp6yt8mit2F0ihOj6p7aA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-M7tiqlRaOmgfKbMa6oKg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhK1LIXM-45U-DiM3QIDO2RNwhELOie1PgemyGmHD5cxQIOYyCIbRQ4eHOrXskXTWG9ZAds98_znp6yt8mit2F0ihOj6p7aA
date: Wed, 27 Apr 2022 11:11:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEQtMTctNDQyVg==&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJpiosU-211ud3D8ypY_d9T6mG43Ew

170 B
232 B

86ms
57ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEQtMTctNDQyVg==&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJpiosU-211ud3D8ypY_d9T6mG43Ew

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEQtMTctNDQyVg==&google_push=AYg5qPLKUCT65r5yY7pIXjDKLqczmIdU4sZNf_K35CCqcWP6tHp0rS_hvPc23vyMevufJhk-pJpiosU-211ud3D8ypY_d9T6mG43Ew
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9CIAJBo9hMHWCSWRpgAABLIAAAAB&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsY...

170 B
188 B

104ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9CIAJBo9hMHWCSWRpgAABLIAAAAB&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsYDnZRcreefRcldkftTVH90qsxmT9dP4IokM1kG5nNSP23nRqvxJA&google_cver=1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9CIAJBo9hMHWCSWRpgAABLIAAAAB&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AYg5qPKSjjbnHz7GjJ3kOsyothnKnyNKAfjh8--qiLZPcPtuNsYDnZRcreefRcldkftTVH90qsxmT9dP4IokM1kG5nNSP23nRqvxJA&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Wed, 27 Apr 2022 11:11:48 GMT

GET
H2 200 trk
ag.innovid.com/ Frame B1AA 43 B
296 B 173ms
19ms Image
image/gif 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOWhn1vAgxSnxdBwG3k8_2M&google_cver=1&google_push=AYg5qPIgYD8CcJc9r_iU9Mw-lsvIyZJZLEE-DKC3skTggct2Pegdojfp1EnGlS4EIuH9QQ8ZES6307j8oxQ8W1XDZM1dLLLgTh63sA
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B1AA 0
49 B 124ms
55ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhTySQiSYI7iqvb939IhPbJD3wVUvIDo178Xhi-uwKlsKo-vmzXc2zMLgFr2ufQuW8pj5k

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 410ms
410ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1927387857&si=a453a17b06d6346eae5cc1295ed473b8&v=1.2.92&lv=1&sn=34654&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&tt=%E3%80%8A%E9%87%91%E8%9E%8D%E3%80%8B%E7%B6%9C%E6%89%80%E7%A8%855%E6%9C%88%E9%96%8B%E5%BE%B5%20%E9%87%91%E8%9E%8D%E6%A9%9F%E6%A7%8B%E7%A5%AD%E5%84%AA%E6%83%A0%E6%90%B6%E5%AE%A2%20%E2%80%93%20%E7%BF%BB%E7%88%86%20%E2%80%93%20%E7%BF%BB%E5%A0%B1

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 dpixel
cms.quantserve.com/ Frame 81E4 35 B
463 B 22ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI41wm541Ski06Z318vTCjU&google_cver=1&google_push=AYg5qPLTNXT8nnqf2deXlqyne7WJCPL7xuPfgaV-eS2SLePCCgbxDc6Y3S3Nxs3uftHrCjs2zUsftdHhtd0xheWdbR_dxbj4D7XkgA

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81E4
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOe5f1DnT1hM-gzH89PiGj0&google_cver=1&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A&google_hm=Q0FFU0VPZTVmMURuVDF...

170 B
232 B

58ms
58ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A&google_hm=Q0FFU0VPZTVmMURuVDFoTS1nekg4OVBpR2ow

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLANuq5vXtyXfg_Rb6-oOgFmKJ6YpbPfjr-33_bM-_YuOd_sS9TlHbazuX6NKXVDZsVuYkcDF5CzH3crSgifKsHIrdw4-AM7A&google_hm=Q0FFU0VPZTVmMURuVDFoTS1nekg4OVBpR2ow
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 81E4 43 B
135 B 77ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEB9WqWIktPyqJTn2JTnXySg&google_cver=1&google_push=AYg5qPI5Y6Zcdk_vAGiqr-NsUpFAuktPEsbhsrjTu9HNvEnPQ1UBuTvmGEutPUxv5V2VxeWcY02geHUqRA7toy-nnvFUfqUJ6vp_
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ttdnbils0219s9grgppct5dfqdtkojkv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vR6CYpnxTJu0qQGI1FQFEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vR6CYpnxTJu0qQGI1FQFEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsJquMyvZ4KUWvao6iPRlPwGbfH1EJxcpY1_LB3tF3dqk59PHCxIIhxHGVUYkdSoeQKXh2QW_Egnp2nAWoUMp8ls3gMHZmbA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vR6CYpnxTJu0qQGI1FQFEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsJquMyvZ4KUWvao6iPRlPwGbfH1EJxcpY1_LB3tF3dqk59PHCxIIhxHGVUYkdSoeQKXh2QW_Egnp2nAWoUMp8ls3gMHZmbA
date: Wed, 27 Apr 2022 11:11:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 81E4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEktQi1KNzg4&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7rpE_VWM6Bwi9NmSDt9pQmp2Xe2g

170 B
329 B

80ms
57ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEktQi1KNzg4&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7rpE_VWM6Bwi9NmSDt9pQmp2Xe2g

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDhaVEktQi1KNzg4&google_push=AYg5qPJZwNyWkLx6jSBuG8B3ZC29MiZNI_9J0MRu_Yof3uQr_vFLtoSxYFFeVMQqgcG6ma23QE7rpE_VWM6Bwi9NmSDt9pQmp2Xe2g
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81E4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9Kzf7bR-SEC_GQYdxQAABIkAAAIB&google_cver=1&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg...

170 B
188 B

119ms
56ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9Kzf7bR-SEC_GQYdxQAABIkAAAIB&google_cver=1&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg9BaO1t8QpOhCF_80Q7RO596E&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ymkk9Kzf7bR-SEC_GQYdxQAABIkAAAIB&google_cver=1&google_push=AYg5qPKetaEYm4dhsWzEvzKpsYX4guS2vfPYylmV2DbyA2C2xHRkUyGQ8fMzFxYhDUcMEnesOoJg9BaO1t8QpOhCF_80Q7RO596E&google_gid=CAESEHh55zmNDdBV3QfKrc78wW8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Wed, 27 Apr 2022 11:11:48 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 81E4 43 B
296 B 158ms
18ms Image
image/gif 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOWhn1vAgxSnxdBwG3k8_2M&google_cver=1&google_push=AYg5qPLTKwMBzkMcS_3Gj_gEdpuAEAfn0o-pnQRnQ14ATU_cWnzOpKHUCLtkqRizqS-dux8rNeorrujwqjE9TyISNJYgNuTyjHRPKQ
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:48 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 81E4 0
223 B 99ms
43ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6VRRjJELnUuuUxCc51pTDE7d4VSeAjasL1DPJrW5TVxum04hf5PNiee8A1ZX5uotTviEe

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 all
csm.eu.criteo.net/ Frame 6E9C 0
127 B 62ms
62ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HSuqUJFRI3NhTQLv7q-pFSVrk9u9AeQSNpWvqAx919yWxWbIex7xBp3vD3CWKNdW6SMeCW8Egi1zYV7QGBIVZRXkZYaVVzmBXRLzsyfF3ipI3ZxL4UUy2nRTotUinLsi18EHou4aJ4TjpP_4uRQinMBfq5lXIj9svjp3evM9xJYlpvGSIU0-6M1zsdq5eE6kXCVjvckhk1xxyaAr2kC53111okvxzpjnjbeWqxvIqBQEEkVzo_pKHonoccB4ULZwpBrYHQ&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6E9C 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6E9C 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:11:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 134ms
55ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9000aa174d62f0cfdd195cfeab10b14cb4e4ae939d073b499e198a84de01d13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10715
x-xss-protection: 0

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ 69 KB
22 KB 178ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 10:26:06 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 2744
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: YF80317847P1200Z
x-amz-id-2: HZrkq+3Io9on0sMBlRTEjsmBrWwMBW9qSTTWXLmHXlp+iJhlh70e+Xl99GZozqWKQnxBj7wgRus=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
content-length: 21352
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H/1.1 200
OK turnnewsapp_tw.js Show response
api.popin.cc/searchbox/ 108 KB
31 KB 1349ms
538ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/turnnewsapp_tw.js
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 51df5883740836db7f5ef71ac34bae876d2708ec7345973fe417f97b5fbb6312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2022 02:46:45 GMT
Server: nginx
ETag: W/"79f4326ef304a53439156592b4ef2d33"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: _1wXujLrYSpG201EXQjFHwxVWNcSJLDA
Expires: Wed, 27 Apr 2022 12:11:50 GMT

GET
H2 200 popad_close_button.png
sslcode.adgeek.com.tw/public/images/ 2 KB
2 KB 1245ms
243ms Image
image/png 54.64.181.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sslcode.adgeek.com.tw/public/images/popad_close_button.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.181.170 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-181-170.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
last-modified: Mon, 04 Oct 2021 06:45:38 GMT
server: nginx/1.14.2
etag: "615aa312-761"
content-type: image/png
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1889

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 B
165 B 67ms
66ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnewsapp_PC_content_video_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=269003742&didk=3423624386&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057909227&lmt=1651057909&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=215&adys=1265&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=798x1&msz=1x-1&fws=4&ohw=1600&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5d1c84531827245e1a4e0ad047f25d38a0b010098e76358de21d4793d147b2f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
42 KB 725ms
724ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=57965253%3A21692124366%2Cturnnewsapp.com_content_bottom_L1&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=6&adks=2868389526&didk=4106810524&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057909230&lmt=1651057909&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=265&adys=1296&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

49576f4b1a6976d3b89e6e956d0c3b63c37fdf94e5b6490d94f2bdc9d8280073

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIiO3YGOtPcCFQ7FuwgdGQAIyA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5477305715179926435/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIiO3YGOtPcCFQ7FuwgdGQAIyA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5477305715179926435/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 27 Apr 2022 11:11:49 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
12 KB 580ms
579ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=57965253%3A21692124366%2Cturnnewsapp.com_pc_content_bottom_R1&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=7&adks=1639316647&didk=366781586&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057909233&lmt=1651057909&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=664&adys=1296&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ae1d3887296dadd86d751de51da25bccd46cc729713b37d271a5869582e6267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12363
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 912ms
912ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=57965253%3A21692124366%2Cturnnewsapp.com_all_anchor&enc_prev_ius=0%2F1&prev_iu_szs=728x90&ifi=8&adks=3326335471&didk=3363419739&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057909236&lmt=1651057909&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=436&adys=1200&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5f964a9fdfb3ad5a94bcb6e98cfc4e7fe3e6ae6317294d35b7cafe0230c222ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10560
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 346ms
345ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=57965253%3A21692124366%2Cturnnewsapp.com_pc_content_sidebar_top&enc_prev_ius=0%2F1&prev_iu_szs=1x1%7C300x250&ifi=9&adks=1443420322&didk=3201473105&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057909239&lmt=1651057909&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=1063&adys=589&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=342x-1&msz=302x-1&fws=4&ohw=1600&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

62e11e6b560a3ff323a442346a5a18af0a4b8d6f37f2bdcb089c9f6c56ba9e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10519
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E617 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 10:32:09 GMT
expires: Thu, 27 Apr 2023 10:32:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE5C 783 B
536 B 46ms
46ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a00c538420add0641a170f4d0969fe8f10819b2d7711b373afb4cab6a5d0f345

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P0j379/maG+I7DQ+2v9fcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-P0j379/maG+I7DQ+2v9fcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:49 GMT
expires: Wed, 27 Apr 2022 11:11:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 338 B
500 B 146ms
51ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=e994f4c7-63c9-4db7-a1c0-5a101c493cb7&apiKey=RN3PQJGMHNRHYDDYG87J&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fturnnewsapp.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

080cc49640fbccae6b4036071e82f5d1406f8fd71715cfaf8cd2eea548971724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE5C 0
0 162ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042501&jk=3097979240692502&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame E617 35 KB
13 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 10:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 10:20:43 GMT

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C33B 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame CFA7 0
127 B 84ms
83ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D9A 624 B
733 B 128ms
48ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXjjcRmtmXYIJu41GiOvXNn0zIUMn-H5d-pCvbgzN8AdxNJAOEh2em1NpWLJ6w9pdiVlrWLdPwx1x9xuNLKeDubx5qN1ywB70z32UDMClmRkI8FTu5ITWw4k5DiUKioJr81nJLfWxzp_LulwfMcyzI3or3w2d4jD-2j9tOLYLzLZRH5p40

