www.hellpress.com Open in urlscan Pro
2606:4700:3035::6815:55a6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hellpress.com/
Effective URL:
https://www.hellpress.com/
Submission: On February 16 via manual (February 16th 2024, 2:01:01 pm UTC) from CL — Scanned from DE

Summary HTTP 238 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 29 domains to perform 238 HTTP transactions. The main IP is 2606:4700:3035::6815:55a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hellpress.com.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time www.hellpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 36	2606:4700:303... 2606:4700:3035::6815:55a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	18.245.46.127 18.245.46.127	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
13	34.246.155.13 34.246.155.13	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 13	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
8 10	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.52.181.90 23.52.181.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	3.8.213.175 3.8.213.175	16509 (AMAZON-02) (AMAZON-02)
1 2	52.213.49.255 52.213.49.255	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.87 18.239.50.87	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
13	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:223... 2600:9000:223f:1200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:90bd:c37c:5cc6:b26	16509 (AMAZON-02) (AMAZON-02)
11	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	18.239.94.52 18.239.94.52	16509 (AMAZON-02) (AMAZON-02)
3	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	5.135.209.97 5.135.209.97	16276 (OVH) (OVH)
1	54.155.181.217 54.155.181.217	16509 (AMAZON-02) (AMAZON-02)
2	35.178.247.241 35.178.247.241	16509 (AMAZON-02) (AMAZON-02)
2 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
238	53

36 2606:4700:3035::6815:55a6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.hellpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-127.fra56.r.cloudfront.net

sac.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.246.155.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com

antenna.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.180 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Wuppertal, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Papenburg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.181.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-181-90.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (Saint-Martin-d'Hères, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.213.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-213-175.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.49.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-49-255.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-87.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:90bd:c37c:5cc6:b26 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.65.91 (United States)

ASN54113 (FASTLY, US)

video.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-52.ams1.r.cloudfront.net

geoworker.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

t.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

optchk.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.209.97 (France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.181.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-181-217.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.247.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-247-241.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	597 KB
36	hellpress.com 2 redirects www.hellpress.com	645 KB
35	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 ad.doubleclick.net — Cisco Umbrella Rank: 149 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 239181	392 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 689 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8417 csm.eu.criteo.net — Cisco Umbrella Rank: 7991	362 KB
16	ayads.co sac.ayads.co — Cisco Umbrella Rank: 33753 antenna.ayads.co — Cisco Umbrella Rank: 31470 geoworker.ayads.co — Cisco Umbrella Rank: 120473 optchk.ayads.co — Cisco Umbrella Rank: 37852	95 KB
14	seenthis.se video.seenthis.se — Cisco Umbrella Rank: 21984 t.seenthis.se — Cisco Umbrella Rank: 21549	662 KB
13	criteo.com 2 redirects ads.eu.criteo.com — Cisco Umbrella Rank: 7905 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9712 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13432 gum.criteo.com — Cisco Umbrella Rank: 461 bidder.criteo.com — Cisco Umbrella Rank: 691 mug.criteo.com — Cisco Umbrella Rank: 2577	73 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 664 dt.adsafeprotected.com — Cisco Umbrella Rank: 638	105 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	310 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 36155 hal900025.redintelligence.net — Cisco Umbrella Rank: 263170	257 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	4 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	7 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 29024 api.webgains.io — Cisco Umbrella Rank: 66040	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 42320	1013 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	248 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 185372	6 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1531	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 577	400 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 714	171 B
1	smartadserver.com www8.smartadserver.com — Cisco Umbrella Rank: 8365	324 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 65103	437 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55484	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 347650	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 165849	923 B
1	google.de www.google.de — Cisco Umbrella Rank: 5654	408 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 317	29 KB
238	29

	Domain	Requested by
36	www.hellpress.com	2 redirects www.hellpress.com
33	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.hellpress.com 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.hellpress.com 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
13	static.criteo.net	ads.eu.criteo.com sac.ayads.co static.criteo.net
13	antenna.ayads.co
11	securepubads.g.doubleclick.net	www.hellpress.com www.googletagservices.com securepubads.g.doubleclick.net 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
9	s0.2mdn.net	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com www.hellpress.com s0.2mdn.net
8	t.seenthis.se	video.seenthis.se
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	video.seenthis.se	www.hellpress.com video.seenthis.se
6	ib.adnxs.com	3 redirects googleads.g.doubleclick.net sac.ayads.co
5	dt.adsafeprotected.com	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	bidder.criteo.com	static.criteo.net
4	gum.criteo.com	2 redirects static.criteo.net
4	hal900025.redintelligence.net	1 redirects 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com hal900025.redintelligence.net
4	hal9000.redintelligence.net	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com hal900025.redintelligence.net
4	ad.doubleclick.net	www.hellpress.com 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com 8019191.fls.doubleclick.net
3	pv.medialead.de	hal900025.redintelligence.net
3	www.googletagmanager.com	www.hellpress.com adv.office-partner.de www.googletagmanager.com
2	mug.criteo.com
2	api.webgains.io	analytics.webgains.io
2	static.adsafeprotected.com	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	8019191.fls.doubleclick.net	1 redirects 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.hellpress.com
2	fw.adsafeprotected.com	1 redirects www.hellpress.com
2	cdn.retailads.net	1 redirects futalis.de
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
1	ad.360yield.com	sac.ayads.co
1	www8.smartadserver.com	sac.ayads.co
1	rtb.nl3.eu.criteo.com	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
1	optchk.ayads.co	sac.ayads.co
1	geoworker.ayads.co	sac.ayads.co
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	ads.eu.criteo.com	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
1	cdn.track.production.webgains.team	5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900025.redintelligence.net
1	track.webgains.com	www.hellpress.com
1	futalis.de	hal900025.redintelligence.net
1	adv.office-partner.de	hal900025.redintelligence.net
1	www.google.com	tpc.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sac.ayads.co	www.hellpress.com
1	www.googletagservices.com	www.hellpress.com
238	54

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.tiktok.com
twitter.com
whatsapp.com
foro.hellpress.com

Subject Issuer	Validity	Valid
hellpress.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.ayads.co Sectigo RSA Domain Validation Secure Server CA	`2023-07-05` - `2024-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
redintelligence.net R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.futalis.de R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.seenthis.se R3	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.hellpress.com/
Frame ID: 52FEFFF7EEDFE04D574F7ACACBF4E279
Requests: 76 HTTP requests in this frame

Frame: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 459F3BA034691F96F4B278B79E0DF15C
Requests: 1 HTTP requests in this frame

Frame: https://www.hellpress.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: 4F689786C00CF18706476194E3EA4B60
Requests: 2 HTTP requests in this frame

Frame: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8CF2E5F1DDB53ED9BDBFC3A552E6590
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiojLaDAjAB&v=APEucNXcSdwBswcl9NxMqIgB3mAkzMsVV6rFNcyH6sUZm6iiK7oRBQdw2uNICtKlg48Uue-Iq9pUc7OMj-xDeT4AydmOQUp2VimXJQaxyn3JSVS6vkoDK7avWeJv5AN3W2xA-ffX3fSqHD-Y6ZG-OrYOZVeIvTCDHDtjIyB8JQAaqVoxboCCONw
Frame ID: C9577BC4B03F12944E36A71BA86472E6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0DEF18252D7BAC89551C57C2D76E5D85
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24A816E807F51155A9ED5DEABBA199AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D060B9C0172349E3DA4C2FE0BBC99DD1
Requests: 2 HTTP requests in this frame

Frame: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFFE13F4B1517F5C65130CDF36A7DFE6
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNWjVVmmdLX_CXnRO2y_krE6tKkF8xNcFi83COWTIbC9_D4P-pbX36r9TIAf8awJS810GIebYv3-iM8Qvfdnm23Vbo0nsvyziOOqrJaloYQAI1VW9n37m7kWTum1iiFUYCIkqIdrCKSmVN83LWGIMt73llw6VgD9kHMie2kVDN91Y9M7-oE
Frame ID: F1D426922A1EB410A7A9DBC9071C4FA7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6DE468B5A976407B774B81D6B91B7418
Requests: 3 HTTP requests in this frame

Frame: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F167E728F4FFF96512C81DB38F8BAB67
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s
Frame ID: 978720DC78E492577C44132E1CEFC444
Requests: 5 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 54D9881BAD18650704F176FA400B05FA
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=23261800110162204444978012602025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 25C4FC94907F4C3342B8099EC7235388
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216
Frame ID: 716BA6D5D067DD400938E94FD487794C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E761B3983F5F6394B9D8884249E07236
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
Frame ID: A4E0EA8791EE14B6FEA8A10E7D0DF766
Requests: 24 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254
Frame ID: 64EF6281E3308968D4EA3B163F487B53
Requests: 3 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Frame ID: EADA53D7E116128B0761354DFE5A241A
Requests: 8 HTTP requests in this frame

Frame: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6878A5B2265BDB31F113765E297077E
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zc9qlgAIh_IIEdlfAAv2pa9R0Rt9uKYYil3Lvw&u=%7CiV4nJrwwlT8iAwdlIi18jOVZDpto%2BZRgA%2FJWTtuyFlg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxfdxjfJc45ALmCO_rFtyAZJKB0Omnf4X9ihe0T-j0QWVsaD08ifRQNklaNCxIOKrj_6D8DAecDCfLr8AHhiLD8djrECvjRXRtvgA8tFBWvbTZzTQMkDQgMpQMA_2tV2AKH6B70q1uknuVUtlxkLThG-TejD5n0V2c--R75nIb2lKBnN93CHy4HGn6LIP2DDpDspDxWp60d-PK8WCFm6pdmVcuJpuVw-SCiWHD-G5hgSyySxEAz4REFZkWaq2ErfgJwqtNPlPBwG7CJqFkuKNvp9g6m_ah2xsn7Ih8LipjW5u5_kNIVsyaz1s9Picf5YOI93caxs5XV_lcPRRnEv6XazysuJNxudwNmjyHNIrHwAKch77oD9yGcRI3VUN1q60Qf2FTwxsUPx2tec48iWoclgbPs7aQfzZSPlpRp2hPf1HOcHNFh2JXzTHxBFbY90y_VXWIlhK3-EOlv6sdiEy3j2GdwlVLEYW5n6L-zuFPwx7KZWfGsIUNOzLHsgNXRtyPGH8SG7Wj9SkdPZCjXgg1_6z_kLpjx7lHC_KE7sONBCn_cUB4T1qAXjWSf8j0lU1d3GZ7Aes3an8sKsLtYyv1aJhomc5affXEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-_jHlmrPZfKPIt-yx_APpe2v0AnJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDcwNTU4MDUzNTM3NzU3OcgBCakCE5AHDFACsj7gAgCoAwHIAwKqBKoCT9C1ePh2WGDIKkPLkptNCzmIrqHV6WCAi23CY44I8l6Ck0QqgSV7rUrtPduNRl99F4G0wrC340xtHHu3qQrO6eliPQ9twQ6TLt1AFkJb-mqAh2_3D7CyxXqT2Z0oNTdzI2gMV_bgnENqYJjPoiYeYgaWkpbWKEU6nYW14c1_keKBaYxZI_ELywxc5y6SpQOBXqvFxn2FYlp04h3O4MiqGdJXjAvF6Z8qw1FN74_5ElR90k-uv1xaR9zRSVV8k3nFdN9Z7I9JA53ybzj4w4tjLggj8b08vsFjxbAVc6yVbfbfPKKgfG01QghYJOSNDIPmNhsAIC0IVFAEqF0VEErpCWWxkhspjYX9RTJBHpS1FGfRvdinw_7GiVz_uVckqkLIfl_PJg_9R_VGjeAEAYAGmLnZrZHrnbNMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOljNx9jggrCEA_oLAggBgAwB4g0TCLyK2eCCsIQDFV_ZEQgdpfYLmtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mmBT0YnHQQ5VOKzcvNjpxcHJBsA%26client%3Dca-pub-4705580535377579%26adurl%3D
Frame ID: 4950D61A0708F2B12D968386D9CBDB95
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7EE7CDB89E36A4035744390F714A3254
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: A1E005D293508374E4827B243D0EDF5D
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: F76030D2D45EECF5D2F4EB8B5092FF26
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hellpress.com
Frame ID: A4B17BB516A3C6C573B6C55D87D99953
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 071962A340ADFD08F58EB5BC64177E3E
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hellpress.com
Frame ID: 05B57263D6F365644C81CA02CBE338C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hellpress: Web de información de grupos de Heavy Metal

Page URL History Show full URLs

http://www.hellpress.com/ HTTP 301
https://www.hellpress.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

238
Requests

94 %
HTTPS

50 %
IPv6

29
Domains

54
Subdomains

53
IPs

7
Countries

3837 kB
Transfer

9258 kB
Size

24
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Hellpress
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hellpress
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hellpress
Title: TikTok

Search URL Search Domain Scan URL

URL: https://twitter.com/Hellpress
Title: Twitter

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029Va89dzX9cDDVSdC3pt2Q
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://foro.hellpress.com/
Title: Foro

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hellpress.com/ HTTP 301
https://www.hellpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.hellpress.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.hellpress.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHfyiQ0D7B1G2ZNBrHoRqPQ&google_cver=1

Request Chain 70

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc9qlrmqPTQAAGYOAMr28gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtqI3_BE88GtL-X2DHBocs&google_cver=1

Request Chain 72

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

Request Chain 87

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc9qlrmqPTQAAGYOAMr28gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJpx0ZpgTPzAItGya3WxPaY&google_cver=1

Request Chain 89

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

Request Chain 101

https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHbhcPFqVNrpC_D39mu2bV0&google_cver=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEHGKUNMh1SOo6wu9fLpaLtA&google_cver=1

Request Chain 123

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23261800110162204444978012602025&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216

Request Chain 138

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254

Request Chain 186

https://fw.adsafeprotected.com/rfw/st/1925920/78089287/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015639193&ias_pubId=pub-4705580535377579&ias_chanId=1&ias_placementId=20986593569&bidurl=https://www.hellpress.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0goe5W5jAG3YV18XqEnrOP-&adContainerId=brand_safety_lmrPZZWcLqyy9u8Pi7CK0AY&cbFunctionName=goog_wrapCb_lmrPZZWcLqyy9u8Pi7CK0AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.hellpress.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.hellpress.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ea2b0ccc-e5ae-3b21-708e-2df85679ea79,c:4oCZih,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-rt4kr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u4ssbXT+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C16*.1925920-78089287%7C161%7C1621%7C163%7C171,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:37,oid:cd7470f5-ccd3-11ee-a15b-2a4933ef505c,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_lmrPZZWcLqyy9u8Pi7CK0AY&cbFunctionName=goog_wrapCb_lmrPZZWcLqyy9u8Pi7CK0AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 236

https://gum.criteo.com/sid/json?origin=publishertag&domain=hellpress.com&sn=ChromeSyncframe&so=0&topUrl=www.hellpress.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VGO21XxSc0d0Mmo1QjRSUXFwNzZLUTJXT2U3T1RucUtWaUt3eFNuMi9OdFFGbmhaZDZldnk4TUFNb1llTmRQaVNTV252M1ZCTmc2clpPQzlTaE5KY0l5WGlidmJKV2x4Q3NqTjRqZHcxY2t2cy9EWVdFbENtRSttdkhrVjAvRWdFbjRteTI3aWo5aGRmdHFEMWN2MjFwM0NkZ045WVQ5SGtLV2Y0UmNGSEdlanNWUmJITTZGUzZuczdRUWl0RG55cmZGeXlFbHZEb0FXZWVoVXU0MGxrUnRoK0djclV5UjE5U1ptTDV1ejc4NldjSkluZVB5ZVcxeCs4dGhhd0pheElCeE02d2tHd3R5ZEQxeDQ0Rnc3WGo4eitIQT09fA&cppv=2

Request Chain 244

https://gum.criteo.com/sid/json?origin=publishertag&domain=hellpress.com&sn=ChromeSyncframe&so=3&topUrl=www.hellpress.com&bundle=2FQIkV93cGp6cmRMWjRMNkFMZiUyQkpCUFhSSzYyRk9SdzJyMzNmMiUyRjBjdDRpN3ZHTDhWZnhjbW5vRGRudDNzYSUyRm9NS0xzYVY4WTNQV0JIM1I4UWNkWno5Z1pPWmpJTG5sWUF1d2RrMmMlMkJYekUzT2lPJTJGM0JLUXBKMEVETHMlMkJNYnhKJTJCZVFkd0FodHl3cFBiJTJCR0VzNHNTQThMckRnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hQ4dx3x4cTFBYU9LU3NKSmlHam9kNnJZOW1EeXVzQWZ1QjBBczB5NlpnWnFIOHpGRFBBVGZTWGdmbVgvVkVwa25NSFZDcDZ1bXAyRmpRYXF5OVlQZmhGNEdIUU55OGUwZ0J2Ylo3cmhqRGJaOTU0UEFURjJIb2FaNWJJN2NFcTRMNEhyUHVSeVFzbVNBb0ZKQ0ZuYUZmQmkxUlVMWjY3UGZwemwvN29Dek00ZW1CZmU4WXZycTZlaE9NaXhHRnhLMlo2OW9XS0FZVENYVnA2Y2U3dDhzSER4cmtVVm9RRmhxNU1TNVIxbmlqME5uQWY5cVJGZzlzam4xQmNUY2JCdnJ2K3lFVzF6K0hUMU1aQ1JUd1d3NWlaMkprai8vbFJIMUd5Uk9SeXQzRUo2WlFhcz18&cppv=2

238 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hellpress.com/
Redirect Chain

http://www.hellpress.com/
https://www.hellpress.com/

284 KB
36 KB

302ms
279ms

Document
text/html

2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/2.6.1

Resource Hash

a9f96ac52806cef9a85ded0a995f2411f4f8c6906bb094a8a398892ca5be0ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2611, public
cf-cache-status: DYNAMIC
cf-ray: 856651c0c8e23a7f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 14:00:52 GMT
expires: Fri, 16 Feb 2024 14:44:23 GMT
last-modified: Fri, 16 Feb 2024 13:44:23 GMT
link: <https://www.hellpress.com/wp-json/>; rel="https://api.w.org/" <https://www.hellpress.com/wp-json/wp/v2/pages/92359>; rel="alternate"; type="application/json" <https://www.hellpress.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQBbSIaG0nvnj%2BspL3JzlnivBr4fo3fikc2N1GE48UczcTtpUsV9xrOD4DB%2FIAFrKHc9SS5rcZGT537qABO%2FOkAoY9HmSu2iAQSTF8aGPnaD61Wvjad5KAHxcED8loyTKH5bpZWujyWagOOUsFoqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: W3 Total Cache/2.6.1

Redirect headers

CF-RAY: 856651c05ab2361e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 16 Feb 2024 14:00:52 GMT
Expires: Fri, 16 Feb 2024 15:00:52 GMT
Location: https://www.hellpress.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxDnEWJS1%2FiFRCu%2Bn2d3%2FVKH6f43znb9nw49XqdoaxeB8uyhuon0JFC7VQRJ6g%2FkanWcr0DLgmAQJcdXetWpj6ugNLZ6sOTQNuAVM2hmPD7hY2Berg5Wj4vFD2KeCVbdttIiRbhcYUI8xRZNdR2TfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Feb 2024 17:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c66685-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIOHLkJm6F0cpeZqXk0fePU4DpTu69CBz10MF5icezdRYEGjpLmngW8YZI1yuXsXQ7oMV21dZLoeNSp5J%2BTc8kPMOTtQvQom6h3XS%2BIxSW82IBlNjqLJ3cUMUN1uWP6VhEfAIjhxjXmXIZwxYBHSzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 856651c29bf53a7f-FRA
expires: Sun, 18 Feb 2024 14:00:52 GMT

GET
H2 200 newspaper.woff
www.hellpress.com/wp-content/themes/Newspaper/images/icons/ 33 KB
22 KB 27ms
26ms Font
application/font-woff 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hellpress.com/
Origin: https://www.hellpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4237
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 22:01:32 GMT
server: cloudflare
etag: W/"82d0-60558d199b0ba-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmImw8mrF7ap62RaTZOf%2BuIXjziCe1q7WlCy%2FxW6x1eOcNT6ZupO1Vp7YA3DAswlymLcdORZ5rEKbThF3rSD%2FSd%2B8QBmzRY1toT%2F75J35jkssBH3DvF8kPZ43hrZzYkk690TziIjkrw2tPDILyNcLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=31536000
cf-ray: 856651c29bfc3a7f-FRA

GET
H2 200 kamelot-2018-534x462.jpg
www.hellpress.com/wp-content/uploads/2018/04/ 34 KB
34 KB 75ms
74ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2018/04/kamelot-2018-534x462.jpg

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312f716e4c0c5c0f1abfed323d7ada6bfd129daa6d7c5deb006f4b2146f4c998

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34805
last-modified: Thu, 05 Apr 2018 09:46:28 GMT
server: cloudflare
etag: "87f5-56916d0535e5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiO6Db6Y1bSCwio46eXG8owSWp6q2GFzlfwGI%2FQlFJSZ2XizE2YNqg3wom1WPXBOhBnnfrf6MjhqhZilVXZBgRahkbTXJ96MASGKAxLquYxud%2FwHeKcT4pBCDHHoxkPAyKn6q3ynu5IMWfeIJArRgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c2ac263a7f-FRA

GET
H2 200 email-decode.min.js Show response
www.hellpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
961 B 11ms
11ms Script
application/javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Feb 2024 17:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c66685-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Omw4oLrB%2F5vvjJMogjEZp9leiYHAerMofzK4oTvCo8alUlyzM%2F1%2ByQln5LxAiGv4xAoKprm1kk4%2BXv99WoREMYy8i6hXzQbfRYdxZHyI9AJ3UPvPcF7u4hb44QlV26G1FkUQ%2F2ElL4JSmPvLWUyyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 856651c2ac273a7f-FRA
expires: Sun, 18 Feb 2024 14:00:52 GMT

GET
H2 200 autoptimize_3a9177a886d04021db5c65aea62b8ec6.css
www.hellpress.com/wp-content/cache/autoptimize/css/ 961 KB
115 KB 113ms
113ms Stylesheet
text/css 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/cache/autoptimize/css/autoptimize_3a9177a886d04021db5c65aea62b8ec6.css

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9170bd0db981f084ed9e2534b6316459b93ea6158c9bf5a6b2dadc5000cd028d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 16 Feb 2024 12:54:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"f05e7-6117f3fe7a203-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQ29sNPmiC2R5EIb%2Fv9ZDRuGEQDKqrBOn40DPr%2B6C2HC7FGQ%2Fu%2FqYPxXiDyAT15oplruaDgN9wDHCaq6YR4sTVDe52pneLRqw%2BfWjcxaIvyJy6C4ip3EVZ255bvzpNJ34xeS%2FM9koriD%2BLZxLXappA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 856651c2bc343a7f-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bba4e249dd2d8ae05da42a62685cc1e0f0281e5468431959dbbe9de811b3e4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 637b8692891757a155c0931f5c77b31005be86f65c5d06872d03adcda4a338c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd2eb349ab50bcc252cf84742bdb96def2027321cdcba72205cec0892209fb53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ac9aade0db6b6ab9fdb82e776dd1a5f81bec809938beb3d2f07c6419892f03e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db448fb064d0f9c095a25132a62d9f6c56001c1d67a3eb015b045ecd81d54fec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 519ed1cf7104eb2bfe0d64e0bcfe5bb97b005b1ba9a12689239f4a7ffa98891d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 js_files_for_front.min.js Show response
www.hellpress.com/wp-content/plugins/td-cloud-library/assets/js/ 202 KB
49 KB 41ms
40ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db54dcc577c6bbc62b02c397f14ee4bc4d7670751a3c62a261485eadf158028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5428
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 22:03:29 GMT
server: cloudflare
etag: W/"32707-60558d897fac2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrei52lGXwYOzK6wtC%2B7HQx533xmtR4IjGh95ayvBCyJATcRfYvqd33ZX6QLgOgPv4D9JPzEnTq5LBoIhrD0u90Ke5XaAEXGHw%2F61thPo4mhBJWZtA%2Bn1wYEIY8lXWu1AaXgNJ%2BB5dA%2Fgi0fltYYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c308e65d98-FRA

GET
H3 200 comment-reply.min.js Show response
www.hellpress.com/wp-includes/js/ 3 KB
2 KB 35ms
31ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-includes/js/comment-reply.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5428
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 12 Nov 2022 02:10:03 GMT
server: cloudflare
etag: W/"ba5-5ed3c8116c39e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y42ft32BHTzpMXZbO%2FJDKHRaGIjbTT0IodbKLNimXHmGIPdm6A9xNZsztv4URESSkLGTXK6qRXin0W0d%2Fr9MhtufGdVAKCasoa3KU8KzRlaoWwcd9pmSLc744IhP94HEGxjNkNAUIhppK39srMu%2FlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c318f75d98-FRA

GET
H3 200 tagdiv_theme.min.js Show response
www.hellpress.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 305 KB
73 KB 62ms
59ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a950a2f65b284987def5bd6d63095bf55075dcd412e81c0fd9522714d883b5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5428
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 14:21:27 GMT
server: cloudflare
etag: W/"4c4a9-605668214f66f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWAS83CNrmTl6FSaaZsods%2BUcZOdhqvqAKQC%2BHd%2BFXDDYO13oALwS5xe0LbKa8vn3ZN1%2Bi1RNqxjFPnEq6XFT7E4tVxjObHkO%2Bi3zFOiIk5D%2Fvs9n7SnK7Q18aAiWrZcrjjRDiB9aUEPJq54XsyvsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c318f95d98-FRA

GET
H3 200 js_posts_autoload.min.js Show response
www.hellpress.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 69ms
66ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48a6862a4b9d72c34942d44d54e7cdeeda1e8343e6af2f79c57dfc777b3c23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5426
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 22:03:29 GMT
server: cloudflare
etag: W/"1544-60558d8980a62-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhkiPGn%2BNWy0VsDk%2F0LsLv3ZsE77S3ZFoKbzskicG9TTMO%2F5qmVy0A1DFdSN3qAXe3gssMJiiXy4wKBrwPavu1b6jE1D3NzmvCkm2JDwrRH2F89prWAwyPmU%2F6QP2RhEB0zJ7mk%2FbPHBXmzuf0yWDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c318fd5d98-FRA

GET
H3 200 underscore.min.js Show response
www.hellpress.com/wp-includes/js/ 18 KB
8 KB 33ms
30ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-includes/js/underscore.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5427
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 12 Nov 2022 02:10:06 GMT
server: cloudflare
etag: W/"4991-5ed3c8149ca2b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt5XRTOlprBrEORhaI4zCRgabCkTZgI8vn%2BKHSKGmKqhqx0UmjFpr%2FMLzcfcm6gDsPN%2BsK74yzWP%2BdttBka9sEe1kqTfzagORcvLGRullX0GN%2FEW88Bq990lsOaLiqlwJ99UEKSzuyefaI7j2%2BazHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c319005d98-FRA

GET
H3 200 autoptimize_single_529c24bf50a0ac24559ad08f10f225ca.js Show response
www.hellpress.com/wp-content/cache/autoptimize/js/ 6 KB
3 KB 87ms
84ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/cache/autoptimize/js/autoptimize_single_529c24bf50a0ac24559ad08f10f225ca.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b5ca9039c0a307caea46b5515124ae402921e5fced5caf130a3874f6dd15409

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5429
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 12:15:56 GMT
server: cloudflare
etag: W/"162c-6117eb4bea139-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv4oa%2Fvj1495AHfwraafsEqyMh0TmYS2CqtUp6HrvppQENU0uplJ%2BE84%2FTU6eR%2FgZnhB5rfANRWm7eEB5lBmuDcl94qesyQ3A%2FB3Jp83v%2FHdUtPjQ6c4NTlqSV3eRzG9%2FwyFJx4a9JUtYcUuvbhang%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c319025d98-FRA

GET
H3 200 autoptimize_single_e264a6ee15374c0ddd56807d95cbe759.js Show response
www.hellpress.com/wp-content/cache/autoptimize/js/ 6 KB
3 KB 70ms
67ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/cache/autoptimize/js/autoptimize_single_e264a6ee15374c0ddd56807d95cbe759.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aeacad2ba0651fab445f34d952ae5898b0b0acaa15aa9e8e53d749d2c1b252a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5429
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 12:15:56 GMT
server: cloudflare
etag: W/"1841-6117eb4be81f9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl2mpDCHqwXiFWMxQnScKRYEQ0VDLWBUndTghTuubIdW%2BkIk8ORDya6UNrTpNxCy0oNyAJqmu3wVA1trTNlGj%2F%2BweHjYqhOJN2f3T3N6t56RWWa%2FkNXkiHZcBrjaQRjazOjBRwlxdHeeAPvnHbH5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c319075d98-FRA

GET
H3 200 autoptimize_single_ca1897f519105b3e6cb6ecc7fb45512c.js Show response
www.hellpress.com/wp-content/cache/autoptimize/js/ 3 KB
2 KB 28ms
25ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/cache/autoptimize/js/autoptimize_single_ca1897f519105b3e6cb6ecc7fb45512c.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6513b21938d1db49817b1d73eace3b7d51688bad88c161af59e4da998cd922d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5428
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 12:15:56 GMT
server: cloudflare
etag: W/"af2-6117eb4be5319-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55S30%2FUvu1471WkUsbeK7EOiqVwVotlBGsWSLtnW1apG6FQ4vM4nBlpLCtw%2FAY0WM9O5WKM8V0fqcDY7eNw0ZAujxMpqxyYkd%2BjKd8BVbrvjErOf1LKuiNe8AepsRXZ4Cq6ayAaOZ1elMA45dlRerw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c319085d98-FRA

GET
H3 200 lazysizes.min.js Show response
www.hellpress.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 37ms
34ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5428
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 07:24:45 GMT
server: cloudflare
etag: W/"2655-60a17ae524c90-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSf9C%2BKfhPKWHTS1oDJalziGZMRPog44Pm9f0hmKlRsFXnw%2FGOM7KetWDDHJIu0IyGzvdN9RWx3cDcoRr8BjZIRkwgD3R0Zj0rOORbgdhbz47zDcvAqbMHg%2BHU1si8GaHvb19TW26aml37LPrXpeSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c3190b5d98-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 110ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e47688e3228bb4b9534c2324147cb9917c8111b773469f233f0c2fbb1e170af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: cafe
etag: 285 / 19769 / m202402120101 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
29 KB 111ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe128879e48d94c7350fb46ba64ae0c4aaa10f2e8a38d3ed703fbdf607a09a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: cafe
etag: 123 / 19769 / m202402120101 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H2 200 25759 Show response
sac.ayads.co/sublime/ 376 KB
94 KB 74ms
11ms Script
application/javascript 18.245.46.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sac.ayads.co/sublime/25759
Requested by: Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-127.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0101169c1d63c747444a7b58c590d8e4cf58713fa63bd1dba99bfdfb4adc30c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Feb 2024 13:32:59 GMT
content-encoding: gzip
via: 1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P9
age: 1674
vary: Accept-Encoding
x-cache: Hit from cloudfront
cache-tag: zone25759
content-type: application/javascript; charset=utf-8
cache-control: public
x-amz-cf-id: fZqRUXijGqQ8XLGNAfi9VHVtW_xVqOs3C6Q6EfwoA_f9IV97CTPA3A==
expires: Fri, 16 Feb 2024 14:06:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
90 KB 70ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZNLC8QB558