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C33B 14 KB
10 KB 147ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnbHssg71USfUMO9CzUdaDyM8BHfP_qVNsSsXwl0ywSVSDIvyP3amEWcL3IYnl2Yyz7QSTw3N-M3KPf86xEng_gnNcjjYiWcdl7eqMMTzYHe_uU824ytzMmHm6yLZXcUNS67DqPwI6zR30zuNo_354VJAOcw&cry=1&dbm_d=AKAmf-ClOjHJ2pYehIm-iwt3_-I8kwi1V-B7vBhsQKhS4md6W0X2-ox0Z-_yDcZODuBEJA4ZjF92EYv0FVh3xrpL8ZG_Y26b_L0qtenvgz-a6YXhjBl1MTEZn1gSdVL3kZrPuh-3OTHNDRyjEFpVNofgn82mEzVLqoaLAmj4jgr5ZXN5PAmOOnia-2HEzta_t4o1hYNak1s51JZCmN4tfym7srxyb-5aRjtm_KNn9jRrwFu4DYMeKhO68_58r4vokROjS5ZamieEpGBqH0Q0GmHT_uLYWagwv7fpb6Z9KTResb7hf0RR9Cg3Bo47b-wsCEJ8Za1Ss--nUo_G3OivphsUuN0qNoHZjGZUzZz6JPNTov4m9tZBqcmgAfLTAtyqqXjCNMi7WuyWV87TgQTbWNevyw2UO4j-vF8yVb2a42KJpAqntYEFCTbZRv84ZFLIo3rFD-hneR1xTzyC-Ioq3wpaEHMm0BTXxfUXtf8wdzDkGD8wCkcMUHm9bvSn1F2IRvi96ELZQhQX3fNYo62u2JQoK0dsacQjk-wldh4b8Li6bmBX0MtwjIc2n5TL1XjLDbRg7KidSQZxvLXPKzSQEQ63tlxuHQyaPj9XW7I326jl-fRGXE6tpdKVstq_5B6uEYdFQKOiwkxghlXMKRfMnvVrd3G1Lk9nS6DQC3tUAmOlkvMVv35qNSHWnGpm5OXndGsCwRDrn8W-drRXvnhP1ANOTfJ1vEJx48hlWUmfho9Au8UmxpJ26kpm7pQ2NOJWRzUMEnXzHa_KSnpExSnyfiR0Od5ZqR7IAoqBkjgoID8LpsEA6_p1dgimDxYvpM8a7PC1rMGfiXGBW00e_2ZIBhXWJKUZONGMAJNXBAoN1r7TDG2VHOS61vkmf8Q5b_NtYOExP289toqX0YTsBfIHs6j6jrnL_3IHLrRAfQJbfO2U1yJbF_sunDhR46PzCmkepNcj-UMSY4Wb3h0RdbdhZI96raQvW_5rvieOPknhb-oPJXiaxV35cT55UZy05jKclCvqARyWRyg5iu12lBrNxBZQaGxTguoF2mJMXXf_A7RSvEGy19ZoW0l6SmF8KBOYJ6-rjZhFq2AMlPJ_Pe4HpWxm63CDP0whjy8eP_1EG72_YfrHTq9vd3j4CpMT2_vc554Iy_sNxYPsV0mwQ3lboJO0Qs1JezawuG9fExPKouvltB3rXBtztfBmEF4OHU0cnEAAZU0vrpcANCK6cs3TYAyfZUMkjvB_-StyJoeo_T0FyaPKFeARG09VbiQhrS4N1pQ6Odpi2MI0loUfIGtoOR4LD-wPIb0SscrA8O_dD4UWU4JRbh_nfXe6hzKhwAeM3Ib7CuD0bu5_icRebb75m1FCu5eQYKnYorkACH1rOLXpqwjXFBrmQ4RNjQCIk2jMKoTW6BOuhi50ndnJGkcK_5-MYkFPhE37g-UKvfm5pGLgxraCeQDIOZwk3TwSq1mEQ8Qwca2V5Gw2qyP0yAd5NIoRPlEuJPGKjh3qHPiOdGr9RHU9y7CFDZ8dsqi0LW91aIghY8xrrVWTvy86YmZTJOjCZV2YQRxHfmS_UNzZg2iNyclsfe2FoUFwvtEsI7z71Bd_6nhiS4rWAEz8SHT9a02VogGzz2FccfLeCvuTrD5gwwNDXKljPJ69-7vdiAkXrjqHQOLgIqjbCRrqhKje9sUapBoBjccZzI8l2zTaySEJ937EPJ6hu5wbsgabjNUHYpx8kyDGpofOL75nYwqRw741diRrClD2FAHPuht1v96ySWeTL5uBu8T0J1OBL9IDcHqPfM8D9q3ilsJEeR_NQ0V53UX9_1Dz0bFQpNusRaypEuTqqt5eIRkYgB2XA63rTWLeeQONEiIGmOPVzazbZhIj8aY2sengnGSB8JGol9LIp2EvmErDfuyC2wzmhlXMgIk0t0MRqj8ebDx1UT5Les4FoVdEia5Ue-1i06-v71hGv_kYGS-D5OhxcwoSOctsy98ELW5C8nhRIYLLFlv9_SHSSsQFInUzXJW7RRACMOIojQ8iA-UiimhDgULXIC4qFAdHbenxOKY-ViAgYDAqJRNWalm9cu1GEllsUanhMOb47JZNwsX3Id_MmxqMfuXRA7f4aqHUEFGDRGp2NEFfvTr12WqY9vaZx2MffwVWSYgropmxhm6_MNCfzscME4e-1uuyp34-axEDFOgU7u422HV_vbq73HMhUfqCWmqHvb3ijltliCQxVwvaRJo6K6sX7aBbf_UJ1n3taGhp74QOwjIYF7LGYAPMc4EPNrMqv1A423Se_8KLW8H1a6gjh5S4DrsfOuGquXf73ExqITZymq-qTRh7vyu7Ae2iSjnfq34e1fTOEMquZzPYIS5hscP7wlrJndU-QkFZdQ_B3aXShmbf6rd0-xYA-Q5wTe2VzmUwB-C-fg2TPUPrJBgFAJ_ZP-zmUXRe3JJUUrkJPIM42y73Uv2jlu4elNpsIsQ0YGEJlPX6zkFvHEZZY9grdoEwPyuscC2wx3jSfIyNQm1JV1EliCv3jN_ErFbo8TaxJc0QjiTkoIZUihtys0za51oA-WO7nHcJdZBzZEb7GueIG5WT82UyvxIi5n9lWsbOlOpnm92uN5jEDEh82-TIvfE-CBvlN7dWePqtGpsnF2GpTj8I0sixevxWYmLc_zJvUno_7JSkJwsTJbCNxera7sF5G2Sq-XExnCSIZmD8cMikBay51wmp-eE0F-eG22Ft0KFPl8A2VNVqzZw_PHLxO3n9tCSwAxuWIfJO_DoODKQ4_lxQTYQVbYn_shZ0LFFOUl9LIWwUU-3zgYsYGa2hWRaK5GO_5QAs3weAbV3tC0JqRUE8hpNkmZkdNZyYLeDyHyGOcUTHXmSwyx1hrqZlTt6KF3WXQdQwgU6prsb3QDPnAXXxpR4xQH0mQjxU53svscX2PTv0TxlM6eDD2nCz520WFtdDNa8JnDMSLLZaMPebWcU68M23Dy-H2IuaAijNj9AqTbX-kYGH__4vwZf4orZfSZ8Q9uSghJfyUSHdC0D2HmFne_UoPl38wnwyIv6vPqfzcHqsVKA9c_XNWMoWAwVyJ5z7PJxxShC0_Z_aqXU30Q_i8rsw0K2RuqAYsfP5__mEQyuugrqO6a7Bqd7F_MIOGCS_xfgh5zPI2z6UyRFpKkNeUUZx6y-XczRJRF8AF1Vb3xU0h_HHQdKwZlq6rhv88eSYljk_0wLyNZbMpP9w58eM8OoHZQgyfB0cANPBTqYbAGw3TGWa_VH1q3hWfqQY3QB5DYwDfde5Nygzu5eo39FI7d4gSbA8c_WlmUOBtxKXPg-oLKCA4uBsKzGi3TxSFZetBJ3nB5zfaAJAsB0v5P2OD74tQVla_5SiyDe95k_FNhcpLHRWsNaU9rcTxuEIbCJj5srMjBdD&cid=CAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g&rfl=1%2Chttps%253A%252F%252Fturnnewsapp.com%252F%240

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab7f35bb008ffb7632de4c5056a26c5c169b552152aed09c3ad76a40496da6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C33B 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM4YMkHJljU9VR7tj7YDzd5vmcyRhCJGETFm11vZzxcWyig1UWJ0JKSLsVMGx8aArmGdlwOU3okj9BwebrPZbOdO6Yl1cRAdiH_G2YB0OJVrQc8Zw

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame C33B 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:05:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame C33B 15 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:04:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C33B 0
0 44ms
44ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1q1u7lORJilrMp45VkeCIiI0QRuBYX3QZ_nAjBrfziSHjEiOkQKArWtHeTkin5Gjkc-M4DktDLsyho6L_anaClROXfQ
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C33B 119 KB
36 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E617 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kvdqaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCA0 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstulihq8P_wcXbVIc1jE_DKUrjxah2aM0Dh0SrLwOxzlXBUk79fU6gCEdkvF6w8HViY4jn6J0H6-tDTxDzexR9s&sig=Cg0ArKJSzEMPnhLzZBi3EAE&cid=CAASF-RomUhagO46nNuwzHEAdNJdrmwLmjFL&id=lidar2&mcvt=1000&p=259,1046,539,1382&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=363493275&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651057908523&rpt=230&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB09 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZq9rtYSfdTigB3JEXTEgjc_Y42vtfCKn4vnOQbiAxDCTJVzLjCtIs5U64sr_VQY3EasEJpEARCfH1-LgimGcO&sig=Cg0ArKJSzH5HeDtugtKGEAE&cid=CAASF-Rok0Nv7oKmQ44hvs1NUi1fTIQuwS3y&id=lidar2&mcvt=1000&p=75,375,165,1345&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=179211431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651057908621&rpt=148&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6E9C 0
127 B 85ms
85ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame EF08 222 KB
62 KB 136ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EF08 16 KB
6 KB 198ms
99ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EF08 96 KB
29 KB 203ms
105ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EF08 74 KB
17 KB 216ms
118ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 151283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17308
x-xss-protection: 0
server: sffe
date: Mon, 25 Apr 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e7f38e1fe946943"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Apr 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EF08 5 KB
2 KB 225ms
127ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EF08 42 KB
13 KB 225ms
127ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
DATA 200
OK truncated
/ Frame EF08 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4343c82edc7de0ef8df66ff2192e19fd7a4811231b5f0704379b1a52933d4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 img4.jpg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 20 KB
20 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/img4.jpg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de3014a34a4851b8e8dffa9287742a77f020477d5b1cab93966326b5f1c89bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20945
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 img3.jpg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 20 KB
20 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/img3.jpg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e75e86d68fadbf91d9acabbbbb101851abb24ff51eadb8d223be90e61dd317ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20598
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 20 KB
20 KB 59ms
58ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/img2.jpg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

552bcd4bd60742cf50a20340ab17fbb9d6937684b45b0da70cab5f61d305fc82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20414
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 21 KB
21 KB 69ms
68ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/img1.jpg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a708fe8caa06eacdc291c25418868149b7f304978233a3364e10337f8792644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21447
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 3 KB
1 KB 81ms
80ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/logo.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a854e52e65bbe9498703cc84043b2d1cee8b0c142de15f60323045c4a6a7c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1463
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 2 KB
823 B 82ms
80ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/cta.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50ef0b4a32ef59f10a724f4f6343797da0391d92c9a71d5fa9188783aad32a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 794
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 txt2.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 11 KB
4 KB 86ms
84ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/txt2.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf8952337ec612662bad4db4b068ce08a533ae6e326a2db1903376accc0954f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3793
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 txt1.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 5 KB
2 KB 82ms
80ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/txt1.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1e2f155fb3bef25066e9a67cec8d36a75a1222530d0c96333d2a68096cba75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1743
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 ES52.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 10 KB
4 KB 82ms
81ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/ES52.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e61db2ada434e5a2c964722afdc288df06b7f988daffd799457e2928e9969f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4043
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 70.svg
tpc.googlesyndication.com/sadbundle/8547726398304814708/ Frame EF08 5 KB
2 KB 89ms
88ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8547726398304814708/70.svg