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9709dab3a9e4b5ed7331825aff55c35504e09ef7768100478bd1c40a1fc4044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H3 200 es.min.js Show response
www.hellpress.com/wp-content/plugins/events-manager/includes/external/flatpickr/l10n/ 983 B
1 KB 74ms
60ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/events-manager/includes/external/flatpickr/l10n/es.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bcbd7515d88f54cd7c7eb6d7292a1593a36aca2dd92c6601bcc8fe3272835c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5429
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Nov 2023 22:21:54 GMT
server: cloudflare
etag: W/"3d7-60a38549b1b29-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4y9vJpz47wMHBnf1HKbBdEJthh7LdgYzxKCwy8S23eW%2Bl4GhjzrtyJCuOp0Xir8i6wDpiNuDgggg87fYoN4UQfJQwd%2BQeqIJsY9GTU%2FaneXerMfYgVOzu5gQLOSnyhgg5DDp16YZDiuNrzKoaEYcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c329225d98-FRA

GET
H3 200 events-manager.min.js Show response
www.hellpress.com/wp-content/plugins/events-manager/includes/js/ 327 KB
87 KB 74ms
61ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/plugins/events-manager/includes/js/events-manager.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d739e9bc6d43b6b3f01e43cab3449079d5cf1f2a88203682afee48a038346e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5427
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Nov 2023 22:21:54 GMT
server: cloudflare
etag: W/"51b3e-60a38549b8889-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeYdii7QW9%2FbVnn8lwIarN5coqHNmGzQt3hh%2BcdQLB3cqLe6rXobfS1tZQO%2Bq68eiOZF5Ba9akhxwIGOVnWG9pXeAaqoiurQnz6RIAXxjR77l6DZJLLAI5I7azgpQh1epHDUAwm%2Bk8ZoW65dqhr2Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c329265d98-FRA

GET
H3 200 jquery-migrate.min.js Show response
www.hellpress.com/wp-includes/js/jquery/ 13 KB
5 KB 82ms
68ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5427
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 18:20:37 GMT
server: cloudflare
etag: W/"3509-6072469e5c0d9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TL%2Fgc1c2ZumowBnnQPt9QASaVQ3qWAS%2FgkLvFZdUI27D7IpwdTIsQIW4hyWolozLHlTU5ZpuHuZOTvf92b7wJSzzRwxIiQY1CrFpYklp8nFKcrgm7UZRKAHBn8Vq08qKzuxgJm8Ybqib3ohGqVO5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c329285d98-FRA

GET
H3 200 jquery.min.js Show response
www.hellpress.com/wp-includes/js/jquery/ 86 KB
31 KB 82ms
69ms Script
application/x-javascript 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5429
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 07:18:40 GMT
server: cloudflare
etag: W/"15601-6099ee5879a82-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rH9RQEbl52045%2Bi6V%2Bu4HBRvqFNI21R2r0Wp7BeIDQ8aAZPYov5jCdcLxDXQe3CHA6tguoQEf0qfy%2FQ3Hidb7nNdwDKQhfUcIeOueAytBhkHSvOGj%2Bzw3nJiYqNhkgGjJnoNXmIM9MHgIaju5baig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 856651c3292c5d98-FRA

GET
H3 404 newspaper.woff
www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/ 0
0 70ms
70ms Font
text/html 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/newspaper.woff?21

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/wp-content/cache/autoptimize/css/autoptimize_3a9177a886d04021db5c65aea62b8ec6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hellpress.com/wp-content/cache/autoptimize/css/autoptimize_3a9177a886d04021db5c65aea62b8ec6.css
Origin: https://www.hellpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B5pCReLp60lW9miZ6LBPOcxocLq6nIHhrxyFlNaK9GGRhQxWBXS5%2B4xmf2JvY0YxDZsKMTmOcapFkIeHX%2Bhua1p4CjqU79gA3YKgnms2CdspZA12t6pqEJJU9YwnJI7lHrJ4qK9M%2BrO7FSZZZ8QDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=31536000
cf-ray: 856651c3fa915d98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 newspaper.ttf
www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/ 0
0 71ms
71ms Font
text/html 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/newspaper.ttf?21

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/wp-content/cache/autoptimize/css/autoptimize_3a9177a886d04021db5c65aea62b8ec6.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hellpress.com/wp-content/cache/autoptimize/css/autoptimize_3a9177a886d04021db5c65aea62b8ec6.css
Origin: https://www.hellpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxHsY1Lftuih%2F0is46otLAdoQ2eFPXEz%2Fg2%2FBNMqCQvq209E%2BUsz0f%2BRPB9RE2FW7oYE4XRfklsNSuz05ZqEH06GVrk4KcSrzGe7BciexuvVIaIznZ3H33Qo7YWKZ6bi89HQNR%2B%2BfNY57rTaoogzfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=31536000
cf-ray: 856651c48b655d98-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 40ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZNLC8QB558&gtm=45je42e0v877812229za200&_p=1708092053154&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=182137827.1708092053&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708092053&sct=1&seg=0&dl=https%3A%2F%2Fwww.hellpress.com%2F&dt=Hellpress%3A%20Web%20de%20informaci%C3%B3n%20de%20grupos%20de%20Heavy%20Metal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=734
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNLC8QB558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 60ms
19ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZNLC8QB558&cid=182137827.1708092053&gtm=45je42e0v877812229za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNLC8QB558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 65ms
41ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZNLC8QB558&cid=182137827.1708092053&gtm=45je42e0v877812229za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1116044735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
antenna.ayads.co/ 0
41 B 120ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?device=d&et=752&ga=1&gc=0&gm=0&gs=0&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=1&src=wf&t=1708092053254&tfz=1&tse=1708092053254&ver=20240216091008&z=25759&e=l&bh=1200&bw=1600&thn=www.hellpress.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
server: nginx

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/ 430 KB
135 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 08:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138518
x-xss-protection: 0
server: cafe
etag: 12880065651029678149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Feb 2025 08:54:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

810eef31207a7baf1178396bd55d5459de14e37095d6ff6f973690d7d4b0506e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: cafe
etag: 466 / 19769 / m202402120101 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 836 B
431 B 270ms
269ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1160736603410997&correlator=948692570510831&eid=31081226&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fifs&iu_parts=21707810080%2Cbillboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708092053357&lmt=1708091063&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hellpress.com%2F&vis=1&psz=0x0&msz=0x-1&fws=132&ohw=1600&ga_vid=182137827.1708092053&ga_sid=1708092053&ga_hid=758630352&ga_fc=true&dlt=1708092052890&idt=425&adks=1378672924&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75aacf994cc5cc3eddb9fdb09566bc766f4b81bccc66ee37c20625cf8e9a9c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
41 KB 602ms
601ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1160736603410997&correlator=948692570510831&eid=31081226&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fifs&iu_parts=21707810080%2Croba-1-escritorio&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x300&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708092053366&lmt=1708091063&adxs=1022&adys=850&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hellpress.com%2F&vis=1&psz=300x44&msz=300x0&fws=4&ohw=1600&ga_vid=182137827.1708092053&ga_sid=1708092053&ga_hid=758630352&ga_fc=true&dlt=1708092052890&idt=425&adks=1149995127&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26cc1370ef10c326b2495c0279e97748ba488faa22fd3d189b887a5207b26ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42441
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 1192ms
1191ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1160736603410997&correlator=948692570510831&eid=31081226&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fifs&iu_parts=21707810080%2Croba-2-prueba&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C300x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708092053370&lmt=1708091063&adxs=1022&adys=914&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hellpress.com%2F&vis=1&psz=300x44&msz=300x0&fws=4&ohw=1600&ga_vid=182137827.1708092053&ga_sid=1708092053&ga_hid=758630352&ga_fc=true&dlt=1708092052890&idt=425&adks=3483617433&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15c53232dc2ab5791df82752923ebe32b12f6cc28964aecd51608edcdc383897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9879
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 935ms
934ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1160736603410997&correlator=948692570510831&eid=31081226&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fifs&iu_parts=21707810080%2Croba-300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708092053373&lmt=1708091063&adxs=1010&adys=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hellpress.com%2F&vis=1&psz=324x600&msz=324x600&fws=4&ohw=1600&ga_vid=182137827.1708092053&ga_sid=1708092053&ga_hid=758630352&ga_fc=true&dlt=1708092052890&idt=425&adks=1727456582&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed94cf271bb589954abffbaa186866435e8281f517206b449279582bf2a2e37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11125
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 1595ms
1595ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1160736603410997&correlator=948692570510831&eid=31081226&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fifs&iu_parts=21707810080%2Croba-300x600-inferior&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708092053378&lmt=1708091063&adxs=1022&adys=3590&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hellpress.com%2F&vis=1&psz=300x644&msz=300x600&fws=4&ohw=1600&ga_vid=182137827.1708092053&ga_sid=1708092053&ga_hid=758630352&ga_fc=true&dlt=1708092052890&idt=425&adks=3204127027&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf96a8803fdc35f21446d5713c5255d205e78f8b1e46a2033e68b8f38080cdf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14661
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 459F 6 KB
3 KB 100ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:53 GMT
expires: Sat, 15 Feb 2025 14:00:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
28 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaa32dc4585d3dc960f78a1f94a6e531a301f8a951769ec24b0ec605ddeba749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29095
x-xss-protection: 0
server: cafe
etag: 440 / 19769 / m202402120101 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
28 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96eac7db58681de92f0f045ca7d47ddf8b5bfecda63f01db3053dafd6068200d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29075
x-xss-protection: 0
server: cafe
etag: 168 / 19769 / 31081207 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:53 GMT

GET
H3 200 hellpress-logo-s.png
www.hellpress.com/wp-content/uploads/2018/05/ 13 KB
14 KB 57ms
53ms Image
image/png 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2018/05/hellpress-logo-s.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f9cc4b7800736a68c3bcd9a02055277817f6b4d7789e6c5e1031c665011e8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13491
last-modified: Thu, 17 May 2018 21:22:35 GMT
server: cloudflare
etag: "34b3-56c6d6f2b432b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp6M1WPmM80GklnsfO%2FiF%2BDiGHWIrgS5I1uT7zMrbRDuAIi1r7tFSe6d1ALwXTY1FcXZY917eAVpSnTtVwYdTAbR5y4u%2FTpmHoo0TG%2FQjPa9zPgK7KLKwQp3Z4oe44%2BPHQq12v0tVPg2j%2BolI%2BmTzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e875d98-FRA

GET
H3 200 ac-dc-concierto-sevilla-533x261.jpg
www.hellpress.com/wp-content/uploads/2024/02/ 22 KB
22 KB 67ms
64ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2024/02/ac-dc-concierto-sevilla-533x261.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7283ba57892848e9d230021408983694c8ac72010d5c397eb12d5ef0f3056c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 22076
last-modified: Mon, 12 Feb 2024 11:56:01 GMT
server: cloudflare
etag: "563c-6112df62d7ff1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYgmglnP7QbSnGWc1aJBuZUveuhjivgkLnQ2lNUcfHfQxVBxOfMzZCqYniRikFF%2By2LcDU2DX2Sb%2B1QbJc2Ez5ZIjMyEu4sfhMZZhOFvTQuSWhsjl3xJsWYaKufPrp8YpzvYyaPJp%2Bl9iDwbxWItCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e8b5d98-FRA

GET
H3 200 lost-wingman-533x261.jpg
www.hellpress.com/wp-content/uploads/2023/11/ 31 KB
32 KB 75ms
72ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2023/11/lost-wingman-533x261.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b36397718611d0d8fe584abfadd03b2d7a433327e209f96654e9738c942b900

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 32187
last-modified: Thu, 02 Nov 2023 22:23:48 GMT
server: cloudflare
etag: "7dbb-60932d775f6ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3%2BpJu3IYSod9SlgYex%2FEfmIDny7%2F%2B7WIyQhT0pX8dKd%2FrBgtilbAeaHu7n%2BWxWEXTzVqDmFsdWmNTYL2eDPud%2F4MNWnudGZBLbYG4zg3fA%2F6nZQ54EAYhaA%2FatMOPA2scbYoYW6ysAvqtdYUilhxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e915d98-FRA

GET
H3 200 orden-ogan-2024-324x160.jpg
www.hellpress.com/wp-content/uploads/2024/02/ 8 KB
8 KB 473ms
470ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2024/02/orden-ogan-2024-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c86628ef00d39f6f13033179b9f15dfbe7cc586145a48f927427788af179dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7917
last-modified: Fri, 16 Feb 2024 13:40:43 GMT
server: cloudflare
etag: "1eed-6117fe3f4d8ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nySVRI0eQCzZsgWzZFPJ%2FVkbGQkBW2YjkB9SDiU78YIbPww7z7Sq%2BUwOYBFzpWlj8cGzkXUNS26fZWEIfhSLh7GrnGtdybleyKF1i8Amiu%2FvrF4LQIDkebFTZ0UIxbxCqBWE7B72kTyka3GSSK2Ltg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e965d98-FRA

GET
H3 200 grave-digger-2023-324x160.jpg
www.hellpress.com/wp-content/uploads/2023/10/ 17 KB
18 KB 140ms
137ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2023/10/grave-digger-2023-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e83cf9f3c12892e25485e60a9fce55953d4e4225968b66953fac061c192b0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17498
last-modified: Thu, 19 Oct 2023 17:15:13 GMT
server: cloudflare
etag: "445a-60814e6273287"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YduOyoFwL5griYhTZyuj5pXKUmMsIO%2Byd%2B%2Fr01pZ5ittA3H4BES8bCm%2BHemmXbVWNsj9WRK4du1MXaIETqOsICfRBFG7T6fWkVFbLKJldqIjUnmNi14BVy%2B7hs94T5BPRtge%2BT8bYPBKqaW4sB%2FUPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e995d98-FRA

GET
H3 200 iron-curtain-2023-324x160.jpg
www.hellpress.com/wp-content/uploads/2022/12/ 11 KB
11 KB 669ms
665ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2022/12/iron-curtain-2023-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dcd5f54b5d66f7b8a53dfb3117b075f7cfd4ce570689ea12ee809f6ccf30642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10887
last-modified: Thu, 08 Dec 2022 12:56:11 GMT
server: cloudflare
etag: "2a87-5ef508fb8feff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLcp9uqWu5TZ9xcbzt3nNou775UyhK6YvrkA%2FoOcpr1u1X1%2FNqB6KZtZm5Jc%2Bo12DgIHLwX6nqYELzHgweFQ2%2Fgbaj3LgKRPPGE874xS6Olu7OUc2vwclOrLNUX8J5vMrGGFVtfbIC80seePFSVbqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e9b5d98-FRA

GET
H3 200 kamelot-2018-324x160.jpg
www.hellpress.com/wp-content/uploads/2018/04/ 8 KB
9 KB 442ms
438ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2018/04/kamelot-2018-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b984a853681593d30894cc5538b42f0fca2259218a9a88cb31c7e87a1e8ac366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8688
last-modified: Thu, 05 Apr 2018 09:46:28 GMT
server: cloudflare
etag: "21f0-56916d050be7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH%2FDMSx5UMLU6ziSBAnIbXjfe23KKWHnzUkr40fXjkYyJMu5g7vhxoYigM57ecYrPrTqhHvMTSa%2FMkLWJe69O%2Ba5t3zaLwNhgRKepKzqNnbrnOiJOUcSJBO1Gn1%2BhgVMYbUorKqlr53bgNNaXlbo7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651c67e9d5d98-FRA

GET
H3

200

main.js Show response
www.hellpress.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 4F68
Redirect Chain

https://www.hellpress.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.hellpress.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

8 KB
4 KB

17ms
16ms

Script
application/javascript

2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Protocol

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc89ee46f06d28aa5fcf9fe72da1bda5f3dd4f90ef1e272604bee1418362e6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWVrap457yIjdSDDWlgdaStgu3WjB%2FXHP%2BB%2BbDz8uVFKHW%2FKtlPa6YgI7pKNsh6gVbiaLCJGFWN0mIaCB3YoraLVDv1R%2BXZcfRrUf4VnkbIb1sYBff6egNE0cPsHnhLp%2Fos9TceG3tUm9aKWhCeeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 856651c6ef325d98-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 16 Feb 2024 14:00:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ecmm%2Fp0SRt%2FJlBDL9iQIWXKP6OfY2FJk75j82G%2BUWaqHvzpjlVpasHhlYmDyVMfDREqlRN1bMzFGfRbFvX8qYprC%2FF9fbCyHt9Ep4eper1wfs1G8ZsM7AijfAuljjmjMvXeogWe4qaMGowqiKIifjA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
cache-control: max-age=300, public
cf-ray: 856651c6aed65d98-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 97ms
53ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c842c0eb155cd0fbb2e43a455c2e53fc43cbe1da549757d13df9bd6bc08520c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12370
x-xss-protection: 0

POST
H3 200 856651c0c8e23a7f Show response
www.hellpress.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4F68 0
642 B 49ms
49ms XHR
text/plain 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellpress.com/cdn-cgi/challenge-platform/h/g/jsd/r/856651c0c8e23a7f

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYXUZro%2F%2BbsVFFvn9H2T5znys33wFWXV%2FMsJ6U9koP4%2BRvd4NGq6tGhyrBR9IPI1MPQtfzKjvGSM%2FW7LBAY%2ByUtKici6FuawrfPXH9NOeV8ccsaKP3HTPav4jnJzlUmHPh8yt2Va6gspUcifmNyKJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 856651c99b455d98-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 138ms
102ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H2 200 container.html Show response
5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8CF 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:53 GMT
expires: Sat, 15 Feb 2025 14:00:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C957 624 B
825 B 71ms
44ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiojLaDAjAB&v=APEucNXcSdwBswcl9NxMqIgB3mAkzMsVV6rFNcyH6sUZm6iiK7oRBQdw2uNICtKlg48Uue-Iq9pUc7OMj-xDeT4AydmOQUp2VimXJQaxyn3JSVS6vkoDK7avWeJv5AN3W2xA-ffX3fSqHD-Y6ZG-OrYOZVeIvTCDHDtjIyB8JQAaqVoxboCCONw

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Fri, 16 Feb 2024 14:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame E8CF 23 KB
9 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:23:00 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame E8CF 8 KB
3 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:23:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E8CF 0
0 132ms
51ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuijd5yp-wM0lQ3fiyT4L9AIdTjk0d2EYMgAHUa02zcmCLu93kXVT7AwV1mH55sId9pSug1xPLyA5dnR7x2Dxefona2teVEYKhh0Eazd-YLtIyBO1d7H78MF4PT5qzW3b4gvHkljBw68c0f0pxAee-oyz1oyihnOQMjW_vK7lFP2ALK-EEvRHLmh6MRtPMz8uxlvJlyMGsgAfZ07xr-e2nTnnVJwMrAgOsn4dOfAL0ndBotoGgHELID_xkkVPdf-dOR8zBsmrwThcxiMp9C1kxukL0xUkLzlaGXVdeEgbg_lhujpRMZaZLrjbMh1Bpov1_9Tb5ZIjWrQv9vtFuQ4xpB5q2v1oEcQlsTzj682W_SRIK6dtDKmP4kHM5HfFRx1GfaiKv7tFnAwdWe2aGiqTRwiKRXDm1bmCHAHHsjqPJY2bkfDjc0fqAvrG5rZ4HaNHHNOWlapNSVUS-080ZHOVH0dwK8kqdIiXkD__QzE5Bt7TYjl6Slyyxb7RPS1f4UXhHCdIU9IfwIKR4fvxYK19V00OlYiylCnL2bMvU7mQcEAlNOLMtQP-ibWCD6Jgs9o7Zb7GBI3uhiO0pB_CVP5GYctpm_YJRya68L2-etR---bIWuw8riVj0RgJ8fsb6njfPUonQp1C6F4w31U6VQBXsGc_JK9jeYtK8DTvxfPrRuCyLNoxAAmS8qYHAPFKhe9aa_rFXt219mpM3O8lfhduDv4U2r2QYRUY4rVsytXFdP7U1Yhnu7Kj1ILkXiLLgdVOGQ5btRiX0JCNoJDcx4Qzj8gHYsnD0KdZNaiGQYh878X4iH3vz3Ad6W6nXLSEeLOuUCFWL4HctunQHoCUoI5_mOWYhQ3jhMaVFewv3UgZrDNws5bHnFShOSngL-tHwJ5wO5njnYOUCYRIpJBjLo26264ENtEtmbVMBOrIaUGrgVZn3tw6Cc9jsKGn4AH0iom55-5CLr08gnOzOZ0izQxMsKBViaiMvlUBBgW4OGmPGkYLTpP9C89MAdYpTNGjHmS8ygfwya7PSxF1SxJMGKxPRA6SKVp45Igpvkh6HYG-zQeBW4GXFcnQLtjXDuFQZE6FK6QwFQxXUyRaR1RvYtOmje3czdbLOrkopqhRglxxjw43dbZbPkhvxgMZTrO1uJrtZ34AhYtqF88_rM-_9sfVHzhiQYXHhFPB9Tn2hjcpMYK0NOBb9cT67JBB6wlRHT4686Aiubcj4c2oGR9K3SpFs8JNKXTFOZuu26IY8_NVmnt2cA_YcaHfiOjvjinvVBx4123n4u3raEmgCLGrpf6NgCyehv6Vtc3hmnoSjwm8awidUXSwLxDchcAL9b-YOXrS1SZ73hBy5ZkjEySKQ4NpD9y7PVGJGsHi7p-l2NTU6r38Uu4-kNOqKQUh68-OUd4UPfT1joXDV4JAu1F56g9UKSWD1BaWV4NM4P2P2O-E9HvpQenZUdj3ny776ih7hoBa4&sai=AMfl-YS9yvsFZmguVA2KMZG1hUKv9wRYg8DDSv8vrtR5VB4prOAUajgR2MpgupoKEZ-6k7X6zVs55wxpLeyP3FLhyKFLm26220gLJTQD1yVa8hE894tfPf6H7Mp9TVRejkNwwEf882pFjb3TDE4_nUjz1-Nyi_IHqRccywr3ddcQQbDzAE_W93k3uw8HAocWx_vqYbsm-1kjqv4dszKBtzbumnGyzfaCHc4WbOQ9spUMliUpA-Bgq19fXVwYfGVieM87ZI_vYDjlzfMkESE0XhaDCUyvqiaGVBv51pw_Uqq2UClIk6-vyGBok2H2PuFpK8QxBFdkc4_yA7pqanZS1gPE2htBcxqp20xnBMth7Hizq26uDARsGRby8a3Y-O3uU33Kas6bdkqdKXA9cZuZs4kc5KofOi8gOPO7VCqaZkCsPtOICQiyY7CuFVhlyzG-CXtZcMsy1mxjpGPcFz33by0Y6Xau7KYiqboyD21h-LHqLtg3HUchZhbgMFQ-JBPnQ7aVa_xK2g&sig=Cg0ArKJSzEx6IR7qO_fcEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240214.90026&arae=0&ftch=1&adurl=

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E8CF 41 KB
14 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:07:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame E8CF 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 09:37:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame E8CF 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8CF 42 B
63 B 48ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALQxNgjnagUGpG9QHK-Mzoiecn9hfA9cFsazmR-p_3lbD-BwnMnYDgGwSI4IEeyTSY2OFZGk14gVO8AAfyfRgeRUnG6DBNpYHjcHY1SHiCZB0MxqQ

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E8CF 204 KB
61 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:37:14 GMT

GET
H2 200 13739375872742066812
s0.2mdn.net/simgad/ Frame E8CF 96 KB
97 KB 31ms
8ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13739375872742066812

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ded9ba86cb6510c6e1df1558136048f758d08289c4674b5ea061e9bd76e9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 07:27:56 GMT
date: Wed, 14 Feb 2024 07:27:56 GMT
x-content-type-options: nosniff
age: 196378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98488
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 11:26:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0DEF 38 KB
13 KB 11ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 276615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:10:39 GMT
expires: Wed, 12 Feb 2025 09:10:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E8CF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2231ba532c5079062e39612b4e86eca5c0c8dbf101c50b1f5a8936bf74fc5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C957
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHfyiQ0D7B1G2ZNBrHoRqPQ&google_cver=1

43 B
337 B

30ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHfyiQ0D7B1G2ZNBrHoRqPQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiojLaDAjAB&v=APEucNXcSdwBswcl9NxMqIgB3mAkzMsVV6rFNcyH6sUZm6iiK7oRBQdw2uNICtKlg48Uue-Iq9pUc7OMj-xDeT4AydmOQUp2VimXJQaxyn3JSVS6vkoDK7avWeJv5AN3W2xA-ffX3fSqHD-Y6ZG-OrYOZVeIvTCDHDtjIyB8JQAaqVoxboCCONw
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ODoutlvD3ixAB0y78cO1JbLVI40BJz%2FlRjHMzyXRSxR2gXpysQNGhXsfn2nDj%2Fv0b%2B7JPY3OsLXUGxhFpU1MIubeqo8cUanbc3TsGcQBYNDLEjZxa047umSpyiF6NjnJYoUc2uHn7%2BABw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856651cbdb792c4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHfyiQ0D7B1G2ZNBrHoRqPQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C957
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc9qlrmqPTQAAGYOAMr28gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

43 B
769 B

28ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiojLaDAjAB&v=APEucNXcSdwBswcl9NxMqIgB3mAkzMsVV6rFNcyH6sUZm6iiK7oRBQdw2uNICtKlg48Uue-Iq9pUc7OMj-xDeT4AydmOQUp2VimXJQaxyn3JSVS6vkoDK7avWeJv5AN3W2xA-ffX3fSqHD-Y6ZG-OrYOZVeIvTCDHDtjIyB8JQAaqVoxboCCONw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGWqt1dBWP7LPjb%2BE8rQCrCp%2FMuFBWJlbolhrctNL0xsoJvYIXokmqxJrGnGfz7LH53f82CcJfmdeY6vShRA0Gpn2DNXWrPG6DKt2VzV27u%2BrlQ7vtw74PN6MtMAFNae%2FgdInumCovPFZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856651cc2f5b2bd9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C957
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtqI3_BE88GtL-X2DHBocs&google_cver=1

43 B
1 KB

20ms
19ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEtqI3_BE88GtL-X2DHBocs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiojLaDAjAB&v=APEucNXcSdwBswcl9NxMqIgB3mAkzMsVV6rFNcyH6sUZm6iiK7oRBQdw2uNICtKlg48Uue-Iq9pUc7OMj-xDeT4AydmOQUp2VimXJQaxyn3JSVS6vkoDK7avWeJv5AN3W2xA-ffX3fSqHD-Y6ZG-OrYOZVeIvTCDHDtjIyB8JQAaqVoxboCCONw

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
an-x-request-uuid: 4f85524b-ca7c-44c7-af85-51b48916fb22
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEtqI3_BE88GtL-X2DHBocs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C957
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

170 B
243 B

22ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
an-x-request-uuid: b01e215e-2ae1-477d-a01e-847169618d6e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D
x-proxy-origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E8CF 0
0 44ms
42ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuijd5yp-wM0lQ3fiyT4L9AIdTjk0d2EYMgAHUa02zcmCLu93kXVT7AwV1mH55sId9pSug1xPLyA5dnR7x2Dxefona2teVEYKhh0Eazd-YLtIyBO1d7H78MF4PT5qzW3b4gvHkljBw68c0f0pxAee-oyz1oyihnOQMjW_vK7lFP2ALK-EEvRHLmh6MRtPMz8uxlvJlyMGsgAfZ07xr-e2nTnnVJwMrAgOsn4dOfAL0ndBotoGgHELID_xkkVPdf-dOR8zBsmrwThcxiMp9C1kxukL0xUkLzlaGXVdeEgbg_lhujpRMZaZLrjbMh1Bpov1_9Tb5ZIjWrQv9vtFuQ4xpB5q2v1oEcQlsTzj682W_SRIK6dtDKmP4kHM5HfFRx1GfaiKv7tFnAwdWe2aGiqTRwiKRXDm1bmCHAHHsjqPJY2bkfDjc0fqAvrG5rZ4HaNHHNOWlapNSVUS-080ZHOVH0dwK8kqdIiXkD__QzE5Bt7TYjl6Slyyxb7RPS1f4UXhHCdIU9IfwIKR4fvxYK19V00OlYiylCnL2bMvU7mQcEAlNOLMtQP-ibWCD6Jgs9o7Zb7GBI3uhiO0pB_CVP5GYctpm_YJRya68L2-etR---bIWuw8riVj0RgJ8fsb6njfPUonQp1C6F4w31U6VQBXsGc_JK9jeYtK8DTvxfPrRuCyLNoxAAmS8qYHAPFKhe9aa_rFXt219mpM3O8lfhduDv4U2r2QYRUY4rVsytXFdP7U1Yhnu7Kj1ILkXiLLgdVOGQ5btRiX0JCNoJDcx4Qzj8gHYsnD0KdZNaiGQYh878X4iH3vz3Ad6W6nXLSEeLOuUCFWL4HctunQHoCUoI5_mOWYhQ3jhMaVFewv3UgZrDNws5bHnFShOSngL-tHwJ5wO5njnYOUCYRIpJBjLo26264ENtEtmbVMBOrIaUGrgVZn3tw6Cc9jsKGn4AH0iom55-5CLr08gnOzOZ0izQxMsKBViaiMvlUBBgW4OGmPGkYLTpP9C89MAdYpTNGjHmS8ygfwya7PSxF1SxJMGKxPRA6SKVp45Igpvkh6HYG-zQeBW4GXFcnQLtjXDuFQZE6FK6QwFQxXUyRaR1RvYtOmje3czdbLOrkopqhRglxxjw43dbZbPkhvxgMZTrO1uJrtZ34AhYtqF88_rM-_9sfVHzhiQYXHhFPB9Tn2hjcpMYK0NOBb9cT67JBB6wlRHT4686Aiubcj4c2oGR9K3SpFs8JNKXTFOZuu26IY8_NVmnt2cA_YcaHfiOjvjinvVBx4123n4u3raEmgCLGrpf6NgCyehv6Vtc3hmnoSjwm8awidUXSwLxDchcAL9b-YOXrS1SZ73hBy5ZkjEySKQ4NpD9y7PVGJGsHi7p-l2NTU6r38Uu4-kNOqKQUh68-OUd4UPfT1joXDV4JAu1F56g9UKSWD1BaWV4NM4P2P2O-E9HvpQenZUdj3ny776ih7hoBa4&sai=AMfl-YS9yvsFZmguVA2KMZG1hUKv9wRYg8DDSv8vrtR5VB4prOAUajgR2MpgupoKEZ-6k7X6zVs55wxpLeyP3FLhyKFLm26220gLJTQD1yVa8hE894tfPf6H7Mp9TVRejkNwwEf882pFjb3TDE4_nUjz1-Nyi_IHqRccywr3ddcQQbDzAE_W93k3uw8HAocWx_vqYbsm-1kjqv4dszKBtzbumnGyzfaCHc4WbOQ9spUMliUpA-Bgq19fXVwYfGVieM87ZI_vYDjlzfMkESE0XhaDCUyvqiaGVBv51pw_Uqq2UClIk6-vyGBok2H2PuFpK8QxBFdkc4_yA7pqanZS1gPE2htBcxqp20xnBMth7Hizq26uDARsGRby8a3Y-O3uU33Kas6bdkqdKXA9cZuZs4kc5KofOi8gOPO7VCqaZkCsPtOICQiyY7CuFVhlyzG-CXtZcMsy1mxjpGPcFz33by0Y6Xau7KYiqboyD21h-LHqLtg3HUchZhbgMFQ-JBPnQ7aVa_xK2g&sig=Cg0ArKJSzEx6IR7qO_fcEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=122&vt=11&dtpt=120&dett=2&cstd=0&cisv=r20240214.90026&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DEF 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 09:37:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 24A8 13 KB
5 KB 14ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 13:57:53 GMT
expires: Sat, 15 Feb 2025 13:57:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D060 829 B
1 KB 45ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f289868c7729c02b5c6e870c4a6625314979cb8d47a6deb0681eb80cc322d4e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yHlKi4mNaCvGrfCIwf2kUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yHlKi4mNaCvGrfCIwf2kUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Fri, 16 Feb 2024 14:00:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFFE 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:53 GMT
expires: Sat, 15 Feb 2025 14:00:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F1D4 624 B
368 B 47ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNWjVVmmdLX_CXnRO2y_krE6tKkF8xNcFi83COWTIbC9_D4P-pbX36r9TIAf8awJS810GIebYv3-iM8Qvfdnm23Vbo0nsvyziOOqrJaloYQAI1VW9n37m7kWTum1iiFUYCIkqIdrCKSmVN83LWGIMt73llw6VgD9kHMie2kVDN91Y9M7-oE