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1a4a282c5a05c25449f1b7b3b8a86035aa2087e1e398bb9c0082f537f45491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1657
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:19:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 20:21:27 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EF08 3 KB
3 KB 89ms
88ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:18:56 GMT
x-content-type-options: nosniff
server: cafe
age: 60773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7688947696963022458
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 27 Apr 2022 18:18:56 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EF08 344 B
374 B 89ms
88ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 65564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EF08 0
0 45ms
44ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-cTYLJShmGJvjmBD_Qq4N9dAIcFbbgMMRQEaSUWoTZY3Zd_0upUsU-dgJME5CWnfTHbVmJkASc2NIhr8BADWhNw5gEA
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF08 0
0 77ms
76ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5a8L9SRpYoToIaGJ9u8Pg9aJgAPVuJDdac-PouWlEJ2ArImIIBABII2E_ClgleKQgqAHoAHpxaqdAsgBCakCRUtBohvRsT7gAgCoAwHIAwiqBLACT9C3f_B3GHH-b3KRJACyB3hGGaPHO0eTOI67UJQPuM1JKvnwxZYBbSpCD47kwlFa1pZqj8wbvNeEbyZWa9QNiR9wCOz6BzD_i9vZ_OW1DKiYZNWRS9e4LVsvrxtZMVgbDKHQJGwthVHt3z2s6wNgeaQPF9HHimCIIVFZI4ksNH8FXzPbGS5i9yVFlzHuf_PiyFHHauW8yoaAzgQHjEP7N9unIhB0aEQQ-VahPKj-qWuHNBpnWHSKWhIUg6DbSMX8xUL93uic_PtphthzyRJG4cQVOohUx9HYK7TSzRoiQLPWKi46DFi8yzoutwc04oibKjB6eF1xmZWhZmVnhMQaKjcebiFlYL4KNVVHiymYdgi108HCsu4ERd93QZisuDaAGPkv_iAdkv2lcn9sgGL4lcAEzbGg8KAD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_-51eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-rID0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTE0MTg1Mjk5NDg4NzA4NTcYneMh&sigh=8qUbhDfJjfI&uach_m=[UACH]&template_id=419
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1

43 B
1014 B

79ms
40ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXjjcRmtmXYIJu41GiOvXNn0zIUMn-H5d-pCvbgzN8AdxNJAOEh2em1NpWLJ6w9pdiVlrWLdPwx1x9xuNLKeDubx5qN1ywB70z32UDMClmRkI8FTu5ITWw4k5DiUKioJr81nJLfWxzp_LulwfMcyzI3or3w2d4jD-2j9tOLYLzLZRH5p40
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Apr 2022 11:11:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D9A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ymkk9Kzf7bR.SEC-GQYdxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1&google_hm=2

43 B
1014 B

29ms
29ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXjjcRmtmXYIJu41GiOvXNn0zIUMn-H5d-pCvbgzN8AdxNJAOEh2em1NpWLJ6w9pdiVlrWLdPwx1x9xuNLKeDubx5qN1ywB70z32UDMClmRkI8FTu5ITWw4k5DiUKioJr81nJLfWxzp_LulwfMcyzI3or3w2d4jD-2j9tOLYLzLZRH5p40
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Apr 2022 11:11:50 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEaIZ5TQeZnhv2ViQSjgztA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5D9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECEFY7ZHvmOXrF0M6ia0wSU&google_cver=1

43 B
1020 B

18ms
11ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECEFY7ZHvmOXrF0M6ia0wSU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXjjcRmtmXYIJu41GiOvXNn0zIUMn-H5d-pCvbgzN8AdxNJAOEh2em1NpWLJ6w9pdiVlrWLdPwx1x9xuNLKeDubx5qN1ywB70z32UDMClmRkI8FTu5ITWw4k5DiUKioJr81nJLfWxzp_LulwfMcyzI3or3w2d4jD-2j9tOLYLzLZRH5p40

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4724e712-fa51-4298-b9c5-1386036bfc22
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECEFY7ZHvmOXrF0M6ia0wSU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D9A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODczMjU4MTE2MDQ5MzQyODc4Mw%3D%3D

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODczMjU4MTE2MDQ5MzQyODc4Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52355f4a-9b2d-438d-b974-37c3274ba367
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODczMjU4MTE2MDQ5MzQyODc4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C33B 41 KB
15 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnbHssg71USfUMO9CzUdaDyM8BHfP_qVNsSsXwl0ywSVSDIvyP3amEWcL3IYnl2Yyz7QSTw3N-M3KPf86xEng_gnNcjjYiWcdl7eqMMTzYHe_uU824ytzMmHm6yLZXcUNS67DqPwI6zR30zuNo_354VJAOcw&cry=1&dbm_d=AKAmf-ClOjHJ2pYehIm-iwt3_-I8kwi1V-B7vBhsQKhS4md6W0X2-ox0Z-_yDcZODuBEJA4ZjF92EYv0FVh3xrpL8ZG_Y26b_L0qtenvgz-a6YXhjBl1MTEZn1gSdVL3kZrPuh-3OTHNDRyjEFpVNofgn82mEzVLqoaLAmj4jgr5ZXN5PAmOOnia-2HEzta_t4o1hYNak1s51JZCmN4tfym7srxyb-5aRjtm_KNn9jRrwFu4DYMeKhO68_58r4vokROjS5ZamieEpGBqH0Q0GmHT_uLYWagwv7fpb6Z9KTResb7hf0RR9Cg3Bo47b-wsCEJ8Za1Ss--nUo_G3OivphsUuN0qNoHZjGZUzZz6JPNTov4m9tZBqcmgAfLTAtyqqXjCNMi7WuyWV87TgQTbWNevyw2UO4j-vF8yVb2a42KJpAqntYEFCTbZRv84ZFLIo3rFD-hneR1xTzyC-Ioq3wpaEHMm0BTXxfUXtf8wdzDkGD8wCkcMUHm9bvSn1F2IRvi96ELZQhQX3fNYo62u2JQoK0dsacQjk-wldh4b8Li6bmBX0MtwjIc2n5TL1XjLDbRg7KidSQZxvLXPKzSQEQ63tlxuHQyaPj9XW7I326jl-fRGXE6tpdKVstq_5B6uEYdFQKOiwkxghlXMKRfMnvVrd3G1Lk9nS6DQC3tUAmOlkvMVv35qNSHWnGpm5OXndGsCwRDrn8W-drRXvnhP1ANOTfJ1vEJx48hlWUmfho9Au8UmxpJ26kpm7pQ2NOJWRzUMEnXzHa_KSnpExSnyfiR0Od5ZqR7IAoqBkjgoID8LpsEA6_p1dgimDxYvpM8a7PC1rMGfiXGBW00e_2ZIBhXWJKUZONGMAJNXBAoN1r7TDG2VHOS61vkmf8Q5b_NtYOExP289toqX0YTsBfIHs6j6jrnL_3IHLrRAfQJbfO2U1yJbF_sunDhR46PzCmkepNcj-UMSY4Wb3h0RdbdhZI96raQvW_5rvieOPknhb-oPJXiaxV35cT55UZy05jKclCvqARyWRyg5iu12lBrNxBZQaGxTguoF2mJMXXf_A7RSvEGy19ZoW0l6SmF8KBOYJ6-rjZhFq2AMlPJ_Pe4HpWxm63CDP0whjy8eP_1EG72_YfrHTq9vd3j4CpMT2_vc554Iy_sNxYPsV0mwQ3lboJO0Qs1JezawuG9fExPKouvltB3rXBtztfBmEF4OHU0cnEAAZU0vrpcANCK6cs3TYAyfZUMkjvB_-StyJoeo_T0FyaPKFeARG09VbiQhrS4N1pQ6Odpi2MI0loUfIGtoOR4LD-wPIb0SscrA8O_dD4UWU4JRbh_nfXe6hzKhwAeM3Ib7CuD0bu5_icRebb75m1FCu5eQYKnYorkACH1rOLXpqwjXFBrmQ4RNjQCIk2jMKoTW6BOuhi50ndnJGkcK_5-MYkFPhE37g-UKvfm5pGLgxraCeQDIOZwk3TwSq1mEQ8Qwca2V5Gw2qyP0yAd5NIoRPlEuJPGKjh3qHPiOdGr9RHU9y7CFDZ8dsqi0LW91aIghY8xrrVWTvy86YmZTJOjCZV2YQRxHfmS_UNzZg2iNyclsfe2FoUFwvtEsI7z71Bd_6nhiS4rWAEz8SHT9a02VogGzz2FccfLeCvuTrD5gwwNDXKljPJ69-7vdiAkXrjqHQOLgIqjbCRrqhKje9sUapBoBjccZzI8l2zTaySEJ937EPJ6hu5wbsgabjNUHYpx8kyDGpofOL75nYwqRw741diRrClD2FAHPuht1v96ySWeTL5uBu8T0J1OBL9IDcHqPfM8D9q3ilsJEeR_NQ0V53UX9_1Dz0bFQpNusRaypEuTqqt5eIRkYgB2XA63rTWLeeQONEiIGmOPVzazbZhIj8aY2sengnGSB8JGol9LIp2EvmErDfuyC2wzmhlXMgIk0t0MRqj8ebDx1UT5Les4FoVdEia5Ue-1i06-v71hGv_kYGS-D5OhxcwoSOctsy98ELW5C8nhRIYLLFlv9_SHSSsQFInUzXJW7RRACMOIojQ8iA-UiimhDgULXIC4qFAdHbenxOKY-ViAgYDAqJRNWalm9cu1GEllsUanhMOb47JZNwsX3Id_MmxqMfuXRA7f4aqHUEFGDRGp2NEFfvTr12WqY9vaZx2MffwVWSYgropmxhm6_MNCfzscME4e-1uuyp34-axEDFOgU7u422HV_vbq73HMhUfqCWmqHvb3ijltliCQxVwvaRJo6K6sX7aBbf_UJ1n3taGhp74QOwjIYF7LGYAPMc4EPNrMqv1A423Se_8KLW8H1a6gjh5S4DrsfOuGquXf73ExqITZymq-qTRh7vyu7Ae2iSjnfq34e1fTOEMquZzPYIS5hscP7wlrJndU-QkFZdQ_B3aXShmbf6rd0-xYA-Q5wTe2VzmUwB-C-fg2TPUPrJBgFAJ_ZP-zmUXRe3JJUUrkJPIM42y73Uv2jlu4elNpsIsQ0YGEJlPX6zkFvHEZZY9grdoEwPyuscC2wx3jSfIyNQm1JV1EliCv3jN_ErFbo8TaxJc0QjiTkoIZUihtys0za51oA-WO7nHcJdZBzZEb7GueIG5WT82UyvxIi5n9lWsbOlOpnm92uN5jEDEh82-TIvfE-CBvlN7dWePqtGpsnF2GpTj8I0sixevxWYmLc_zJvUno_7JSkJwsTJbCNxera7sF5G2Sq-XExnCSIZmD8cMikBay51wmp-eE0F-eG22Ft0KFPl8A2VNVqzZw_PHLxO3n9tCSwAxuWIfJO_DoODKQ4_lxQTYQVbYn_shZ0LFFOUl9LIWwUU-3zgYsYGa2hWRaK5GO_5QAs3weAbV3tC0JqRUE8hpNkmZkdNZyYLeDyHyGOcUTHXmSwyx1hrqZlTt6KF3WXQdQwgU6prsb3QDPnAXXxpR4xQH0mQjxU53svscX2PTv0TxlM6eDD2nCz520WFtdDNa8JnDMSLLZaMPebWcU68M23Dy-H2IuaAijNj9AqTbX-kYGH__4vwZf4orZfSZ8Q9uSghJfyUSHdC0D2HmFne_UoPl38wnwyIv6vPqfzcHqsVKA9c_XNWMoWAwVyJ5z7PJxxShC0_Z_aqXU30Q_i8rsw0K2RuqAYsfP5__mEQyuugrqO6a7Bqd7F_MIOGCS_xfgh5zPI2z6UyRFpKkNeUUZx6y-XczRJRF8AF1Vb3xU0h_HHQdKwZlq6rhv88eSYljk_0wLyNZbMpP9w58eM8OoHZQgyfB0cANPBTqYbAGw3TGWa_VH1q3hWfqQY3QB5DYwDfde5Nygzu5eo39FI7d4gSbA8c_WlmUOBtxKXPg-oLKCA4uBsKzGi3TxSFZetBJ3nB5zfaAJAsB0v5P2OD74tQVla_5SiyDe95k_FNhcpLHRWsNaU9rcTxuEIbCJj5srMjBdD&cid=CAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g&rfl=1%2Chttps%253A%252F%252Fturnnewsapp.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 12:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 12:30:15 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame C33B 11 KB
4 KB 47ms
12ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 86c09ce52265f69f261b0345c66deda9629c4f6ba01db06b3c8ba291173e912a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4041
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal90004.redintelligence.net/ Frame C33B
Redirect Chain