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Fri, 16 Feb 2024 14:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BFFE 93 KB
33 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFFE 42 B
63 B 41ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdxLuofoHXp8h_m31xOZpMLMUehqSzbLfua72TTsA1C03DfKYKMnCBKX7x0kSJXFNMhwsDPq6B5yzK7NAOyB8sJ3S5JfXodLEunJG1Iglwrj5MNig

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame BFFE 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:57:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame BFFE 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BFFE 204 KB
61 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:37:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D060 0
0 39ms
38ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402120101&jk=1160736603410997&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 24A8 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 09:37:31 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F1D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

43 B
734 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNWjVVmmdLX_CXnRO2y_krE6tKkF8xNcFi83COWTIbC9_D4P-pbX36r9TIAf8awJS810GIebYv3-iM8Qvfdnm23Vbo0nsvyziOOqrJaloYQAI1VW9n37m7kWTum1iiFUYCIkqIdrCKSmVN83LWGIMt73llw6VgD9kHMie2kVDN91Y9M7-oE
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ%2BUgV5aINuQlTl%2BwX9l9ezA0uIudaKvHHwOQ5oN5r38JsPwakY1RM55d2dzA7z806nBVA5dX%2Fhtfo0H26jyLRSARxdAAAzGyaiLYXPpFtKHdKaDD11KyeHt29EvTVGTZO7Bs%2BFs8rxS%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856651cc7fdc2bd9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F1D4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc9qlrmqPTQAAGYOAMr28gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1

43 B
731 B

28ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNWjVVmmdLX_CXnRO2y_krE6tKkF8xNcFi83COWTIbC9_D4P-pbX36r9TIAf8awJS810GIebYv3-iM8Qvfdnm23Vbo0nsvyziOOqrJaloYQAI1VW9n37m7kWTum1iiFUYCIkqIdrCKSmVN83LWGIMt73llw6VgD9kHMie2kVDN91Y9M7-oE
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giBc8U0uCd2BYW%2BgBtHS5Dj%2BpuX8eadzalBPrKpb6gxNg9As4CqKZbbWdSswaGbYTj6LhyFxz5uBempf%2Fz04o2p3rhxHLHeoKMgfJtcx3hIjwCkPxeKnmB8Aiaa8jZbJVwpcj1T%2FBqeY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856651cc98242bd9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzq0hNy2nADiWGgNYDUsag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F1D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJpx0ZpgTPzAItGya3WxPaY&google_cver=1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJpx0ZpgTPzAItGya3WxPaY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNWjVVmmdLX_CXnRO2y_krE6tKkF8xNcFi83COWTIbC9_D4P-pbX36r9TIAf8awJS810GIebYv3-iM8Qvfdnm23Vbo0nsvyziOOqrJaloYQAI1VW9n37m7kWTum1iiFUYCIkqIdrCKSmVN83LWGIMt73llw6VgD9kHMie2kVDN91Y9M7-oE

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
an-x-request-uuid: 3bf39a90-f7e5-4d39-af64-0322c04d81b8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJpx0ZpgTPzAItGya3WxPaY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F1D4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
an-x-request-uuid: fbdbfc90-bfa3-4706-92a7-ce5a66a9eae9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwNDE1MzU3MjAwODgyNDgxMw%3D%3D
x-proxy-origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFFE 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7516146394783&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFFE 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7516146394783&version=m202401290101&ct=77&x=1&cor=15361353511779250000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BFFE 34 KB
19 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An4vZ6gomyWVXg7FTKubO8VDewAO1y97oyvpsW96yGfHDzGFxt93kUnXP92HIDlqvDOnuPpUNXbD3OyblJJSBHAzrLF2OqAO2P5Kd4oNRhxflIaxa5Ilg4adBM9OKBJ0QROtbC2EwnsINgSgZTKVyOW0qrfoL0RKZ6WT4tHT7Y6vk3_W0&cry=1&dbm_d=AKAmf-AvP_Tf3QpbbK3H_G48FH-ZYdIVyxlSfx2ywAFSOLd4f_tgNzEFjSAlGOs0OTFD8k0ibNvJx0StMJDt8zsjYoeglmm0Z08d5ygLQGlXOv2-9TF-YTuZ0YwLlG0DooaNYYdQdw5nl13CEyzQs8XY-NQe3PUAp37mNJSXrz80ILhBxggM4kw2Tbs43WT0ghV58AgJYM_b4yM4ZLxRsG6-qulAnrsyOfX1Eat3LhiU2KvNKsAB4XbwkBVThhBRo5R1Fi1sbI6-63GeZHfeENnZx_Go96nltcp3Ng_eG0P0vRUPmfRXOEhYYogs1HPKMHeEG-o-MadeZJmZ5bW9tu8oTQ8xiw0WxTozQr1SpyZHN4SiC3ifzkt7w9bfNAcZgDKAgd-8knfusPfbibU1th4mal8dDk9GSaXCesoGokWs7OmeG3x0zWclsSDEXNGzpEODWp3D9dilftjHy3-5tRTyMnPF3HSRgNO352XDz7FnGuHb5igjtPo1xzWO6tUBo7uitYpBVoQR9ato6YV2z5MS4uObfir93_YiNrIbMk67W8BEkjwfB0lU7rXW-mzLmydg0RXFtPOFWJ5ZPISUAwlW6umfZm_4xaH8cRP8hE5DKOidZ-diStPouaVT5YcQxfT-70yxlu1kyU0ILpi6IHuc6fPw3WZwXi37o6hN2ZL6mHD_pnJC92RvgXvAYVsAPtqNotlOpmWd777QEJlURcWlxi4KXeo2Qd54RHqJVV7kG3UPd0PYLz2ggfwpZpxXRS7e_oi2syRVz3a79EGVZdT4lsK2CcXV9s0C4XA8F7DTGl9MtECK_Y3PK72lG91TeMGMUMRT2_FMwgpzdtZJeK44-vbO9igERPy_bBsn9M6iFx3mU6bVTWswL2QpF5cXCDIV99sMral8AIwSWRImyuOuoaRl-qZKf9kTnyGVKbZ5YcNOt2M5W0nRxzf8dr6aBg-G-I-RGnb4hIdPTvxb1Vmjmj3DBU6DJ8ZybNnDFeWPxKg5MG20_diW7jhpPI4Vy8z1W-yZaIpZdnV9-qMyM5uL1ARJTpDxN8EUT4wE0onv7PxfhLGbcJfiqTDE0v90cwVxWJStrqEaPFYeNY2URvdbcVF8mZP_hmOZtVcSgVoHLHZNMDRb4ihx0xnfZPW93ni8NgzpmFxIyZGQCE9axRif7rB9WLSjMOuIYLKe_sMPyYpwNCrFHF6aejqeN0DsfwmFg00TkZLPn2YfWQZUmOn3GsUXbnMZp8hbRaCUnrFsIUfwnmYmNcx7ObafRjYu0vtZUMrdd76T7Vv8eWZZ21tzl0Pcbl00zo8wEl8U9svp1XmRTTV-60DNMYQytevmXBvHciQWS9-sVyTwzHJc-AYZZZxlpKLOhdybWUfseaDBKyb5Ng5ANnaI8Laos4qFLIe51j0RiBKEVuyVrgH4DxMckbBOJj0Y7YSn8Pm4d5XGEUNmKavnAmw758wg5ye_1LKQ-d2OWaFSBgWTB6eEILi9ssOoDZRh_LQ48p7fJ6-XcVrnYiXMgUbnvHLIqyl6yizvaLNOFNinpGvuSzsVFngNDRGcz9bPPcz7_6Q1bAHZ9mjfPn3K4cxs-lWC3VKwrLOBscWHAOrG3xA__cSlVi72u38CAoEp8yC1qdMRfHWF7F10blUqAY4RBXGS5QRxZ36HLMq2XRjHyUJYUkL222a7Glh_PJUMehTb945PoksN35FSw42NNIMIsEJI1tfj0iqjJ4FTbQknD8P4HkaVXS1rE1Eq8aYANcy1rPk4CRn2XXDcEe_7_8enoq1Nhm02qBUvxEPrc-yFVMIUDngDO7508ikTdb4gfDMs7ZVrpTI6gExKgmoZTmJYOB6SjAlnapPd6aYlJmmBJbN6MV6VhumtGSBp6xGfL0AEVKSphcgqIao0nGRfH7Xc5AmQuQH-ukyGS5zG4uofTrDKtVwtV1ps6SEI5B0KSwTJzZherUTaTQog9RrCsmXl7IjNa82PkOfv7T5ukkn85QLEqNf8kQYNkN_Mhmg3EpUsNr8fLOc4LSZZFmHJnIyvth0bfTTeDr17cmMf0J3FH7hpp6UWTsFVVpxqKAxoW6E5LlGWrDRcruwILyibNUFhVcSTN7Gi-PUWkSkTRiynxvMr3HbeWJZ59b97DQVuzmeJOX6-DMlMHFAC_Sn1EsBZU7KU_p6tdDmucyvHl5wkz3_F5TXPivbYD_ch2eVFgiWPisXk3BvcslmPKVudnT_dnNNand-YxACUFK8KuxunChOcwbCJnCaQNLwxaCNsoVoDSd0An2AktkSTSOOSrDJxY8jGjfz4-VNM5ig1TrEm4kKtNihYxZGZf6RsZtFYwYUyd6CYgQMp1UXDuJVWZxOMLICOLteFJO-R6_1MZwTU-AxPqVnNNmTtc71q2SOEOUmhuJ4cgTZ1NG2Zh3SDxEVn4A93lXJf72yVgKM6uubOLP2omDncyHgnlwlimznt0-2QAY1DInMnVqKZftJAcidJxdgqGiOQlQ6bk6UYOunR04tuk9_CkSZfet7NW4wJGR5YovNXBfb0KCxQao9CNXTR0TIgGgqlcEK4SgtCdf1UQWJzeu741BfcbGp9lf6i5mxGT4LjbcnNQxDi0eCJFuCQlSbcZKsrCkOsj1_L3BxxGr247tR-H1XgJZ61ApizaF7NULt7jhcGNOqSm02BiM5UZEQF-Zgj4_sqrbQiQLhE3hasmQEaBUtQzzswK-n9J4vjlyQ3a_nwcBQqE5dmge0FE5d35cfNMv6UdpQqhrMWz1EbSGT-GSmELcqYLUc-BCvNDHVrwDqtWzmiZEEgrRJdAw0NPIhZ9hUO84zra7skXZrQTqjALVCULNImNamT5oUk0yXlwW2FdWkBZP-kHZevdAF_VuSB6FlUoPNLFKouc6-_K_59XyjAiifcN4ioEN5xkNotqSFTvy5-E4s3DOlzjKYDBrQoZCAKfx1JhJ7GUz3s32rb1OmjORnJT-7SyO8jmUXTt0HT-4WzraRIA4jOqVl2b6WE7rU17Xbv-VPKsKv0PaidXUQVuJGvlaY3QFFAtKaRQDBOSEqDY32AEDyZp764oZEfKbrnpL767yopjWLlzHanwH-WUQP4ghfaxpN3O4ntLZPdV1_HAFFe4rl4gt2qxKn-27ihPtdmYrJfPfA36ArRgUSSkAiyDLmluFBBsIROgKdr9Gzn8da8GEQpVrpxeYQBEpLOAI412c_nXSB6Mhh9T36cArHcePabbjQDuB9fijkkvDgeH01adnkyNJSZHPgr_aaSK48q8RxvjJR29npcEhSEUWeaUyOfrX138X2Zvh9_sCmun4H54A4CzA5faoXuQQWwVjzkk4Hv5I6nGW8zhnG_6yIRYfc64xBFSRVUgsXGdDpiiPERLUAudUVyMPzW-m8942AIwfX7nJcCW5FI4_mbZeFIog3HavzEO_71O3iAbQh7cy3DZwkbx3WtbEQxCHdGEcroNhc_nfUbSGkOZq4hZsxK3fM_ZdVPio3p6IlHfJfpOUsdaY54PTzJ_Cfk6-O1QHz1etcjpz3owR4TA3Q5Lu1b3UTvWwwQkpbnuNYXWVerLf-9AbTfkEK0_QPx3-iC0tj4ps8O5cOIxC2QrzgBezY6-HjueSsvOVWe5w9QECQW8Zrlkl-OVjlECqT-CgdvHu9k4-DIaEC2zeIbkWEZmCWdkvkOWgjjNhTDfRCX-FL5CE4rItVwCDhzkWsV60IOHErULpUES58kTJ9O2jqQVTMmqGWWesaOxigni8REpm3QdKKXPaBC0ZsLODK5TftvfisiBLVsaVl08WFlL0C887uW0z_8LPWqUHS94xeZfeQxVWcpOiS6oRSL_9YLLHsQVp4xHghNNqFynUZGYP2jNPlrrPPgCA9eX9Qj2xKnb3icxdCAqOVmWt1IOx6riIWKrSU2KLaT5fwIKXERlPEz8fpECTGlo08oP8NuJFtPh-sUOjdlF81ipvZr6bVxRqEUalrhn8Cyf7sQefJVgje326AmIjkidBSOXZyeOvBKmKBUZDuOJfm5QLXHu646vA5-n4WRxvGkwSzd7cOI_DR1C2czamugntYIibaH52pL71dIeaH5HpZGhs-u-od7cxOlk70e0upy&cid=CAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hellpress.com%2F&ds=l&xdt=1&iif=1&cor=15361353511779250000&adk=2228999114&idt=53&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8143cc93ba9555bc670d43faad3edda8c803597a9227ac1a9dcc0eb0e444a258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19684
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame BFFE 30 KB
11 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An4vZ6gomyWVXg7FTKubO8VDewAO1y97oyvpsW96yGfHDzGFxt93kUnXP92HIDlqvDOnuPpUNXbD3OyblJJSBHAzrLF2OqAO2P5Kd4oNRhxflIaxa5Ilg4adBM9OKBJ0QROtbC2EwnsINgSgZTKVyOW0qrfoL0RKZ6WT4tHT7Y6vk3_W0&cry=1&dbm_d=AKAmf-AvP_Tf3QpbbK3H_G48FH-ZYdIVyxlSfx2ywAFSOLd4f_tgNzEFjSAlGOs0OTFD8k0ibNvJx0StMJDt8zsjYoeglmm0Z08d5ygLQGlXOv2-9TF-YTuZ0YwLlG0DooaNYYdQdw5nl13CEyzQs8XY-NQe3PUAp37mNJSXrz80ILhBxggM4kw2Tbs43WT0ghV58AgJYM_b4yM4ZLxRsG6-qulAnrsyOfX1Eat3LhiU2KvNKsAB4XbwkBVThhBRo5R1Fi1sbI6-63GeZHfeENnZx_Go96nltcp3Ng_eG0P0vRUPmfRXOEhYYogs1HPKMHeEG-o-MadeZJmZ5bW9tu8oTQ8xiw0WxTozQr1SpyZHN4SiC3ifzkt7w9bfNAcZgDKAgd-8knfusPfbibU1th4mal8dDk9GSaXCesoGokWs7OmeG3x0zWclsSDEXNGzpEODWp3D9dilftjHy3-5tRTyMnPF3HSRgNO352XDz7FnGuHb5igjtPo1xzWO6tUBo7uitYpBVoQR9ato6YV2z5MS4uObfir93_YiNrIbMk67W8BEkjwfB0lU7rXW-mzLmydg0RXFtPOFWJ5ZPISUAwlW6umfZm_4xaH8cRP8hE5DKOidZ-diStPouaVT5YcQxfT-70yxlu1kyU0ILpi6IHuc6fPw3WZwXi37o6hN2ZL6mHD_pnJC92RvgXvAYVsAPtqNotlOpmWd777QEJlURcWlxi4KXeo2Qd54RHqJVV7kG3UPd0PYLz2ggfwpZpxXRS7e_oi2syRVz3a79EGVZdT4lsK2CcXV9s0C4XA8F7DTGl9MtECK_Y3PK72lG91TeMGMUMRT2_FMwgpzdtZJeK44-vbO9igERPy_bBsn9M6iFx3mU6bVTWswL2QpF5cXCDIV99sMral8AIwSWRImyuOuoaRl-qZKf9kTnyGVKbZ5YcNOt2M5W0nRxzf8dr6aBg-G-I-RGnb4hIdPTvxb1Vmjmj3DBU6DJ8ZybNnDFeWPxKg5MG20_diW7jhpPI4Vy8z1W-yZaIpZdnV9-qMyM5uL1ARJTpDxN8EUT4wE0onv7PxfhLGbcJfiqTDE0v90cwVxWJStrqEaPFYeNY2URvdbcVF8mZP_hmOZtVcSgVoHLHZNMDRb4ihx0xnfZPW93ni8NgzpmFxIyZGQCE9axRif7rB9WLSjMOuIYLKe_sMPyYpwNCrFHF6aejqeN0DsfwmFg00TkZLPn2YfWQZUmOn3GsUXbnMZp8hbRaCUnrFsIUfwnmYmNcx7ObafRjYu0vtZUMrdd76T7Vv8eWZZ21tzl0Pcbl00zo8wEl8U9svp1XmRTTV-60DNMYQytevmXBvHciQWS9-sVyTwzHJc-AYZZZxlpKLOhdybWUfseaDBKyb5Ng5ANnaI8Laos4qFLIe51j0RiBKEVuyVrgH4DxMckbBOJj0Y7YSn8Pm4d5XGEUNmKavnAmw758wg5ye_1LKQ-d2OWaFSBgWTB6eEILi9ssOoDZRh_LQ48p7fJ6-XcVrnYiXMgUbnvHLIqyl6yizvaLNOFNinpGvuSzsVFngNDRGcz9bPPcz7_6Q1bAHZ9mjfPn3K4cxs-lWC3VKwrLOBscWHAOrG3xA__cSlVi72u38CAoEp8yC1qdMRfHWF7F10blUqAY4RBXGS5QRxZ36HLMq2XRjHyUJYUkL222a7Glh_PJUMehTb945PoksN35FSw42NNIMIsEJI1tfj0iqjJ4FTbQknD8P4HkaVXS1rE1Eq8aYANcy1rPk4CRn2XXDcEe_7_8enoq1Nhm02qBUvxEPrc-yFVMIUDngDO7508ikTdb4gfDMs7ZVrpTI6gExKgmoZTmJYOB6SjAlnapPd6aYlJmmBJbN6MV6VhumtGSBp6xGfL0AEVKSphcgqIao0nGRfH7Xc5AmQuQH-ukyGS5zG4uofTrDKtVwtV1ps6SEI5B0KSwTJzZherUTaTQog9RrCsmXl7IjNa82PkOfv7T5ukkn85QLEqNf8kQYNkN_Mhmg3EpUsNr8fLOc4LSZZFmHJnIyvth0bfTTeDr17cmMf0J3FH7hpp6UWTsFVVpxqKAxoW6E5LlGWrDRcruwILyibNUFhVcSTN7Gi-PUWkSkTRiynxvMr3HbeWJZ59b97DQVuzmeJOX6-DMlMHFAC_Sn1EsBZU7KU_p6tdDmucyvHl5wkz3_F5TXPivbYD_ch2eVFgiWPisXk3BvcslmPKVudnT_dnNNand-YxACUFK8KuxunChOcwbCJnCaQNLwxaCNsoVoDSd0An2AktkSTSOOSrDJxY8jGjfz4-VNM5ig1TrEm4kKtNihYxZGZf6RsZtFYwYUyd6CYgQMp1UXDuJVWZxOMLICOLteFJO-R6_1MZwTU-AxPqVnNNmTtc71q2SOEOUmhuJ4cgTZ1NG2Zh3SDxEVn4A93lXJf72yVgKM6uubOLP2omDncyHgnlwlimznt0-2QAY1DInMnVqKZftJAcidJxdgqGiOQlQ6bk6UYOunR04tuk9_CkSZfet7NW4wJGR5YovNXBfb0KCxQao9CNXTR0TIgGgqlcEK4SgtCdf1UQWJzeu741BfcbGp9lf6i5mxGT4LjbcnNQxDi0eCJFuCQlSbcZKsrCkOsj1_L3BxxGr247tR-H1XgJZ61ApizaF7NULt7jhcGNOqSm02BiM5UZEQF-Zgj4_sqrbQiQLhE3hasmQEaBUtQzzswK-n9J4vjlyQ3a_nwcBQqE5dmge0FE5d35cfNMv6UdpQqhrMWz1EbSGT-GSmELcqYLUc-BCvNDHVrwDqtWzmiZEEgrRJdAw0NPIhZ9hUO84zra7skXZrQTqjALVCULNImNamT5oUk0yXlwW2FdWkBZP-kHZevdAF_VuSB6FlUoPNLFKouc6-_K_59XyjAiifcN4ioEN5xkNotqSFTvy5-E4s3DOlzjKYDBrQoZCAKfx1JhJ7GUz3s32rb1OmjORnJT-7SyO8jmUXTt0HT-4WzraRIA4jOqVl2b6WE7rU17Xbv-VPKsKv0PaidXUQVuJGvlaY3QFFAtKaRQDBOSEqDY32AEDyZp764oZEfKbrnpL767yopjWLlzHanwH-WUQP4ghfaxpN3O4ntLZPdV1_HAFFe4rl4gt2qxKn-27ihPtdmYrJfPfA36ArRgUSSkAiyDLmluFBBsIROgKdr9Gzn8da8GEQpVrpxeYQBEpLOAI412c_nXSB6Mhh9T36cArHcePabbjQDuB9fijkkvDgeH01adnkyNJSZHPgr_aaSK48q8RxvjJR29npcEhSEUWeaUyOfrX138X2Zvh9_sCmun4H54A4CzA5faoXuQQWwVjzkk4Hv5I6nGW8zhnG_6yIRYfc64xBFSRVUgsXGdDpiiPERLUAudUVyMPzW-m8942AIwfX7nJcCW5FI4_mbZeFIog3HavzEO_71O3iAbQh7cy3DZwkbx3WtbEQxCHdGEcroNhc_nfUbSGkOZq4hZsxK3fM_ZdVPio3p6IlHfJfpOUsdaY54PTzJ_Cfk6-O1QHz1etcjpz3owR4TA3Q5Lu1b3UTvWwwQkpbnuNYXWVerLf-9AbTfkEK0_QPx3-iC0tj4ps8O5cOIxC2QrzgBezY6-HjueSsvOVWe5w9QECQW8Zrlkl-OVjlECqT-CgdvHu9k4-DIaEC2zeIbkWEZmCWdkvkOWgjjNhTDfRCX-FL5CE4rItVwCDhzkWsV60IOHErULpUES58kTJ9O2jqQVTMmqGWWesaOxigni8REpm3QdKKXPaBC0ZsLODK5TftvfisiBLVsaVl08WFlL0C887uW0z_8LPWqUHS94xeZfeQxVWcpOiS6oRSL_9YLLHsQVp4xHghNNqFynUZGYP2jNPlrrPPgCA9eX9Qj2xKnb3icxdCAqOVmWt1IOx6riIWKrSU2KLaT5fwIKXERlPEz8fpECTGlo08oP8NuJFtPh-sUOjdlF81ipvZr6bVxRqEUalrhn8Cyf7sQefJVgje326AmIjkidBSOXZyeOvBKmKBUZDuOJfm5QLXHu646vA5-n4WRxvGkwSzd7cOI_DR1C2czamugntYIibaH52pL71dIeaH5HpZGhs-u-od7cxOlk70e0upy&cid=CAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hellpress.com%2F&ds=l&xdt=1&iif=1&cor=15361353511779250000&adk=2228999114&idt=53&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:24:40 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BFFE 41 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:07:44 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODA5MjA1NDQ5NDk2MAogIHNlcnZlcl9pcDogMTQ2NTM0MDgzCiAgcHJvY2Vzc19pZDogMTQxMDA1OTY1OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame BFFE 0
596 B 43ms
42ms Image
image/png 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODA5MjA1NDQ5NDk2MAogIHNlcnZlcl9pcDogMTQ2NTM0MDgzCiAgcHJvY2Vzc19pZDogMTQxMDA1OTY1OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODMzMTI3MDMyMDE4NDk0NzIzNQpkZWJ1Z19rZXk6IDEyODIzNjkxNTY5NDExMTMwMTU0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0xNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTYwNDE2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY5ODYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQKZG1hX3Byb2R1Y3RfaWQ6IDEyMjcxNTgzNwo