https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

99ms
77ms

Script
application/x-javascript

138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d14b2ac30a17b7a2196a5748d1f2cb68eba2ed4cdd63937929feb638d5b911d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29485500073531004444554011942004
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 857
Expires: Wed, 27 Apr 2022 12:11:50 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 27 Apr 2022 12:11:49 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A447 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 81694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 12:30:15 GMT
expires: Wed, 26 Apr 2023 12:30:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26DE 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnnewsapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:11:47 GMT
expires: Thu, 27 Apr 2023 11:11:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame A447 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 10:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 10:20:43 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 84 KB
18 KB 38ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4939e81e954b3b155f7d534f527668bb443077fe4f867fd2799293954ca6bc89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 489070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18756
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 19:20:40 GMT
expires: Fri, 21 Apr 2023 19:20:40 GMT
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 26DE 0
0 76ms
76ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl9X19SRpYsi_L46K7_UPmYCgwAzVuJDdaf-OouWlEJ2ArImIIBABII2E_ClgleKQgqAHoAHpxaqdAsgBCakCxWIdQTnesT7gAgCoAwHIA0iqBLACT9BFkbZ4wqjHIqlcyWQOdKutX6olERueFmVnp_b7_bmVDk8w0l9LvnAdDXLj7cgdO5bQhcMP1aOYhYpI0GLk5riqWDTowrggZZE_j5lbNrRFhPpGo0H39HATYXjGbyQyTBTBWhofa9gRueEPh1EgQgHaTPOE_M_QfBh_nqVv8p6ACb8B7jm8v_C3kc_1T3u5q6rNlF8dcX-tWvIiMsJx05nyt-I64-EyHcO8GVuAPoteL-hYUzfA8ZUl4KUI4U5ljj3EWBYqkHi1EQCWtFDjkzlROyUFWtBUNjErJ1sxU6FSzyav3Jgd11fsmeEZIPv3CxEzj1q9l2VZtmP7YdCMPdHNOjcgBMVBIW3y3gJNX_65nPf-6XI-fMU1k8s0SbST9DfeVc7dFYQSKfBV6y5X0sAEzbGg8KAD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_-51eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtscE0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTE0MTg1Mjk5NDg4NzA4NTcYneMh&sigh=uciexwKHdW4&uach_m=[UACH]&template_id=419
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame 26DE 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:07:45 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 1607
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29485500073531004444554011942004&actionid=981741&produktid=&dt_url=

0
630 B

63ms
29ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29485500073531004444554011942004&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 11:11:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 27 Apr 2022 01:11:49 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 27 Apr 2022 11:11:50 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29485500073531004444554011942004&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA9:95BA_91EFC182:01BB_626924F6_36A4A50:2080E

GET
H/1.1 200
OK request_content.php Show response
hal90004.redintelligence.net/ Frame 1DEA 7 KB
2 KB 38ms
15ms Document
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95be137c8b&subid=&uid=709a2a886d7a5b91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl2lS9SRpYoaKEdyT7_UP37uo4A-m5b2gaa2VnKfJD_AuEAEgjYT8KWCV4pCCoAfIAQmpAkVLQaIb0bE-qAMBqgTmAU_QmenI7gYvXpI-8NSUrYbcJ0bwylV7j3qb8muiC-C8JtQLXVgZpak4W_OuG3LrfLrHDx80z1tLsfainnlM13-XxQNGbVHKy1otQW_mO9q7vmwWxYZlJ9eJrOwKuqujk09qwE1WbDviTuJR6updk84TklmuIYRZulEAOV1NsV8Fa440XcPnZcK9OGVOMPc5iMoZiggsOAlnF0d9nAv9jx3gRgGn2Y6aszFREewul3Lsq9DDDVxOwxiK2oIZr5bt0sfmIoNlGzXnIykZ0KfjEPUX9CkZDVDg7-ELC-gouaivswGzTFUZwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTI1NzQ4OTM0MzA1NjMwgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g%26sig%3DAOD64_3B92XOTAFPUMJVQ7xlXk62F-fyDA%26client%3Dca-pub-1418529948870857%26dbm_c%3DAKAmf-A8y1985kl3FIW8LiWOg0Pc93Adjm1h2zy7uREfREa_uUtOd46eaVyOm_kEOM54Ad1RlYIxccQ8GY7MoV2_8MWrQKRl3CTKT_KhjkJuNBfQi5u1DDHENMbAfOq5OV4_zl8oxxOTt4gIE_IZOYFdRx0KGmhLsw%26cry%3D1%26dbm_d%3DAKAmf-DQbL0RsBGLxYsENzNThcmpnYqv6uhN9UifDvdxeAfkmSNhXopRnUl2XcWx7uHQAkiFTWp-VvYFxBfgTnwKYOtb0NSOphkdq3BfzwEIldLEeUtp1R9Bvi65bfBGywmnlgp4dL_eWH59yEV_AsNN0SiWA368wP_kfVg0njW4nF8BiGIPDsYCsa_lV4iiTIqWf9_VSDAIY1ckgLdXlEMqKT9-8w-1_enPEOxmrZkeMnlH-yU8WHUqMIjWKz7GMheXSILBJFbzwuhnOUtHUfRQi23SP4dGmHDy07xWpl-V1D9sys9xFdTW0T1_oOoQ8JR5z5zsdETFjyMKrn5mHu-0ysANoSXhvZEL58MZVSdLQCeLYZ2cTLs7YogKGblcADy0QWXlYjF_2nYYrkDqd9K4O_ImnrJXeW13l1PECA0pmMasfLcaJARG981iEEIRTI4wVwbO1q4LBoMbQ2SokHkLT6ZnFP9QyzMkM3Gtk3RJPMb7QubMGRc_V0Ndy6-l7IjBM9tLE1yxPJuO00nQwMoQj3SszWrg3p765tomBAJD4jsvjkaGJ6Q%26adurl%3D&documentReferer=https%3A%2F%2Fturnnewsapp.com%2F&ancestorOrigins=https%3A%2F%2Fturnnewsapp.com&random=3112547155683&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6c174bc03fb413ebd8092f262b5a599af2b84af3c030132d22f1ac0c1e4257de

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2041
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Apr 2022 11:11:50 GMT
Expires: Wed, 27 Apr 2022 12:11:50 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C33B 43 B
702 B 96ms
15ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=29485500073531004444554011942004&pv=1

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:50 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame C33B
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29485500073531004444554011942004
https://ad-server.eu/wm/pb/native.png

68 B
312 B

148ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:17:04 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA9:95BC_91EFC182:01BB_626924F6_369D227:2080D
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C33B 43 B
702 B 94ms
13ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=29485500073531004444554011942004&pv=1

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:50 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5AFB 1 KB
749 B 40ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 27 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C33B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7deb164c93b66ecec1ba20cd76e4e36f69dd95c8a9df21534773cc60c1225720

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 1BAC 222 KB
61 KB 116ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1BAC 16 KB
6 KB 167ms
92ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1BAC 96 KB
29 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1BAC 5 KB
2 KB 170ms
96ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1BAC 42 KB
13 KB 172ms
98ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 434432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BAC 3 KB
3 KB 36ms
36ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:18:56 GMT
x-content-type-options: nosniff
server: cafe
age: 60774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7688947696963022458
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 27 Apr 2022 18:18:56 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BAC 344 B
374 B 37ms
37ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 65565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 16:59:05 GMT

GET
DATA 200
OK truncated
/ Frame 1BAC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5785f0ceebc7aab81b1e36ed5b0469c5f112c9568639d6f96800c392c1dfe8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 390894630025702174
tpc.googlesyndication.com/simgad/ Frame 1BAC 6 KB
6 KB 42ms
42ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/390894630025702174?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlfNazMhwWQZiXgfunY8wFSWOXaqw

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeefbe43719cb0f605b9894fbe79778c1c641cf69b5b49aba1257d8f76eff31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 05:26:11 GMT
x-content-type-options: nosniff
age: 107139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6010
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 13:51:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 05:26:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1BAC 0
0 45ms
44ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR97yIbFUlIvxSzT4imzP7zquWhfikxf6AR2gdniRYDsROI6QV_8gWy592SxVgDaSHWreNxn0dcRrsqHDoDEpeB2DMmIg
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1BAC 0
0 73ms
73ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChfZw9SRpYrCuOMek9u8Pwq-P2AvQ75y2YqDMyfK-DLCN69LYGxABII2E_ClgleKQgqAHoAHgwdLQA8gBAqkCzyPgit9Jjj7gAgCoAwHIAwiqBLsCT9BLACmrW52za6jwKWktSdiHSAELWhFfl7ymjqLFPOnxpiPeuzJzz53GhGkvjKvkNHC6Foj1Lg7NjiCtw5bCof_xaXoZQpD_S6MYWYc5pmjF9Gq9bMokueRnn0Z-wC50FqfVmO8MnQUrS69yxfS2T_bM2ezKlqHx02p1XVH6un43l7W6nE8xSeVLF23ZZHQK-1RaHYC32u5aOmN1l_wsk0d8c8zcc9ZcmRKF2GYpdCbyCpNxNhx3pwM_pK404Dov-_se2XV07LqUtpIO0g1Jpg6ktdtav9PyrjH0gPVFczh6Dh9-E3UsZzXN2V6qRmvoGVK9voa7shDxH-EHvhvoo0_C-_a9wbzwDOp3fljEMGRsgm-FvMHhCRhM-qqTsxcVHYvvi4GEJRnhJipUsapiaWrHkigbIhbieJduwATF_uq_kQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHiL6tL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEICAA9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjUyNTc0ODkzNDMwNTYzMIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xNDE4NTI5OTQ4ODcwODU3GJ3jIQ&sigh=NTQWvvjMZH0&uach_m=[UACH]
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7A9C 143 B
163 B 117ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 11:09:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 26DE 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:05:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 26DE 15 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:04:50 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BF1F 16 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Apr 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BF1F 26 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:22:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1DEA 4 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:41:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 11:11:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 11:11:50 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1DEA 14 KB
14 KB 94ms
70ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 9ae1a17b33208639630ed7a38b0f5288b6f7d4fcf2b7f3ba7b36dfaec3b19008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14129
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1DEA 16 KB
16 KB 91ms
65ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d739c033325e9068ec77411c0712871eb44b7d595299474260ec9b1fd1fed9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16247
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1DEA 17 KB
17 KB 38ms
12ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7b845f4d8eaf4edb01ca84a87e147a73b7fc27e2025222a680af84e471f4c720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16814
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
104ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042501&jk=3097979240692502&bg=!_f6l_rrNAAYXWUUuN1k7ACkAdvg8Wg_AqffNoYJAEwqE_MpINCO6IxaT0lspZj2A_VBvy8nuY5HluQIAAABMUgAAAAFoAQeZApx6lJRvybz4Ew0_Mw2WQs7p1jVY8oZIRvmI3QBr0OZsrF2oSNlo3M40mCcAvcMXDhuotzLTLZ-DDbOi8l-sSWTjVSkRXoRghyiRTkIJ_bvP2TtDmMaMAbD-jE_VwDb04IubtLAie6gt2MOyTnBVkWGaftXKit0CMEs4K9LmiBmoW56la6VwtRL7x4jqQJS4RcI-NDdCFPpg6Q3yRSwvWRxmr9zFuoGucWV8XJNhn0SR1XJ6-I7mspDgv_uAOFbQ5OHNRDGSOsLTYPvHywI3n8-A4rMlj3oiiCoOGh0JhXw1qEDVNL61PBu0rAuJNCLLk9kJq3qEi_yJMWqptypNgUEfQAOXq7B98cKKhC2t8UgbfaHN4uFudEfXFYQMxpiebhm9PRc5BSOzLmat7Vmlxg-4fSl8M3YmNhlKcBMJ8__9ctnu1bT67tBwSsPcHCzvdR7TRJDzW_HrK2wahVDSmCG5cjbbwqZvhYoPZVefF9Jm122uc4EUTEU8_1Gym-x36KTVRGiJ3fcX6wpnXBKbBvJi8MN-BVsnjmxYg0C6368-XtfJ3rrOwz2h-SruGgbDPhId77VmOYsazAO2L_FDDaHo9NuR45CSovOmKCeZJUrCYMfcDwrvTPZCL4coidcv4ud2omB-KXgL9mjbm0c6Wbmxls2J-A_x_U1jH23YylL_4ufNRVB2Q7TsFfuiTUFN6AwLYNZGRcZGTOrNncf4yEVvomGWMQ4tmS5Ix0j_NUqG_LvQ5RtjDnL2p32JcrcExhOgpmpVK8r32F5dL3KRWgGGer5dr3kZwN3ZXeHwB3IhzHep2NOszIhTA9HfslD0hBKfZzunvf8CNAM3S-X6NVX-SN6I3Pgf-zC9KQm1Yy6pfsGBvAdIfpcOUpoLTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET /
google2waycm.netmng.com/cm/ Frame 5AFB 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5AFB
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ue...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1razlnQUFBQ2pPYTFiag&google_push=AYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ueSEBhmJEQ7W5SMe1T4dmpXHW607lynrZfNC_nGQxP0NypAyA6uzOPlR0E

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1razlnQUFBQ2pPYTFiag&google_push=AYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ueSEBhmJEQ7W5SMe1T4dmpXHW607lynrZfNC_nGQxP0NypAyA6uzOPlR0E

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1razlnQUFBQ2pPYTFiag&google_push=AYg5qPII-9al4QoD0vYhuxSBzZDSRDtE6OsM1ebB_ueSEBhmJEQ7W5SMe1T4dmpXHW607lynrZfNC_nGQxP0NypAyA6uzOPlR0E
Date: Wed, 27 Apr 2022 11:11:50 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5AFB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NGJySnhlZFcxTkpGQWk1&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-L...