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2692c72fb10c5bb00000000000000000","13":"0x6201d4644b1748870000000000000000","14":"0xa6317064f966e1be0000000000000000","15":"0x6837e9a1a06fe5f90000000000000000"},"debug_key":"12823691569411130154","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"18331270320184947235"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame BFFE 12 KB
4 KB 43ms
10ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1708092053946849&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5b7345267124f934e147130ccd60ec744e7e60e9e633be9a5aefe74c5a07c1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 14:00:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4261
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 24A8 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Nb5LOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DE4 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 276615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:10:39 GMT
expires: Wed, 12 Feb 2025 09:10:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DEF 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOKEvlWrPZYiCJ_uM_NUP3KeVyAcAAAAAOAHgBAI&bg=!ExClEF_NAAZN4L4YbeA7ADQBe5WfOIMpN3KK8ElabExozmr9sjqbRdusvsHPhQGe8Ni_A4ashOAvzJFm6KnPRV_mxCbsAgAAALdSAAAAA2gBBwoAGABPb39tQGqfdDbhhQTq6B64dTxwTq6GYJkDHhnm3TNUXf-agu2BTNSw3F_fS7QbZdQ4p83hSPwV5U92UJZJlFjvvRSQB3BMkyuwC1B27ydaingDmmx1Ub6yMn4OkcV0XxiBgXNp7lnUoyK7gETeCmHJTFF450GBqfhMV761MkKAAiWUjeLGxFuU5SvudBg3s1DO5Enms93UCSGIwPVnlGdxTANSpCtAVF0SyMSAMDLlXVifPK8RhpVpSqdtqotzIkPtwSlQtciJiuS7scGfEKZ9HP66HtUmZ5KH_tfsyFCqgUjqcFC7Emhz8bunh_HIgiq1yQeYghllH56RKVCIUCjaH5l7RUBLGGKhxb0k73mmtpxaoqB6eTTcjeCQHSLXWXW_eY89xvddRZUr_3_1KH0gH7e11cYoyuRsobb3B3L0uMR_6Ivobl3uDpu7k3ul0jUC-6ZTOp6QZNVeY-hQNTt4epluVnEr_enl9M-ASiCII_fUmY5POTMy9GPyPB0IK_zgpnZNv0ljVU2ktiSe5Hdaq07D8eZWxpNaW5ZK9SD-mIJElOyN2dEnPy3McDCQdEVSD2DQaHvI1DC796wCxGij3B7pHIpRsw9mLD1gv2S6VPg1-yI7fXF1acJUvHvGYyORyACtow3xTOFmpFTospwYUdXvgOeh5ODblt3uPF_zhg2d92B0KZStOra7VkIX7_El7Ew7a4wWCWpOcMaKnKdcW6RsbqEoB2FD8YV_1u_BZlt2VI28aTpnPYMrSPm7dA0vl6AuIh7DtNH16LHk6O9x-_dByy845mY30JYGsMDKifO7nWtP_kc0gZ_VErqk1eq0GHHHAYF2ebetXUpqDn2-Oenk2S58hLDYn-vhAfhDCY9xg74wwODJo1RjYWFfjujQyMqbZLsSddS25vqoMTxQnwy1xjQEDJyOpoq__Vl-HOi0m_eESImnGlHOW4ez8OCS52mdl7I8qwkP7x9iYXJdmWj368MPwYGePEUCpfs3qMDXRBW_dXgIoTXWt6-OGecn17MG3z3yPqTIIoqxiBLK_apQ0LBA-cpnGRhzm5iLLlJloLclrQpsubSCFDJrVtdJrJyhJ-6hMg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F167 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:53 GMT
expires: Sat, 15 Feb 2025 14:00:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame BFFE
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

96ms
82ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2c59b193778c30c057f5e1d2213a9d55ae11fd88775b4d226a9015b21ea54e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Feb 2024 14:00:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 23261800110162204444978012602025
Connection: close
Content-Length: 1367
Expires: Fri, 16 Feb 2024 14:00:54 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 16 Feb 2024 14:00:54 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 16 Feb 2024 14:00:54 +0100

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DE4 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 09:37:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9787 640 B
265 B 48ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Fri, 16 Feb 2024 14:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F167 93 KB
33 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F167 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJoGj_wpc6X584OmjFAvwctHq9p4bbWBDqDa2nibISsFdEjByyPiYARzJSO_zGJ3h_BVnoeI5OCGDx6DOfZgk2pts2fLK8ujtODsCE44I_iMNlGRg

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame F167 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:57:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame F167 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F167 204 KB
61 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:37:14 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9787
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHbhcPFqVNrpC_D39mu2bV0&google_cver=1

43 B
105 B

42ms
17ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHbhcPFqVNrpC_D39mu2bV0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHbhcPFqVNrpC_D39mu2bV0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9787 43 B
295 B 64ms
16ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 9787
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEHGKUNMh1SOo6wu9fLpaLtA&google_cver=1

23 B
163 B

58ms
35ms

Image
image/gif

23.52.181.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEHGKUNMh1SOo6wu9fLpaLtA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s
Protocol: H2
Server: 23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-181-90.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 14:00:54 GMT
pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEHGKUNMh1SOo6wu9fLpaLtA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9787 23 B
163 B 77ms
34ms Image
image/gif 23.52.181.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGK2j3YUCMAE&v=APEucNUYN121KVbA7wUvebzuHu8gWJM8laElKcYIdVHTPTmsmrEM1yx2gh0Mhv8S5UcPC44ZDN88GVE7Ohhl6yGWI_kPqmvHZPPe1Cp0UNikdY1fosACWsS5prBVe3eZBMFPPlfal4IT_vqEXA7lE2W9MiG6BXfnNi9eHVBGLYqjl0kNQlSWd8s
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-181-90.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 14:00:54 GMT
pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 dragonforce-2023-324x160.jpg
www.hellpress.com/wp-content/uploads/2023/09/ 8 KB
9 KB 285ms
284ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2023/09/dragonforce-2023-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a202f40066bbffd1d6a1741bceaa0e233a24e6e3143db7ebd8f97e72cb2743ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8283
last-modified: Thu, 14 Sep 2023 15:34:47 GMT
server: cloudflare
etag: "205b-605536a7c2631"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqyNoNjgr%2FPiu7NcFSEZNzSie%2Btdi%2BF6E%2BN9E%2BkUgQb8QN6CkIedK56YKexEkQLrOo%2BzxAxgQqqidPT0VD0R0MNXHpxKf16kQDSoTgOlJdTzSUkSomZ1niQNLwpXP%2FUFrOVT%2Fx4VSibAQA6Ihokx7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651cde9975d98-FRA