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NGJySnhlZFcxTkpGQWk1&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-LytiAu_yYWt3QccDgP9yCn37DCfvWsTxDOEU2gSHLz1PvWl6PLvxZ1

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:49 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-022b0454a7aa0bd60@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NGJySnhlZFcxTkpGQWk1&google_gid=CAESELuk0kJ7msHzR9Il0AvcZ80&google_cver=1&google_push=AYg5qPLwkE0TqRzMV_bUo-v3tzyEjmcJY0CTxbhCvFnVw-LytiAu_yYWt3QccDgP9yCn37DCfvWsTxDOEU2gSHLz1PvWl6PLvxZ1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5AFB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIYv6BHy16Www8Ej3ja5S1M&google_cver=1&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDkwWUQtMy00MUFB&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2OvbvYREqMkX1cqhKdKVAtZVJ2

170 B
188 B

80ms
80ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDkwWUQtMy00MUFB&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2OvbvYREqMkX1cqhKdKVAtZVJ2

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJISDkwWUQtMy00MUFB&google_push=AYg5qPKeTeLLzEH77u9wOgwk1_-8wAbp9qgtww6SibP-KAjaNEdj9M8el013KfueeSQ_LR9lhk2OvbvYREqMkX1cqhKdKVAtZVJ2
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5AFB
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDxSm4CZccqxi6lICuU2GaE&google_cver=1&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxP...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDxSm4CZccqxi6lICuU2GaE&google_cver=1&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxP...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo&google_hm=570c633ba5440b67e81919ad

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo&google_hm=570c633ba5440b67e81919ad

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLy6w7VQOOOPMrqgP4-kcY4K23wg0onDJTH9w9uY2fg6jHnbKWGRML6DRXOj_sKhavBHyWVC44a8XN2wXTxPrVT2EbTHbo&google_hm=570c633ba5440b67e81919ad
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5AFB
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESELUNQC-BAknSGF1d6CVkW_Y&google_cver=1&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLaGhKuNd0VDEBjEeekxyRQGLZKm6NaE-X9__ixwEb7aDFtjnUVsGXedOVU6UuSSeQuh3XETzLRrPT_DM4ofLzVogLvNljV
strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 5AFB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELUNQC-BAknSGF1d6CVkW_Y&google_cver=1&google_push=AYg5qPLRe7g6GDbyNjNnuGY4HCQFGX0zR11_AJe9iwCEKZD25tC1fkCGCukqFxv8Os0JIPuBOsH9QKaeRiZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLRe7g6GDbyNjNnuGY4HCQFGX0zR11_AJe9iwCEKZD25tC1fkCGCukqFxv8Os0JIPuBOsH9QKaeRiZpU2anyLtGrkRfWLtjbw
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

7ms
7ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5AFB 0
12 B 40ms
37ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMZntT8Fon3Ir0IaCyOj2p2RLa-KtressRjZpG8xcZ1BvUsnXzvYsZhh-3SqjKUFSh0sxPNg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 l
www.google.com/ads/measurement/ Frame 26DE 0
0 49ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQWISlckC-aV0oWFP6KSLw-b89UCkJZEDcMpkIgszxy-ahet-geV_ollbstatB9C3Eid0fN5w1WdiHtZusFrpIhij8LA
Requested by: Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26DE 119 KB
36 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:50 GMT

GET
DATA 200
OK truncated
/ Frame 26DE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c110c42f3e63a9c70d1e1ddcd7e0cd313fde600cfe88538d385c3a64cf4774fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A447 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuCu59SRpYvzdL7qV7_UPsZCqsAkAAAAAOAHgBAI&bg=!QUKlQgbNAAYXWUUuN1k7ACkAdvg8WsEzMbJNMkRohwNncVnKLY7jjvsBCoj8pU79zNDb4e-l12wtfgIAAADTUgAAAAhoAQeZAuqxq-7B6IuKlpenBiGF-1Rw85FaIx1OBqheEDRpgbLkG1RuiwOEhkO4fEdI6rgg_pPtXgVyYw0aFf-snAVOo7MgfG5CNPeoypgSedTnEYpMFcJ2vSJ1xINrj9QfIrAGZiy9MkPwEM49UqKdxkuv4PM_Gl4bApkx5gGCH5lMXLLnm7wLEUTQSb0XToUxVdo0uNMNsMZpq0yZ0OzDLO7vOlMnPN4s1-i5qrjBQnI_pisbYgu8z7YMTIjANCqxF3NsoT1ew4QgGo5tJVz4bsYwZv-zcBfcAxl77Hik_1h5i_O_faJYpXvARvrsP-UCtwVRIHWEvzjnQLAtmXQs0K_ChLDLIpdfhevFfuCdO0H-X6s2ZZ7mcl2zgKJkZOArVlTXneH--D4F6P-HdXr_b8t_Nz7mgqYJ-gKA5zJQKmNaXq7hV9sysXeaMDOIzeN2DdcLXTJMYTgjHT4OqOZWfnA4PYK1RSRWBDvA7GOLeVHrWUPde5m7stOq0wT3IZ-lHFvw0spHc4cDh-ubW1p2vp3hPZDZ523scbpvGK0i78jzG8mbzwqsPSLhv2ntxU1jTQOSrrmnDeUWh3vKvTx5T2RDbj9tRUe8_qIIrVg9A7nP5ahlhu0Kbg5hYmWFQWcHLhmfK7gYaIDVDuw3re5rI1eVBXdI2FgcvVJJS6q89wBYAF3skTh5tSwK04iYFA1OsjcR7H3up5wE4OncnVx_OhURB1xGwn66igO-E9v3HkP5Ym_Jf-WTTWOeW4k1BLVjgMGzKoZasbg7CnKYxdG9W46MJP3fBvU0F7Y4bsXYBF6amVnJkX7NnJ_vSsySV3Sm57ny4d82wquf23NsgfcuimcVS-ZRdxHHmP_M3CFIA28J-7TxwxkvMlxk573nP62exPMH2phcmlxR_f0TlzzAk9sjd8QBRUwKtIhl13IyPhEpstE92sGX-bLQgqbOpFleOZTuHvKYxAEPlUwUIecVYmTamNX5o3PEQrbMO6nDeQ

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js Show response
pagead2.googlesyndication.com/bg/ Frame BF1F 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13636
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 10:32:14 GMT

GET
H3 200 txt2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 7 KB
2 KB 38ms
37ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/txt2.svg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df25d60d2186fc1cf1f7bf143b8c3a5d37e9c905799b9463704e3c48021ad47c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2286
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:51 GMT

GET
H3 200 txt1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 36 KB
10 KB 39ms
37ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/txt1.svg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9d4000150cd588a65420f6e8075dbae49ffbca33b9ea95e98911325928b639

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9930
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:43 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:43 GMT

GET
H3 200 ES52.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 10 KB
4 KB 40ms
38ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ES52.svg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1965712a76933060073565c02d2e7da9a542221a95a065190f76cc3e3220b111

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:51 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 3 KB
2 KB 43ms
41ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/logo.svg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98bfe854c0ddda02f24c857eff60b77d3d4ef48fac11d068f38560f74a404f5d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1531
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:51 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 2 KB
929 B 44ms
42ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/cta.svg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79b4e8b7e931abc6751bc59add6c3c1d5ebb560d70ee9be7360d602d5706d45

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:51 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:51 GMT

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 35 KB
35 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/img1.jpg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3636504ddc9126f902c43019189e7000b2ad83da77a2360f071e3118130dc968

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 489070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36042
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:40 GMT

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/ Frame BF1F 32 KB
32 KB 47ms
45ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5477305715179926435/img2.jpg

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da37c85b3b4789fcb1b1488db14c6ec7bd44aac75595e12bda0c4d11ce5d571b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 489070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32929
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 19:08:28 GMT
server: sffe
date: Thu, 21 Apr 2022 19:20:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 19:20:40 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1BAC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

90ms
90ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Apr 2022 11:11:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame 1DEA 0
150 B 34ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=29485500073531004444554011942004&a=16958245&vb=m
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7A9C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

115ms
115ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 11:11:50 GMT
expires: Wed, 27 Apr 2022 11:11:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 11:11:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 1DEA 13 KB
13 KB 131ms
46ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90004.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 580061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 18:04:09 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 1DEA 13 KB
13 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90004.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 580100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 18:03:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turnnewsapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 76ms
75ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3097979240692502&correlator=1355246634287010&eid=31065714%2C31067190%2C31067279%2C31067287%2C31064225%2C31061829%2C31062931&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=21692124366%2Cturnnewsapp_content_video_1x1&enc_prev_ius=0%2F1&prev_iu_szs=1x1%7C300x250&ifi=10&adks=1650767758&didk=208344818&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie=ID%3Db125f5596cf3c33c%3AT%3D1651057907%3AS%3DALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw&abxe=1&dt=1651057910738&lmt=1651057910&dlt=1651057906057&idt=876&biw=1600&bih=1200&adxs=215&adys=1565&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&frm=20&vis=1&scr_x=0&scr_y=0&psz=798x0&msz=798x0&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=370995894.1651057907&ga_sid=1651057907&ga_hid=1385509129&ga_fc=true&btvi=5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1f84b25e53f861b707fe26845bbb9d9412d09fed0b43e8cf453e913c1d95dd5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8685
x-xss-protection: 0
google-lineitem-id: 5077667016
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271632092
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turnnewsapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7CEC 0
0 68ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6m3WTjrZb66tfJ7OtvV7ZjsBZcdc63qMdSdKxl38_nMM1ugQ8q-gufxT8oJWTCT9SjxnIV4DHdjnuT6CmzlmQzagR8QPVDTRGTXYVUS-xFk6WjOl85Ou8xsoC_GmugzskRXYkLSkOZoyHPi41aW02bNxqF2sVC_UerX0QqgAB0HWqB2QXWoHv6b1A2FNCKO6jEZ8MyXfFDCzKdmGN1mx1b6p3SWfUTG5pMIyTK7O8IGA80lgXYDXHRkV4xPXLdJAeksQ715cQ2vgmqqmdTbsIqWyF1LWyUPht5h7t-Yju-Fu2PLr-6vjVKiE9UAKpJ8tK3eBVIoP4BFkviQ&sig=Cg0ArKJSzLgF6uZ23_nmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.php Show response
stg.truvidplayer.com/ Frame 7CEC 977 B
758 B 135ms
98ms Script
text/html 108.157.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=2903&playlist_id=2086&m=a&cb=7826634941951602
Requested by: Host: turnnewsapp.com
URL: https://turnnewsapp.com/livenews/finance/@@www.chinatimes.com--realtimenews--20220426003222-260410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-35.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b1d41694913007e67d419c5bfe36d249faf78e61e1bdc3d6db5cf2ea8a2e073b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: CeY05eJMrzlCKxovGlVRgzedekXbO39kXZbpKNDEUr-WSZzycxjGnw==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CEC 119 KB
36 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:11:50 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 283ms
281ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/turnnewsapp_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Wed, 27 Apr 2022 12:11:51 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 84 KB
21 KB 1147ms
598ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&&device=pc&media=turnnewsapp.com&extra=windows&agency=adgeek&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=a3bd76c79cea9c5a2971651057910874&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiIlRTMlODAlOEElRTklODclOTElRTglOUUlOEQlRTMlODAlOEIlRTclQjYlOUMlRTYlODklODAlRTclQTglODU1JUU2JTlDJTg4JUU5JTk2JThCJUU1JUJFJUI1JTIwJUU5JTg3JTkxJUU4JTlFJThEJUU2JUE5JTlGJUU2JUE3JThCJUU3JUE1JUFEJUU1JTg0JUFBJUU2JTgzJUEwJUU2JTkwJUI2JUU1JUFFJUEyJTIwJUUyJTgwJTkzJTIwJUU3JUJGJUJCJUU3JTg4JTg2JTIwJUUyJTgwJTkzJTIwJUU3JUJGJUJCJUU1JUEwJUIxIiwidXNlcl90ZF91cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJ0dXJubmV3c2FwcC5jb20iLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjUxMDU3OTEwODc1LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&alg=ltr&callback=_p6_9629b0073496
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/turnnewsapp_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 1cc4a4a26226fd2a5a511023e25052bcdad620e03bb90f5a5840df933c0109d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:51 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 154 KB
42 KB 531ms
531ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/turnnewsapp_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Apr 2022 08:36:23 GMT
Server: nginx
ETag: W/"9267ef3f59cd4d8de5ccc52b18079758"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: sVvalQm6suT60X6sTlpcRHr4race4PAb
Expires: Wed, 27 Apr 2022 12:11:51 GMT

GET
DATA 200
OK truncated
/ Frame 7CEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59a09748df17186f7bd3f495aef9734f2c6f7a0a721c179b19f7e9de7772ff34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2903.js Show response
go.trvdp.com/init/ Frame 7CEC 23 KB
23 KB 119ms
28ms Script
binary/octet-stream 2600:9000:2315:ca00:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/2903.js?pid=2086
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=2903&playlist_id=2086&m=a&cb=7826634941951602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:ca00:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3e4b710f88c78e63f45f34dc7b9e70d86834a78ee942060074433aae519bc64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 11:48:39 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:05:04 GMT
server: AmazonS3
age: 20301793
etag: "35674c9aa670cada1b9eaea350f06c2c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: fWoKLf_VRjTbqlJKWPlY7z2Wb2MeLLtNRb27odCDML0-TwXPUg7XrA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7CEC 0
0 134ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLyamJm4PXfJLLVfV9LTf4iJ8Ph2LXLWAAR68bV4JuLDoPZjj6wxbjXlxGkL4JoRTsbAjYcS_fRbQfmWJ8FbK6Mk_VlTrTXJP8yQCpQh4hNUMONrDbELgIyh-KNvO05Gi1PG_AMUopNJsfRrFq53qujXo42pI6Gvf16mN5qMm7qqJQBigw3C3fYE5D7I087zSdmyYl1IsLfw-YQ3cyXZ7kd_YrJWzFrK1Zu46cuRvhOXQ1PwkJ6IC_-abhJ6sW5vmoFZsh7V6ULzgxfCXJBi0TK6qB72udMUDV43RMOZJbgxffvXAQ2R2uO1NaU3T55SBJYWk6sJIoLCGcvyJu&sig=Cg0ArKJSzM59P88IG6mFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:11:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 27 Apr 2022 11:11:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C33B 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4pFK09UFi73Yspl9rzn7hObemzEa5BJK3CZZccbTTYaIgK4dg-sgMxiVUzkXP9YxwZWQFcmfNwpqdcD7nKj2gK59PvwgptzV1yVpm&sai=AMfl-YRqr7cE46jsbave0Wb_ohvHRgY3cLX3lcgIMzwziWTZsnFUIxQ8sH7L04iJekv_Iz2KiuqOVwfqZnEHNUduA4SjaFFtxR4twq3KVsGxO_PUCTGU0FADrXBRpk_H&sig=Cg0ArKJSzHLzzMRCAKssEAE&cid=CAASJeRoCLm7hNHEwwphdPDcovkAjYftYvqBwHgScimfjqZtBAsdZ8g&id=lidar2&mcvt=1000&p=589,1064,839,1364&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1443420322&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651057909611&rpt=521&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ Frame 7CEC 8 KB
4 KB 122ms
102ms XHR
application/json 108.157.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=597&wid=2903&cb=1241.160285776044&pid=2086&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/2903.js?pid=2086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-35.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 86bec00011fb7bf3f60c6c870d4c1787e94b788f811aa03d7496ca803fa2b3c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:51 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://turnnewsapp.com
access-control-allow-credentials: true
x-amz-cf-id: XKD7J1Q4OMk0Z9IJz9aHjISjIPn_FU00ujODhcWcik8wflWxLkmSPw==
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 75ms
8ms Script
application/javascript 2600:9000:2251:e000:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/2903.js?pid=2086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e000:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 1197095
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: vRND_kIDPEqjpYwoihTMls2MAGTdxZpJ5rW7KU6wEfMkptBYk_yDLA==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1BAC 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDCzRgu2JxuQJK9MrufmzCblMqIwUZ2_pnb6K0T-4XeSFIzTP2a7yzbTI6TyGennOX12UUQbnNNuU750z8Pptcql5HBD8y0DJ5yKqSUGUx2nCm18aC2RQMmqBkC4K5DLk8yOlHKQUGPOsW&sai=AMfl-YRNLOlrX6m3ltWh6n42Qy1k_RE6bmk8Z1iz7AtiJHcnIfGAq6enuMvaNLclo-4g9rnjOxdD3EioUNaiDaKP5fe5hW1fkta57rSeXF7dpVthOXEhYwhz8vj5L5MI&sig=Cg0ArKJSzK2Ib6c8Oj9IEAE&cid=CAASF-Ro4qHW4MdeaehBUUDn2D-uRau2EKHB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=308&tls=1308&g=100&h=100&tt=1308&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:11:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 54 B
726 B 573ms
171ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=turnnewsapp.com&l1=2903&l2=turnnewsapp.com&l3=DE&l4=desktop&l5=5.742&cb=0.016640084486581275
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.742/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: cda446aa5202736d9e2cd7d2bc90bbd1f1bf5fa2f8555303a88c548095226220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:11:52 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://turnnewsapp.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 54