GET
H3 200 ac-dc-concierto-sevilla-324x160.jpg
www.hellpress.com/wp-content/uploads/2024/02/ 10 KB
11 KB 296ms
294ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2024/02/ac-dc-concierto-sevilla-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26615f4cf912a918c134e5942344dc3fd6f89b3c77274a529dffad8686964706

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10318
last-modified: Mon, 12 Feb 2024 11:56:01 GMT
server: cloudflare
etag: "284e-6112df62978b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwY1eILPUYOB5kzV2LdQi0IO%2BAE7WWdUe8U7rFL5g081w3j%2FspWIZah6uRcNavFSi31PP0%2B2NOZDnO8TpHcljzrfUJnU%2B2ZyWSq7NVC3Q55cAC1SGBIcpElWBamoJQg6jHLu%2FfD%2BBtxqxOn1NHLDHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651cde9985d98-FRA

GET
H3 200 vinilo-dio-record-store-day-324x160.jpg
www.hellpress.com/wp-content/uploads/2024/02/ 12 KB
13 KB 764ms
763ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2024/02/vinilo-dio-record-store-day-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5877732cd9db6a99e21af44a5d3f0e7d5284c679b8c4c5b20f719485732089ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12400
last-modified: Thu, 15 Feb 2024 22:35:32 GMT
server: cloudflare
etag: "3070-611733ece3cbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RV38XYPTD8tAnHwtoDZpnhq3YnJ4LpsJCO9I%2FepPmwTOTcNxxadKMkzq3Mcsj2zeOsstbV50ujodiQn%2BtXBP%2Fvt0UviKFLsgJP0%2B%2F5uw%2FR7XXNI3ocTK9%2BJ5I6BbhRB7Vz0ZEt8oT6uGZLWeQQTsDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651cde99a5d98-FRA

GET
H3 200 toto-2024-324x160.jpg
www.hellpress.com/wp-content/uploads/2024/01/ 9 KB
9 KB 1096ms
1095ms Image
image/jpeg 2606:4700:3035::6815:55a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hellpress.com/wp-content/uploads/2024/01/toto-2024-324x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:55a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f4b035186a15b7de0fa2b56228e7933295e0122d04d6cacd32705f4990bdb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8864
last-modified: Thu, 11 Jan 2024 18:42:05 GMT
server: cloudflare
etag: "22a0-60eafe76d2e9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xDdwtlYxVUzJBwzbTof%2BTj7qwcfOOzktIDGed0BUVt%2FzM%2B7LtLOo%2BKaJh0yC3Kh%2BZMPe%2FbZCDn%2FVQKlMUSOiaF5NohyaFYNyKnW4nNridF%2FUdZ%2BBDfijHRZyaiHFxA50tmR5VzZiv0H1WZ8AmrCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 856651cde99c5d98-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F167 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5631363321804&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F167 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5631363321804&version=m202401290101&ct=76&x=1&cor=113206177594389700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F167 112 KB
42 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3LUNlmievTLa-ix0efHV28LcSQ-eTmNp1cRGiq0Yyjr8JSBILh7T_VkUlpKqp8rb2T2wQZbW_Ml08HxT8fL-15oTy78tX6Nf3xN_igeoSk1jdjTTmNwJCs9fIDpKbcAEIH5EPTzj9Oh5W6u8K_e47B_dnp-OTEOgmJ18xDCshEjp9Ays&dbm_d=AKAmf-D_x2AY_oxehHatYZMrBEZw80Oetbsxrl0B1H7z47NLS5A2ZQanT_hVT5q6qu-snjtbd1qupvFjTYPqJk-B4CD-B_s_pype09m988EuXRuTVNXYD2wxy75spZOHNvRMSKBcDffMrwoW_6Eb7R4C_bLWtM2vtzQjozSledyu0s03DX8EupfryMnfFbJqpsy7X1n2X7ogVSWXC7oyvcITIxWy7Yvt1XSnf3j5FHFV8WVyXTsG7S4hAjChFj3YwB_udEjMAAb23xdLEFLUWt4ZDJeI4ykRbayV_64NdxzUqK6HEA1R7FM_R1COXrjHGLndyi3uhyqAbfEjkVkYi5pXbddS7wsOJklaYr7FoleH28FnqJTNhN2mwMrn-x471EMOILFBFwAEb0nNw1Vn8TtFGgKJ5z_b-VFPcxbE01tjWlqezYhiNj9pZRzsIPFN1m1DL53oH1uYZhXHaiRNA-08no7XfIf-bmUA02Q_ZRxqeAMX16LLukvURDhVBDI9dQtC3PHM9BH6rqXDTNBcK2MPlIsiDEqyqzbBYTV1miwxLz-3aY9KFkxqJypCoR3-WhD7SQPrSN3kaX4Y2iQ8ClpB7PXvp3ti-uRaOaWwHSROC6xWNEimNhgRUTlkJWauImSUQmOg_tXXvQxLkBmsLU8rYAStGOdfzZZt7vCCbbeKkl9O74UMR7wO-Ne0P63rB5qi7-OZDBEIp6A-WGBYZkx8cN2lbw7v-cazpTGtelZsX0bVNc8n9IkcplfEzVnSGFnR5FQ9rFmjooS4Rc2VdnDtigFOgYcQ9BtRinUsA48VqdSvgDOjNbH41WeV-gDNYzx7UKgo9-KbAEn9pCBUEYkXBJrfdFL_rpXEGXNyUlTjZXlI2xPrBWw1QKTU9FxZ_auwwS3GlkG0nB9eX34jVxnhX2UUHvURyvVGTH2gVeRGvojTicSdl28QIX7_qeVlts7hQzE13OvvMmrJv9W6l_EwNKqQeeAlLISU2ENS2Y0sq18VSHDLqVHs-6fYPX5xqEmj73srOGWPxQ0rSsHdSrwYyVXdYEZO2usVgDyBj96t8TDXViiXz_Qkx7lsEz2trfyirY-Bra_appMoH9MGLVzgKYRIm5RQLLG8EtcxvulonYpTnpCjQpGveFpd8I_ng68ZH6psHFNY8Otin2NGmkF7mioov6RkEO8tkZFZ_EjFVPl_bMtye_iadZfEs_-FXNAjKruqJNDi_96q0j7X6qEEKXQ1RXmzd71ETtpyM1GQd-85J_d7UzakuPduDMbWGaj1Ki_ZN4qls8GhdSYsw354hxTlZf9OSj3HdkqvIWBVOIXKjpfj92Grxhtq-EqYGM0x5M5Ej7fS663n3_Q8CdcgjkTEFnVfvmA7FmeJMRICoWxc0EeXDVRy8llfHmt6MYircgKjTLJTgQQhUiQwtBeYymtG4pl6Jtbfq8s8PLScdo6dgve1NlUjVEi8mjkfbPSRdj7S7F2pvUxcg-DC_LRHt_b9LKimuWmQibq8USxG_1eTM4FKLsc5DCxG8v8f2nns-9looaVpKXHAAix7e8wRc7P_qXGuObFof8zpL_5gYYC0-gAsAXDCaGnhjB7ZYavyznfjyiD73VQUGdDNOkZWVW_QoUaEYo904KgeO2dlF1rxW6FINrVKJZ4VnIJsriFbZJ3jDgiueq_8An4Vhj_UQRnVzpLdfzDc2YHUdKGWh1M5HwI0VbaikRCJe0tvQBvKHwBZoqErkwSCm9gw06DRPHh8PKX99RZKPjSrWPUVbNatoPnFsvMX9QKIokU2sWlOA1N4aq3k_ij1qngkfoScB9q7hesN9Ta3ubROkgKT1lKnYQBwuURC919lA1tBox7SqEYUpXDwry9mzy3LWCiJgPKtteaMyhBSNVUHJ3ob5W5cpHd0kQEd0OHj3-i_Sgu9s2GmgbrBSFxNk9_sEMpTE3eKNYLU8Lv6rmwlkznlz6U46k3YNnd-9H7NRzUb7DggWge5OlgSvV-9ZLGmsaVjmFm1yHZkl2VnQ-KiUflSO1Pag60FrHp34b24UCAZBz3anz4dMCZVJx-DV_ELUQNUwip62Dp5vKgZcxm_fmdPKJ_C-KpdHSqs76zXQioCyYKQBxmZSRN9uykQcuKsC8MLE8vMQtVBzypmmzwIupFGrpKMY2lNxcv_IUcn87JekzLM6UoZeZfZyKu6uxbJfV4FP5DNAyQXeCjhlbrCS3WmvEU3gs5CV3p6Wo4VMi7R9_B_h5k_IZLWSUKhvERMb-zHIan5fU1tycRTlfOK6HIvUoXvDile3G1O4LU7i2mPDQE1HfM5SAs831z-PZvoEsgmEFCpdV7esFP5e5j8nccTUXjAb4BS0OFZcygw1f5PDIuCsN7FswD76Eupmb65Mx6MGpzJ_kFHRCZj_sQMyxUffNuzoXFUj_0akTaJa2JbTp-5X6xg0Gz1Eker0HFhDBmdmNC_8BXzpnZN_q26wQ4bMZF3DkEyUIq-eFXydMWkH2WCMpbevMev1rWeq413gO82xbJqkt7gMSlzpukYHyFF1ynTuGS4Jphnf0_vK0i-snNsjs_Ha8O9ZQXuEcNgisO061vsALmc1PtVhBt2Ct0RhLiMcFWgpJhwZ3epbN5Ct3TXkbniBItRN2jf5un8oPd4Qt1Svn6KUo4QCVs3vlaVSViIX-2pdOkFrKEEnjlCT3gkFJstNCRn062qz89PmJxogCxptZhcGx3M4iwy9o1TrJnXYEv5cgZh7N0NLJ5SAQ7pjbh-tgBTq_SlA16iECZY0GXV2yhKybJYefYLEKQUWRNPMNH2_EK5MU_yJVJIZw1BU0QmjivjTUairgPMmXDdefZ2dvYZYZMDhgzRHt6lwMRRGdIO7QeDQno9zzvfVsgD7JCU3VzBGTk8FuhQd1WeI-8oTjdz8AEvKx0GDrhK-UqOXXdW_aXKBIQI811CKswFMTGcFJb-QpjV84zQdChql_CfXgCWDL98ZZp31Xcc64-hN24qQ9QhGudXvRAz4m5rFyEBb-FHVahR8Kz0pdvdr1ulLS6lAmF1vcJwADVf3zM0NCAZpmBwUF__dSUYflanEsEBP_tz4pINXKHo-oYtmDWbXRDxbSwE7Ue-Gs049tVZ1OS8dyLFVUCij7JQAwny8nuhFE8PYHN665TeGRBkKNBvY1mR2sq8t_iTBPgEyo7_5UNcgvvwBctV2_n4UjZUXb1biU_Su77Se56oF4wu0IORi79i_cZbKCxZ2zPpV3cV_lNvd4MIE41vTti3HXSWlxgp0jqI6QKmi5_GW-fdn7HnEY7mUh-PsTDFghkHG3zKffrQWlyG145pzCYrnoZGYtREDBrrm-kLevsahfLzE38gmpqtJ74tks0Vo5wslZ0Vdx0RHD9xt3y5Tv3ThDVYbLrlTg76M41sJN5P9imIC2ix-GrcRgYeRcZG4RUHT4KgsujaU9jYt7BvU1xFtzBAjMi4Y12EeQf4OfgjK13z0nnLF4AC7nQEiE6XRsBvMef84EFazFku3u9ch6TO3D0uJoNEpJwXYyv10bGnItB6IIMoJO8LqmuqkcSZu0mNRaG6Tl3-uGAuEuHSPXCE0C1dCghpkAnkl8PeWiVHw4CfNA6ixmBnQj29uDv4L-zj9DcmbGmTRnLK0pV7n-G2m2QoN_Cx_6x_Gs4qAbn3fc7pSGglzKIuaVxZGCoyEq_dR0QOBErnkWCf-z1hd5RaYLH-NLQtL1xlKhfkyDFSEoxxzGKHpzSe_vqiTQPpkyUF4z0xHLmqbgIRnDMOYrIGSwis6SxJBZJaVN0VKKm2V7NTeej9P1ZAM-NkYXCLt7AhcpYjKSnsnAn88thsjyt5jkj3NzgbZpxK47uNblRLCJe1DPYRcs22fDKMJq32XPPs8TxKC-vPAhMb1iS8oexWOIEOBZZr37nE&cid=CAQSTgAvHhf_i5nU-9MKhgvE4a-3YhecyLsn3ZhFW1tUXusuqiHSQWolODErHYp9fiH6KntMS_H0u8Jv4QKF7lAT_lwvB06k2IUjjjH6r6S9RRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hellpress.com%2F&ds=l&xdt=1&iif=1&cor=113206177594389700&adk=3047537734&idt=89&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32eab928b1653235d639eddc8bb9c5d26ae4a98dc766d9b6abd307c7f5cf850f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DE4 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByY2nlmrPZfCaHsPd7_UPipuvoAUAAAAAOAHgBAI&bg=!bG-lbyDNAAZN4L4YbeA7ADQBe5WfOHcWJvPc3O7TdMXtjWiQaVx9DrUKVEBu1fSEjUZqwWv951YPMQcvsDG7-VddV-aGAgAAAGdSAAAABWgBB5kDIXQLIPgnXjajn3lT7Of7-bRkS4ZIpKffPB957dzhpK1F12feNnr3Coty8Rtzi3lN0mUI8d2hhqKX77SIev_Eb-eF7-yK1ceepeQkFQmRP2iUqwij-ujbNmw6mhv_uOleYXZW9TPHEGIwikN7UIGzk5X1x2kunjj9zKrFJlUXp4uJ0ShpKv-GHWNdZni9a3YHlwQ6R1WzFIgaj7hPHSxUDMc3cxXnhRFy2mXjV_VMGef7vUjvZhHwUtKTbCGHMPOhtxAbeLxpW5dADsxxhlgx509BiaT3d3kdvJBBKjqRMpOZLKfXvyWa1VgzvdnGbaY4JQKT4O3oxEkoqautH9R84D5O6Qfx7Oky4-BAXTLdMXnRH2Ik_3mgzenFg_caQQieBenRiTUBBjTIefNfHCsZpsc7Tnn4VMhz_KbTQWkEMcY63RDTw0_zCiDaJoU51sADt_gglelsa3h5oWqSueuolr-hJ7m_4Fnd3QHb2k4Td_XMi5NJ_YSE3yHu451g-92uysZ14IwaiFCSBjCDYLmfcgt1K13S3yBmYgFfKK9r273GB559AxA8v-aTJPxIRcgjY78PdXG5PNP7Qwn_af2ygCIqmao9V9rKKvv3e8ddK5x_rpIKQviKawOujdIbb121HIVJUYj7cLaKzXeXwZ6jFXIqoa6fn1DhSf3H9DErocLpic2myx__2Nx1gd-Dwfje7mrjQ1Iqa1kSWK-pkoATucvAYKepLROJ3dQNQfWe6XLQY96ZJ7KGckvKUFm-DET2RB06tImWalMoiL7s-fSxKjXCZMxfc5PJQoizQbLzP2dh6QrRck7nJF7Ler7f9FmoJl9DFBfw1MVK8OVW7n7b6UGn8jTbi-XSCeesKketCY5lY4RAMUBA1KW2c-5qbKWGP0jVaKE2ENcYzlsuZ7J8E9y6D1KK6gn3R9nfc20T_5dhmgpYNSGpONl1gxrcAZyQiZObO2yKSjLr9MA6aFZP3ZInWspTcA_SlEE4pm1ZkU5LGk54LwKKEAyssDed1puS2iUk3uv_UbSxtFVHWfl89Ndjzzp4Dro27T8G775lanVc2A