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame 1DEA 0
150 B 34ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=29485500073531004444554011942004&a=16958245&vb=v
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=29485500073531004444554011942004&a=872bb70d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 412ms
101ms Script
application/javascript 52.4.170.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1651057912038&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InBjIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsImRtZiI6Im0iLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ0dXJubmV3c2FwcC5jb20iLCJ1cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsImxvZ2lkIjoiYzY3YzZmYWItMjU2OS00MDdhLWFiYmEtMDE1MDZkNmUxMWY1IiwidWlkIjoiYTNiZDc2Yzc5Y2VhOWM1YTI5NzE2NTEwNTc5MTA4NzQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwZmM2ZTEyMy1kN2E0LTQxY2ItODg0YS02OGZmNzg0MDdmZGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44CK6YeR6J6N44CL57ac5omA56iFNeaciOmWi%2BW%2BtSDph5Hono3mqZ%2Fmp4vnpa3lhKrmg6DmkLblrqIg6aaZ5riv5Y2g5Lit55m86LW35Lq6IOaItOiAgOW7t%2Biqjee9qumBleWPjemBuOiIieaineS%2BiyDnlqvmg4XljYfmuqsg5a6F5ZWG5qmf5YaN6LW3IOWcqOWutuWuieW%2Fg%2BWQg%2BWkp%2BmkkCDlvbDljJbniK0yLjblhIQg5omT6YCg5p2x6J665rqq5rC057ag5buK6YGTIOWFqOWci%2BaKgOiDveWIhuWNgOizvSDkuK3ljYDpm5nlp53lparph5EiLCJ0ZF91cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6InR1cm5uZXdzYXBwLmNvbSIsInRkX3BhdGgiOiIvbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjBmYzZlMTIzLWQ3YTQtNDFjYi04ODRhLTY4ZmY3ODQwN2ZkZiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLosqHntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-170-196.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:52 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 1054ms
259ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InBjIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsImRtZiI6Im0iLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ0dXJubmV3c2FwcC5jb20iLCJ1cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsImxvZ2lkIjoiYzY3YzZmYWItMjU2OS00MDdhLWFiYmEtMDE1MDZkNmUxMWY1IiwidWlkIjoiYTNiZDc2Yzc5Y2VhOWM1YTI5NzE2NTEwNTc5MTA4NzQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwZmM2ZTEyMy1kN2E0LTQxY2ItODg0YS02OGZmNzg0MDdmZGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44CK6YeR6J6N44CL57ac5omA56iFNeaciOmWi+W+tSDph5Hono3mqZ/mp4vnpa3lhKrmg6DmkLblrqIg6aaZ5riv5Y2g5Lit55m86LW35Lq6IOaItOiAgOW7t+iqjee9qumBleWPjemBuOiIieaineS+iyDnlqvmg4XljYfmuqsg5a6F5ZWG5qmf5YaN6LW3IOWcqOWutuWuieW/g+WQg+Wkp+mkkCDlvbDljJbniK0yLjblhIQg5omT6YCg5p2x6J665rqq5rC057ag5buK6YGTIOWFqOWci+aKgOiDveWIhuWNgOizvSDkuK3ljYDpm5nlp53lparph5EiLCJ0ZF91cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6InR1cm5uZXdzYXBwLmNvbSIsInRkX3BhdGgiOiIvbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDAuMC40ODk2IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjBmYzZlMTIzLWQ3YTQtNDFjYi04ODRhLTY4ZmY3ODQwN2ZkZiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLosqHntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1651057912039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:52 GMT
Last-Modified: Thu, 13 Dec 2018 07:24:27 GMT
Server: nginx/1.13.5
ETag: "5c12092b-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 807ms
261ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&uid=a3bd76c79cea9c5a2971651057910874&type=pc_pv&nid=pc&media=turnnewsapp.com&r5=ca_%E8%B2%A1%E7%B6%93&t=1651057912039&tz=tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:52 GMT
last-modified: Tue, 10 Sep 2019 07:46:01 GMT
server: nginx
etag: "5d7754b9-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1081ms
267ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidHVybm5ld3NhcHAuY29tIiwidXJsIjoiaHR0cHM6Ly90dXJubmV3c2FwcC5jb20vbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJsb2dpZCI6ImM2N2M2ZmFiLTI1NjktNDA3YS1hYmJhLTAxNTA2ZDZlMTFmNSIsInVpZCI6ImEzYmQ3NmM3OWNlYTljNWEyOTcxNjUxMDU3OTEwODc0IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMGZjNmUxMjMtZDdhNC00MWNiLTg4NGEtNjhmZjc4NDA3ZmRmIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuOAiumHkeiejeOAi+e2nOaJgOeohTXmnIjplovlvrUg6YeR6J6N5qmf5qeL56Wt5YSq5oOg5pC25a6iIOmmmea4r+WNoOS4reeZvOi1t+S6uiDmiLTogIDlu7foqo3nvarpgZXlj43pgbjoiInmop3kvosg55ar5oOF5Y2H5rqrIOWuheWVhuapn+WGjei1tyDlnKjlrrblronlv4PlkIPlpKfppJAg5b2w5YyW54itMi425YSEIOaJk+mAoOadseieuua6quawtOe2oOW7iumBkyDlhajlnIvmioDog73liIbljYDos70g5Lit5Y2A6ZuZ5aed5aWq6YeRIiwidGRfdXJsIjoiaHR0cHM6Ly90dXJubmV3c2FwcC5jb20vbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuMTI3IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ0dXJubmV3c2FwcC5jb20iLCJ0ZF9wYXRoIjoiL2xpdmVuZXdzL2ZpbmFuY2UvQEB3d3cuY2hpbmF0aW1lcy5jb20tLXJlYWx0aW1lbmV3cy0tMjAyMjA0MjYwMDMyMjItMjYwNDEwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIwZmM2ZTEyMy1kN2E0LTQxY2ItODg0YS02OGZmNzg0MDdmZGYiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi6LKh57aTIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1651057912039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:52 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1065ms
262ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwZmM2ZTEyMy1kN2E0LTQxY2ItODg0YS02OGZmNzg0MDdmZGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44CK6YeR6J6N44CL57ac5omA56iFNeaciOmWi+W+tSDph5Hono3mqZ/mp4vnpa3lhKrmg6DmkLblrqIg6aaZ5riv5Y2g5Lit55m86LW35Lq6IOaItOiAgOW7t+iqjee9qumBleWPjemBuOiIieaineS+iyDnlqvmg4XljYfmuqsg5a6F5ZWG5qmf5YaN6LW3IOWcqOWutuWuieW/g+WQg+Wkp+mkkCDlvbDljJbniK0yLjblhIQg5omT6YCg5p2x6J665rqq5rC057ag5buK6YGTIOWFqOWci+aKgOiDveWIhuWNgOizvSDkuK3ljYDpm5nlp53lparph5EiLCJ0ZF91cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6InR1cm5uZXdzYXBwLmNvbSIsInRkX3BhdGgiOiIvbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTg1LjIxMy4xNTUuMTY5IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImtleSI6ImtleTE2NTEwNTc5MTA4NzUiLCJub3ciOjE2NTEwNTc5MTIwMzksImNsaWVudF9pZCI6IjBmYzZlMTIzLWQ3YTQtNDFjYi04ODRhLTY4ZmY3ODQwN2ZkZiIsInVybCI6Imh0dHBzOi8vdHVybm5ld3NhcHAuY29tL2xpdmVuZXdzL2ZpbmFuY2UvQEB3d3cuY2hpbmF0aW1lcy5jb20tLXJlYWx0aW1lbmV3cy0tMjAyMjA0MjYwMDMyMjItMjYwNDEwIiwidWlkIjoiYTNiZDc2Yzc5Y2VhOWM1YTI5NzE2NTEwNTc5MTA4NzQiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6InR1cm5uZXdzYXBwLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLosqHntpMiLCJkaXNoX2RvbWFpbiI6InR1cm5uZXdzYXBwLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLkuIDljaHpgJos6LK45qy+6aGN5bqmLOaJgOW+l+eohSznpa3lh7os5Yip546HLOaciOWIqeeOhyzkv6HnlKjljaEs5LqM5q615byPLOaWueahiCzlm57ppYss5L+h6LK4LOW5tOW6pizlrqLmiLYs57ac5ZCILOe5s+e0jSznubPnqIUs6YqA6KGMLOWIqeeUqCzml5fkuIss5qKd5Lu2LOaSpeS7mCzpppbluqYs5o6D5o+PLOaJi+apnyzmlKTpgoQs5pyJ5omALOaPkOS+myzlj6/njbIs5pa55byPLOaOqOWHuizlhazlj7gs5pyN5YuZLOaXpeWJjSzotoXlvLcs55aK5YqgLOizh+S/oSzplovlp4ss5pyJ5qmfLOacrOaBryzosrjmrL4s5LuK5bm0Iiwidl9kaXNoX3RsYWJlbHMiOiLph5Hono3mqZ/mp4ss5YSq5oOgLOWIhuWNgOizvSzph5Hono0s6ZaL5b61LOmmmea4ryzlho3otbcs5rqq5rC0LOS4reeZvCzlrrblroks6KqN572qLOaineS+iyzkuK3ljYAs5ZWG5qmfLOeWq+aDhSzlpKfppJAs57ag5buKLOWNh+a6qyzpgbjoiIks5omT6YCgLOWFqOWciyzmioDog70s5b2w5YyWLOWlqumHkSzpgZXlj40iLCJsb2dpZCI6ImM2N2M2ZmFiLTI1NjktNDA3YS1hYmJhLTAxNTA2ZDZlMTFmNSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJ0dXJubmV3c2FwcC5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 808ms
263ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&uid=&type=pc_channel_pv&nid=pc&media=turnnewsapp.com&r5=ca_%E8%B2%A1%E7%B6%93|ch_pc&t=1651057912044&tz=tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:52 GMT
last-modified: Tue, 10 Sep 2019 07:46:01 GMT
server: nginx
etag: "5d7754b9-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1081ms
265ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJwYyIsImV4cGVjdGVkX2FkIjo2LCJyZW5kZXJlZF9hZCI6NiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ0dXJubmV3c2FwcC5jb20iLCJ1cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsImxvZ2lkIjoiYzY3YzZmYWItMjU2OS00MDdhLWFiYmEtMDE1MDZkNmUxMWY1IiwidWlkIjoiYTNiZDc2Yzc5Y2VhOWM1YTI5NzE2NTEwNTc5MTA4NzQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwZmM2ZTEyMy1kN2E0LTQxY2ItODg0YS02OGZmNzg0MDdmZGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44CK6YeR6J6N44CL57ac5omA56iFNeaciOmWi+W+tSDph5Hono3mqZ/mp4vnpa3lhKrmg6DmkLblrqIg6aaZ5riv5Y2g5Lit55m86LW35Lq6IOaItOiAgOW7t+iqjee9qumBleWPjemBuOiIieaineS+iyDnlqvmg4XljYfmuqsg5a6F5ZWG5qmf5YaN6LW3IOWcqOWutuWuieW/g+WQg+Wkp+mkkCDlvbDljJbniK0yLjblhIQg5omT6YCg5p2x6J665rqq5rC057ag5buK6YGTIOWFqOWci+aKgOiDveWIhuWNgOizvSDkuK3ljYDpm5nlp53lparph5EiLCJ0ZF91cmwiOiJodHRwczovL3R1cm5uZXdzYXBwLmNvbS9saXZlbmV3cy9maW5hbmNlL0BAd3d3LmNoaW5hdGltZXMuY29tLS1yZWFsdGltZW5ld3MtLTIwMjIwNDI2MDAzMjIyLTI2MDQxMCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6InR1cm5uZXdzYXBwLmNvbSIsInRkX3BhdGgiOiIvbGl2ZW5ld3MvZmluYW5jZS9AQHd3dy5jaGluYXRpbWVzLmNvbS0tcmVhbHRpbWVuZXdzLS0yMDIyMDQyNjAwMzIyMi0yNjA0MTAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDAuMC40ODk2IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjBmYzZlMTIzLWQ3YTQtNDFjYi04ODRhLTY4ZmY3ODQwN2ZkZiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLosqHntpMiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1651057912044
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:52 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 809ms
264ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=a3bd76c79cea9c5a2971651057910874&url=https%3A%2F%2Fturnnewsapp.com%2Flivenews%2Ffinance%2F%40%40www.chinatimes.com--realtimenews--20220426003222-260410&t=1651057912044
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:11:52 GMT
last-modified: Tue, 10 Sep 2019 07:46:01 GMT
server: nginx
etag: "5d7754b9-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 273ms
272ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://turnnewsapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:11:52 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Wed, 27 Apr 2022 12:11:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6E9C 0
127 B 47ms
46ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:11:55 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY7s6Rn9hxHUSYS57g_i74P_ZR9slmNgzoc32g1WonygrtkIss9NxH01L5OJWgWiHx8hYVpA_E0IcT0uJFZ_9c&sig=Cg0ArKJSzPZiUrIyxpOgEAE&id=lidartos&mcvt=846&p=259,1046,539,1382&mtos=846,846,846,846,846&tos=846,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=363493275&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1651057907385&rpt=262&isd=0&lsd=0&ec=0&met=ie&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssijPpIofattJPhQj5JPeawYAKHJE0gdsDGy3bGxly9X4jwLR_BbFBLx7FXnoVNCZRkKd38sA9MIQhDw5My90BA&sig=Cg0ArKJSzNBMqJW8vzr4EAE&id=lidartos&mcvt=932&p=75,375,165,1345&mtos=932,932,932,932,932&tos=932,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=179211431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1651057907319&rpt=345&isd=0&lsd=0&ec=0&met=ie&wmsd=0

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEPMzR8W_Nz5dr7JXskDlhqk&google_cver=1&google_push=AYg5qPIOvAFUP7WqIykSdVgE7DNv5bnMUZD2NJaYEqLOj-bgOzgyc82cs2kujZi1Jrwi0ry3qdl3NQEiO6YFff-HI_J7IL8WQVYw

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 19:54:25	Name: UID Value: 1ABe00ab5ca432279a3535c1651057906
.turnnewsapp.com/	1970-01-20 02:39:04	Name: _gid Value: GA1.2.1079773675.1651057907
.turnnewsapp.com/	1970-01-20 02:37:37	Name: _gat_UA-89193612-7 Value: 1
.turnnewsapp.com/	1970-01-20 02:37:37	Name: _gat_UA-123959537-6 Value: 1
.turnnewsapp.com/	1970-01-20 20:08:49	Name: _ga_MG9KYKHBE0 Value: GS1.1.1651057906.1.0.1651057906.0
.turnnewsapp.com/	1970-01-20 20:08:49	Name: _ga Value: GA1.1.370995894.1651057907
.turnnewsapp.com/	1970-01-20 20:08:49	Name: _ga_02QF6DE9S0 Value: GS1.1.1651057906.1.0.1651057906.0
.doubleclick.net/	1970-01-20 11:59:13	Name: IDE Value: AHWqTUkNp4n_-1O2qUF4omFC6adiq4qVlmllRY178OGVWxDey5-y9iUe8zskalDfkec
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: B969D72476961270
.turnnewsapp.com/	1970-01-20 11:59:13	Name: __gads Value: ID=b125f5596cf3c33c:T=1651057907:S=ALNI_MYnn9x8WTLJ6uAd9QF8TU5DR-Xnpw
turnnewsapp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4fb2bd7c5d81af7a73e88d651622b8be
.turnnewsapp.com/	1970-01-20 11:23:13	Name: Hm_lvt_a453a17b06d6346eae5cc1295ed473b8 Value: 1651057909
.turnnewsapp.com/	1969-12-31 23:59:59	Name: Hm_lpvt_a453a17b06d6346eae5cc1295ed473b8 Value: 1651057909
.quantserve.com/	1970-01-20 04:47:13	Name: d Value: ED4BCQGAJoEA
.quantserve.com/	1970-01-20 12:07:52	Name: mc Value: 626924f4-c5ac3-54d4f-fe68f
.agkn.com/	1970-01-20 11:23:13	Name: ab Value: 0001%3AWhBES1%2BfbyXV6Oh3tFTePVFZnF3ANdJk
.agkn.com/	1970-01-20 11:23:13	Name: u Value: C\|0CEAp--F0KfvhdAAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 04:47:13	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 11:23:13	Name: CMID Value: Ymkk9Kzf7bR.SEC-GQYdxQAA
.casalemedia.com/	1970-01-20 04:47:13	Name: CMPRO Value: 1161
.innovid.com/	1970-01-20 04:47:13	Name: uuid Value: 333f71a8-e268-4e2b-b898-59739ecf4207-20220427 07:11:48
.pubmatic.com/	1970-01-20 02:39:04	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:47:13	Name: KADUSERCOOKIE Value: BD1E8262-99F1-4C9B-B4A9-0188D4540510
.adnxs.com/	1970-01-20 04:47:13	Name: uuid2 Value: 8732581160493428783
.adnxs.com/	1970-01-20 04:47:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilgt$^L-!]tbPl1M>e)ZlrFUfJ+tGXxpK])?FJT]jq_MrkIlN_n6lY0])H[81$O=1%z>3If)y3KL9D3I?+422Dxa
.redintelligence.net/	1970-01-20 04:47:13	Name: 8lcfmzhxc8d6_uid Value: 6beb35bcc0b7165d
.casalemedia.com/	1970-01-20 11:23:13	Name: CMRUM3 Value: 2d626924f62760CAESEEaIZ5TQeZnhv2ViQSjgztA
.casalemedia.com/	1970-01-20 02:39:04	Name: CMST Value: Ymkk9GJpJPYA
.awin1.com/	1970-01-20 02:40:30	Name: awpv22610 Value: 296283\|1651057910\|d5e867b0-c61a-11ec-9b3a-22623ec29485
.awin1.com/	1970-01-20 02:40:30	Name: awpv11830 Value: 296283\|1651057910\|d5e8dce1-c61a-11ec-9b3a-22623ec29485
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.w55c.net/	1970-01-20 12:06:25	Name: wfivefivec Value: 4brJxedW1NJFAi5
.w55c.net/	1970-01-20 03:20:49	Name: matchgoogle Value: 5
.lijit.com/	1970-01-20 11:23:13	Name: ljt_reader Value: 570c633ba5440b67e81919ad
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bxioae3kp4z2vlqkrvr0ef3v
pb.media01.eu/	1970-01-20 20:10:16	Name: DTU Value: 0ACC6CCFBE8F00F4A9B24CBD50C7A5FA
.doubleclick.net/	1970-01-20 02:37:41	Name: DSID Value: NO_DATA
.turnnewsapp.com/	1970-01-20 11:23:13	Name: _ss_pp_id Value: a3bd76c79cea9c5a2971651057910874
.popin.cc/	1970-01-20 11:23:13	Name: uid Value: a3bd76c79cea9c5a2971651057910874
.turnnewsapp.com/	1970-01-20 20:08:49	Name: _td Value: 0fc6e123-d7a4-41cb-884a-68ff78407fdf
data.ad-score.com/	1970-01-21 22:27:03	Name: token Value: ZTFcTVswSTCcU-zlsv-jYzrwVoZKsXyQ
.in.treasuredata.com/	1970-01-20 20:08:49	Name: _td_global Value: ee364a62-b1ba-4461-9ead-38d6e33c6402

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5477305715179926435/index.html".
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

213397d8a8ee5c0d86df00ac55959c4a.safeframe.googlesyndication.com
ad-server.eu
ads.eu.criteo.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ag.innovid.com
ap.lijit.com
api.popin.cc
cat.fr.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
d.line-scdn.net
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google2waycm.netmng.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90004.redintelligence.net
hm.baidu.com
ib.adnxs.com
image6.pubmatic.com
imgv.azureedge.net
in.treasuredata.com
inrecsys.popin.cc
l.sharethis.com
log.popin.cc
medialead.de
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.everesttech.net
pixel.rubiconproject.com
platform-api.sharethis.com
pm.w55c.net
pv.medialead.de
r.popin.cc
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.trvdp.com
s.yimg.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sslcode.adgeek.com.tw
ssum-sec.casalemedia.com
static.addtoany.com
static.criteo.net
stg.truvidplayer.com
tnapcdn2.azureedge.net
tpc.googlesyndication.com
turnnewsapp.com
tw.popin.cc
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
google2waycm.netmng.com
pagead2.googlesyndication.com
103.235.46.191
104.36.113.23
104.92.94.3
108.157.4.35
108.157.4.80
108.157.4.87
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
130.211.115.4
138.201.63.116
142.250.185.226
142.250.186.66
144.76.104.53
145.239.193.130
178.250.0.160
178.250.0.162
18.194.183.160
184.30.25.99
2.20.157.55
212.82.100.146
2600:9000:2251:e000:d:3c0f:bcc0:93a1
2600:9000:2315:ca00:3:7e1c:5b40:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::ac43:2794
2606:4700::6811:190e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:807::2
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6
3.120.51.47
34.98.67.61
35.156.233.6
35.186.253.211
37.252.172.250
51.38.120.206
52.18.148.209
52.187.36.104
52.4.170.196
54.64.181.170
54.76.176.197
69.173.144.165
72.251.249.13
88.198.250.30
94.23.99.218
0114c1fd666acce213b037152912acfe1f7c037be79e144e5d5f4108410cab96
080cc49640fbccae6b4036071e82f5d1406f8fd71715cfaf8cd2eea548971724
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb9d1bf05ac965c4f6b170fa5f190d210664b813c522920d5a4b4a3d4510edc
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c
15d3ebf6868fa719dee4db0b7d63fd82cd08292f262b286a8b69235cd700746e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1965712a76933060073565c02d2e7da9a542221a95a065190f76cc3e3220b111
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1cc4a4a26226fd2a5a511023e25052bcdad620e03bb90f5a5840df933c0109d9
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
1f84b25e53f861b707fe26845bbb9d9412d09fed0b43e8cf453e913c1d95dd5f
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
24f6b8427921b5527105265ae811ecbe0253cf8de4993f677b05d6bcee78aacb
253d8b908a5d3770fce2e7a9c469dd59cd4a341c0b7185d428030a879d02036d
284a8f0641c82d76d4b45bb6d3e2708cd18e65046adfc6cf71de3975eda2870b
2894dfe7bce6520193b05aa5f602f2740447bc9329a4afe9b0e3a5e416a26556
2a854e52e65bbe9498703cc84043b2d1cee8b0c142de15f60323045c4a6a7c2a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7ba5da0793528c3f2cc53bcd7c73b9aa9bcaf88de21a4b409f9c115f1a8f3c
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
30adc40695cfee2d78a70c7439a376f466763eb5042d261f1ef1370b3cb74e8c
3636504ddc9126f902c43019189e7000b2ad83da77a2360f071e3118130dc968
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3cc919cb94b48faf4419f5e0951aefc12a72945bdc6bc9d5a1128a8f90acb910
3da953302179eab7be4307e4497ff703cec0626f2b66aabc40c931557f25baf3
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
44ff50f75f6bc158bab50f4e2c677dfec0bc5c6a22955c2d4f26d352d56cce60
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
47143522f29857e01e5882b606731cdff90bef6328467b0fdb01411370bb9509
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4939e81e954b3b155f7d534f527668bb443077fe4f867fd2799293954ca6bc89
49576f4b1a6976d3b89e6e956d0c3b63c37fdf94e5b6490d94f2bdc9d8280073
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4b1d8508a9ec185263e7822b2e0f357258f95e51531a11d4f253264153279c
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f338a945aef9b859ceffae9184bfd061b93d419d2be48fb1d898dada3222f3b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50ef0b4a32ef59f10a724f4f6343797da0391d92c9a71d5fa9188783aad32a21
513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090
51df5883740836db7f5ef71ac34bae876d2708ec7345973fe417f97b5fbb6312
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c4eb7c3da9a3bedc8095131f426e4d18bfa999c92f2d0e666b2eb5710bd157
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
552bcd4bd60742cf50a20340ab17fbb9d6937684b45b0da70cab5f61d305fc82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5785f0ceebc7aab81b1e36ed5b0469c5f112c9568639d6f96800c392c1dfe8c1
59a09748df17186f7bd3f495aef9734f2c6f7a0a721c179b19f7e9de7772ff34
59af1214f80f19f1eb0e609312209ad2b0484f4145614a94a86539dad0e00dc5
5d1c84531827245e1a4e0ad047f25d38a0b010098e76358de21d4793d147b2f0
5d7f9bb7b1a2a042e4aec02eae0538ee0fa3444e7b30a1775c9c58d0233e4904
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f964a9fdfb3ad5a94bcb6e98cfc4e7fe3e6ae6317294d35b7cafe0230c222ae
5fc44213f47ad560bc6f53e4237e6e59c1a3939ba60e091767efcb32d17dcd6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e11e6b560a3ff323a442346a5a18af0a4b8d6f37f2bdcb089c9f6c56ba9e24
636d605a652f5adce7b9b1d6d82bd530a057078f88d6510d8144dcc5f79c23d9
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
682f73b047f94716a79c0254eb706ffc3b8afebaf468ede719b72443a1f2a2af
6b35f4ab09440a26489947e4856a37b90dae92cf4275c8ef969a7736ee59bf2b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c174bc03fb413ebd8092f262b5a599af2b84af3c030132d22f1ac0c1e4257de
6e0b3c51a9c918145ce300f24b2e5ac149bb8aa53c01beb530818a10e6b90a52
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7b845f4d8eaf4edb01ca84a87e147a73b7fc27e2025222a680af84e471f4c720
7deb164c93b66ecec1ba20cd76e4e36f69dd95c8a9df21534773cc60c1225720
7e234b43a45b719a607228464cf9bd7db056ec971072e9b6311c01c43820c34d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cf5df131fbdeb0b077d893fefb98d75cc5e7f307802a6541e53b4db80df483
86bec00011fb7bf3f60c6c870d4c1787e94b788f811aa03d7496ca803fa2b3c6
86c09ce52265f69f261b0345c66deda9629c4f6ba01db06b3c8ba291173e912a
87e61db2ada434e5a2c964722afdc288df06b7f988daffd799457e2928e9969f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9000aa174d62f0cfdd195cfeab10b14cb4e4ae939d073b499e198a84de01d13f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
977710f6ff8b5ae9efb7ab3628365e3020baf7850de234098719edc7808ee142
979e11f3df739171e62a72351e456d4812436b8d78ffccbf8d0e140a67743380
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
98bfe854c0ddda02f24c857eff60b77d3d4ef48fac11d068f38560f74a404f5d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae1a17b33208639630ed7a38b0f5288b6f7d4fcf2b7f3ba7b36dfaec3b19008
9ae1d3887296dadd86d751de51da25bccd46cc729713b37d271a5869582e6267
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00c538420add0641a170f4d0969fe8f10819b2d7711b373afb4cab6a5d0f345
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3e4b710f88c78e63f45f34dc7b9e70d86834a78ee942060074433aae519bc64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cf033c46c3ebb60101ea75c29a99d4c3261c7b4f070046c2cd521ae14ea77b
a708fe8caa06eacdc291c25418868149b7f304978233a3364e10337f8792644a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd
ab2f5ae60a8e09ad331a29e8ee9795ab9ab58cf82088121977f0672bb49699e2
ab7f35bb008ffb7632de4c5056a26c5c169b552152aed09c3ad76a40496da6fc
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aeefbe43719cb0f605b9894fbe79778c1c641cf69b5b49aba1257d8f76eff31a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d41694913007e67d419c5bfe36d249faf78e61e1bdc3d6db5cf2ea8a2e073b
b4343c82edc7de0ef8df66ff2192e19fd7a4811231b5f0704379b1a52933d4e0
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bc9d4000150cd588a65420f6e8075dbae49ffbca33b9ea95e98911325928b639
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c110c42f3e63a9c70d1e1ddcd7e0cd313fde600cfe88538d385c3a64cf4774fe
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c5e8e12a8f691bfb0ec7d172cec47f683819945feafbc98d6dffcb953cc2926d
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c74b7be7c7c796bfc7d77f0103ca1396b5b5357be199ea74e751f2dd86a74993
c77b9e44b9b2195d3edb884f20f5e352da96e0f8bdc15401069a3d7dc6c8d25b
c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8
c88b6395065db15a517fb4aae1612c9b5ab0a66f1f190d4cb64a0c61d6efbb06
c8f75c47aab52860c3b422ea0b6a2601fbfc03feda66e324749faab819fabe13
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
cc0dd54d8c653172eebaffb647e3d7fb1d7fc8afde84ed6af00f324a9a393e62
cda446aa5202736d9e2cd7d2bc90bbd1f1bf5fa2f8555303a88c548095226220
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8952337ec612662bad4db4b068ce08a533ae6e326a2db1903376accc0954f1
d0ded4a27ac8b313b9b8ac1a5f78ebe82c00241a100f285878417f793a050884
d14b2ac30a17b7a2196a5748d1f2cb68eba2ed4cdd63937929feb638d5b911d5
d3589cd4bfabe49134038c5c0206d0dfd1624f9631fbbf1d6ee700031e6bae20
d739c033325e9068ec77411c0712871eb44b7d595299474260ec9b1fd1fed9a1
da37c85b3b4789fcb1b1488db14c6ec7bd44aac75595e12bda0c4d11ce5d571b
dcfb691fb59571e9bec752c087ee8d17bed93bfbf20691b4c40a5777feb0e4df
de3014a34a4851b8e8dffa9287742a77f020477d5b1cab93966326b5f1c89bf8
df25d60d2186fc1cf1f7bf143b8c3a5d37e9c905799b9463704e3c48021ad47c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ad41fe0b269c88835b4941e2330ae598dd3a310d47d3b217f1e294619695fd
e75e86d68fadbf91d9acabbbbb101851abb24ff51eadb8d223be90e61dd317ca
e79b4e8b7e931abc6751bc59add6c3c1d5ebb560d70ee9be7360d602d5706d45
ebe46ff3b6f0a2a66d5d2ebbe731553aeea263f82125c3cdc18bfbeea786b147
ed1a4a282c5a05c25449f1b7b3b8a86035aa2087e1e398bb9c0082f537f45491
ee5d2f36d0488739e1b20fd0fe9973d90410f7efe1ed08b631880233412e9db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1e2f155fb3bef25066e9a67cec8d36a75a1222530d0c96333d2a68096cba75
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f00f35d7f4d4b37e3108f704b10f8da7e29cdbeae9f690325645cec41e431d72
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6b18b2e7c12836d2f778d867f7726510a5b924e53cc136877c933490608ba7b
f89298795c0af60fffc022d76855f3f4f3926d3a519d78ff09438823bfb92c7d
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f9afdeab68ea42e6498e4cd13d50bb5ff0f0774ce9739a59093249cc37d349c5
fce25f7d874cb94e558d84bb989bd0b5adbc5ad7e41617820ef59af65558b2e9
ff94f2ff683ad9b47d04db9b4054b8614ebaab64f6c7fd1756348c2d7fe4dc0c

turnnewsapp.com Open in urlscan Pro 52.187.36.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

305 Requests

90 %HTTPS

40 %IPv6

47 Domains

66 Subdomains

56 IPs

10 Countries

3007 kBTransfer

7869 kBSize

42 Cookies

22 Outgoing links

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turnnewsapp.com Open in urlscan Pro
52.187.36.104 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

90 %
HTTPS

40 %
IPv6

47
Domains

66
Subdomains

56
IPs

10
Countries

3007 kB
Transfer

7869 kB
Size

42
Cookies

305 HTTP transactions
4 data transactions