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 54D9 930 B
923 B 64ms
14ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 16 Feb 2024 14:00:54 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 23 Feb 2024 14:00:54 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 25C4 0
327 B 76ms
19ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=23261800110162204444978012602025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 16 Feb 2024 14:00:54 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2

200

htlp Show response
futalis.de/ Frame 716B
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23261800110162204444978012602025&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216

350 B
401 B

47ms
13ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 16 Feb 2024 14:00:54 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame BFFE 2 KB
2 KB 156ms
70ms Script
text/html 3.8.213.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=23261800110162204444978012602025&nw=1
Requested by: Host: www.hellpress.com
URL: https://www.hellpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.213.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-213-175.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0eff24bea68531502cc3bc86b647d7890b4717a04c79978647c03bdc56af8ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
last-modified: Fri, 16 Feb 2024 14:00:54 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 16 Feb 2024 14:01:54 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame BFFE 0
326 B 78ms
21ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=23261800110162204444978012602025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame BFFE 43 B
360 B 77ms
20ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=23261800110162204444978012602025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=5cbf6c3c04&subid=&uid=e9b7f81d6228a142&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvAkzlWrPZaHlObCC_NUP8euK8Aem5b2gab2YnKfJD_AuEAEg_efKLWCVAsgBCakCE5AHDFACsj6oAwHIA5sEqgSgAk_QNY37V3AwPRyLGIZHJ7PITiSVvt_lGsi7eIUK0C0l8LzG4LPpRg5uVaGERYWgnniHqOhSaLTYfYcgBBZLIrS-qq_gd_izZnLcquSzCjX_kZ79idG-aePqSsms8tlprYUAkrepRV8Ak51_xuwYPct8FDfp7VuetvrIiD4GbbeiHeZ_Kcz-mg54qotn25b0GPGg0lUJ9-F82Sfch2xJrh0PMlcl8enDpNmPCQhtNGJ3hU1_Y-q9Q2Adp-ikWCrTlZBJ79CIkaX3MgyHsncc_eTKK3R7uGYougDBOyvugiblC_3e3yBd6tf-zxTtqZKJ34YekipFR9KT2zR7P7eJwyF1w2EgbHHHqX11DpKuuokjjoGMoLbjLw2_duDtrIxJScAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYxrPY4IKwhAOACgGYCwHICwGADAGqDQJEReINEwiM6tjggrCEAxUwAb8EHfG1An6wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_LA0MmCVE4Hnh8qVmXF2WQvFOsvR9TzGCoxtSnw_2XmQCqUR1YIr29xSz-mTdoH2ABNyOjrMKr8Y-PlVlftT4a8nsP2Ni8QmbChgB%26sig%3DAOD64_3YXYqIB_BD2J3EX9GSZN2E4A9N_g%26client%3Dca-pub-4705580535377579%26dbm_c%3DAKAmf-DruCZx19jzWKV42A6HXkRmyQnKV3kzk_sd-_r298nm1JamTscPShMmL3iH2RWP4jYZo1oxjJkT_jDvFbaIMhvROSAZKBp_V-lJUI7mxy-Z--Hj-ASwtU_A-5XdZwD6erEF3nNiZwwaaTHEVQ9-WfCODXfwhseuwjtMViHOTme8Od5DxAw%26cry%3D1%26dbm_d%3DAKAmf-CZp8CzYbzQ_d4LiBbKg8L5BdJS8diN_4DO_7GA23AFBabPg8Xddingvuju9MDN3Gdc4wD0Qp0gcpHTA6p-CzXvKh9-q7sdD0j77v6fce5ItHyWOLKxXL4mbQR3pieTkFhcGRv8NdMt685_qkUksfl3CLSZ1b_YNQ9Ms4x5kthse3MMR33tmq2U4FZwzrbi07P1e7dvPSVckzIuE58gkWGiMcj4JdVYWKIxIsGQukQKImxjUMFQg4AK8_Y0PAR445_SDTir1lYMMWxXBvY1-_AIil4cWWAnXqQa2U9XEQsE1tMdK9TcShwV_rF085nlCIseKHM9pJmxQ9Sl4Lhs4qwbr6d48SVeoQi4LHB3Ze76WMJdexHQbRQJ8h_JUb9hNebgzgjgHj1tQKCEOdgheFbgSCxv9taO9BVdyk7pnNfgKuWtJ0dP0OcreifU2EzFzCvpUY-WZeVLMqvGzjxA4TNLI0tW2ONTGSV-f3YYBtJu7TryO5hPZ_Csm_2ZprsVmz2BEZCPVGncyjzKOFPW-4nAV0zykC85I7BeOiasDxoW7FQGiCKKVPMPI_2SD-13wks7Vc8L%26adurl%3D&documentReferer=https%3A%2F%2Fwww.hellpress.com%2F&ancestorOrigins=https%3A%2F%2Fwww.hellpress.com&random=1042180615096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1925920/78089287/ Frame F167 271 KB
80 KB 421ms
31ms Script
application/javascript 52.213.49.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1925920/78089287/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015639193&ias_pubId=pub-4705580535377579&ias_chanId=1&ias_placementId=20986593569&bidurl=https://www.hellpress.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0goe5W5jAG3YV18XqEnrOP-
Requested by: Host: www.hellpress.com
URL: https://www.hellpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.49.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-49-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 079f7f1e5b990d5110ed9f9eff2e6bd6b9dd499f84cdccfcf7079e7b66dc0be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F167 172 KB
60 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Origin: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 18:25:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame F167 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3LUNlmievTLa-ix0efHV28LcSQ-eTmNp1cRGiq0Yyjr8JSBILh7T_VkUlpKqp8rb2T2wQZbW_Ml08HxT8fL-15oTy78tX6Nf3xN_igeoSk1jdjTTmNwJCs9fIDpKbcAEIH5EPTzj9Oh5W6u8K_e47B_dnp-OTEOgmJ18xDCshEjp9Ays&dbm_d=AKAmf-D_x2AY_oxehHatYZMrBEZw80Oetbsxrl0B1H7z47NLS5A2ZQanT_hVT5q6qu-snjtbd1qupvFjTYPqJk-B4CD-B_s_pype09m988EuXRuTVNXYD2wxy75spZOHNvRMSKBcDffMrwoW_6Eb7R4C_bLWtM2vtzQjozSledyu0s03DX8EupfryMnfFbJqpsy7X1n2X7ogVSWXC7oyvcITIxWy7Yvt1XSnf3j5FHFV8WVyXTsG7S4hAjChFj3YwB_udEjMAAb23xdLEFLUWt4ZDJeI4ykRbayV_64NdxzUqK6HEA1R7FM_R1COXrjHGLndyi3uhyqAbfEjkVkYi5pXbddS7wsOJklaYr7FoleH28FnqJTNhN2mwMrn-x471EMOILFBFwAEb0nNw1Vn8TtFGgKJ5z_b-VFPcxbE01tjWlqezYhiNj9pZRzsIPFN1m1DL53oH1uYZhXHaiRNA-08no7XfIf-bmUA02Q_ZRxqeAMX16LLukvURDhVBDI9dQtC3PHM9BH6rqXDTNBcK2MPlIsiDEqyqzbBYTV1miwxLz-3aY9KFkxqJypCoR3-WhD7SQPrSN3kaX4Y2iQ8ClpB7PXvp3ti-uRaOaWwHSROC6xWNEimNhgRUTlkJWauImSUQmOg_tXXvQxLkBmsLU8rYAStGOdfzZZt7vCCbbeKkl9O74UMR7wO-Ne0P63rB5qi7-OZDBEIp6A-WGBYZkx8cN2lbw7v-cazpTGtelZsX0bVNc8n9IkcplfEzVnSGFnR5FQ9rFmjooS4Rc2VdnDtigFOgYcQ9BtRinUsA48VqdSvgDOjNbH41WeV-gDNYzx7UKgo9-KbAEn9pCBUEYkXBJrfdFL_rpXEGXNyUlTjZXlI2xPrBWw1QKTU9FxZ_auwwS3GlkG0nB9eX34jVxnhX2UUHvURyvVGTH2gVeRGvojTicSdl28QIX7_qeVlts7hQzE13OvvMmrJv9W6l_EwNKqQeeAlLISU2ENS2Y0sq18VSHDLqVHs-6fYPX5xqEmj73srOGWPxQ0rSsHdSrwYyVXdYEZO2usVgDyBj96t8TDXViiXz_Qkx7lsEz2trfyirY-Bra_appMoH9MGLVzgKYRIm5RQLLG8EtcxvulonYpTnpCjQpGveFpd8I_ng68ZH6psHFNY8Otin2NGmkF7mioov6RkEO8tkZFZ_EjFVPl_bMtye_iadZfEs_-FXNAjKruqJNDi_96q0j7X6qEEKXQ1RXmzd71ETtpyM1GQd-85J_d7UzakuPduDMbWGaj1Ki_ZN4qls8GhdSYsw354hxTlZf9OSj3HdkqvIWBVOIXKjpfj92Grxhtq-EqYGM0x5M5Ej7fS663n3_Q8CdcgjkTEFnVfvmA7FmeJMRICoWxc0EeXDVRy8llfHmt6MYircgKjTLJTgQQhUiQwtBeYymtG4pl6Jtbfq8s8PLScdo6dgve1NlUjVEi8mjkfbPSRdj7S7F2pvUxcg-DC_LRHt_b9LKimuWmQibq8USxG_1eTM4FKLsc5DCxG8v8f2nns-9looaVpKXHAAix7e8wRc7P_qXGuObFof8zpL_5gYYC0-gAsAXDCaGnhjB7ZYavyznfjyiD73VQUGdDNOkZWVW_QoUaEYo904KgeO2dlF1rxW6FINrVKJZ4VnIJsriFbZJ3jDgiueq_8An4Vhj_UQRnVzpLdfzDc2YHUdKGWh1M5HwI0VbaikRCJe0tvQBvKHwBZoqErkwSCm9gw06DRPHh8PKX99RZKPjSrWPUVbNatoPnFsvMX9QKIokU2sWlOA1N4aq3k_ij1qngkfoScB9q7hesN9Ta3ubROkgKT1lKnYQBwuURC919lA1tBox7SqEYUpXDwry9mzy3LWCiJgPKtteaMyhBSNVUHJ3ob5W5cpHd0kQEd0OHj3-i_Sgu9s2GmgbrBSFxNk9_sEMpTE3eKNYLU8Lv6rmwlkznlz6U46k3YNnd-9H7NRzUb7DggWge5OlgSvV-9ZLGmsaVjmFm1yHZkl2VnQ-KiUflSO1Pag60FrHp34b24UCAZBz3anz4dMCZVJx-DV_ELUQNUwip62Dp5vKgZcxm_fmdPKJ_C-KpdHSqs76zXQioCyYKQBxmZSRN9uykQcuKsC8MLE8vMQtVBzypmmzwIupFGrpKMY2lNxcv_IUcn87JekzLM6UoZeZfZyKu6uxbJfV4FP5DNAyQXeCjhlbrCS3WmvEU3gs5CV3p6Wo4VMi7R9_B_h5k_IZLWSUKhvERMb-zHIan5fU1tycRTlfOK6HIvUoXvDile3G1O4LU7i2mPDQE1HfM5SAs831z-PZvoEsgmEFCpdV7esFP5e5j8nccTUXjAb4BS0OFZcygw1f5PDIuCsN7FswD76Eupmb65Mx6MGpzJ_kFHRCZj_sQMyxUffNuzoXFUj_0akTaJa2JbTp-5X6xg0Gz1Eker0HFhDBmdmNC_8BXzpnZN_q26wQ4bMZF3DkEyUIq-eFXydMWkH2WCMpbevMev1rWeq413gO82xbJqkt7gMSlzpukYHyFF1ynTuGS4Jphnf0_vK0i-snNsjs_Ha8O9ZQXuEcNgisO061vsALmc1PtVhBt2Ct0RhLiMcFWgpJhwZ3epbN5Ct3TXkbniBItRN2jf5un8oPd4Qt1Svn6KUo4QCVs3vlaVSViIX-2pdOkFrKEEnjlCT3gkFJstNCRn062qz89PmJxogCxptZhcGx3M4iwy9o1TrJnXYEv5cgZh7N0NLJ5SAQ7pjbh-tgBTq_SlA16iECZY0GXV2yhKybJYefYLEKQUWRNPMNH2_EK5MU_yJVJIZw1BU0QmjivjTUairgPMmXDdefZ2dvYZYZMDhgzRHt6lwMRRGdIO7QeDQno9zzvfVsgD7JCU3VzBGTk8FuhQd1WeI-8oTjdz8AEvKx0GDrhK-UqOXXdW_aXKBIQI811CKswFMTGcFJb-QpjV84zQdChql_CfXgCWDL98ZZp31Xcc64-hN24qQ9QhGudXvRAz4m5rFyEBb-FHVahR8Kz0pdvdr1ulLS6lAmF1vcJwADVf3zM0NCAZpmBwUF__dSUYflanEsEBP_tz4pINXKHo-oYtmDWbXRDxbSwE7Ue-Gs049tVZ1OS8dyLFVUCij7JQAwny8nuhFE8PYHN665TeGRBkKNBvY1mR2sq8t_iTBPgEyo7_5UNcgvvwBctV2_n4UjZUXb1biU_Su77Se56oF4wu0IORi79i_cZbKCxZ2zPpV3cV_lNvd4MIE41vTti3HXSWlxgp0jqI6QKmi5_GW-fdn7HnEY7mUh-PsTDFghkHG3zKffrQWlyG145pzCYrnoZGYtREDBrrm-kLevsahfLzE38gmpqtJ74tks0Vo5wslZ0Vdx0RHD9xt3y5Tv3ThDVYbLrlTg76M41sJN5P9imIC2ix-GrcRgYeRcZG4RUHT4KgsujaU9jYt7BvU1xFtzBAjMi4Y12EeQf4OfgjK13z0nnLF4AC7nQEiE6XRsBvMef84EFazFku3u9ch6TO3D0uJoNEpJwXYyv10bGnItB6IIMoJO8LqmuqkcSZu0mNRaG6Tl3-uGAuEuHSPXCE0C1dCghpkAnkl8PeWiVHw4CfNA6ixmBnQj29uDv4L-zj9DcmbGmTRnLK0pV7n-G2m2QoN_Cx_6x_Gs4qAbn3fc7pSGglzKIuaVxZGCoyEq_dR0QOBErnkWCf-z1hd5RaYLH-NLQtL1xlKhfkyDFSEoxxzGKHpzSe_vqiTQPpkyUF4z0xHLmqbgIRnDMOYrIGSwis6SxJBZJaVN0VKKm2V7NTeej9P1ZAM-NkYXCLt7AhcpYjKSnsnAn88thsjyt5jkj3NzgbZpxK47uNblRLCJe1DPYRcs22fDKMJq32XPPs8TxKC-vPAhMb1iS8oexWOIEOBZZr37nE&cid=CAQSTgAvHhf_i5nU-9MKhgvE4a-3YhecyLsn3ZhFW1tUXusuqiHSQWolODErHYp9fiH6KntMS_H0u8Jv4QKF7lAT_lwvB06k2IUjjjH6r6S9RRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hellpress.com%2F&ds=l&xdt=1&iif=1&cor=113206177594389700&adk=3047537734&idt=89&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:38:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame F167 30 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:24:40 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F167 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:07:44 GMT

GET
DATA 200
OK truncated
/ Frame F167 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c2bcc50860deba0a468cf8a20839df565e03496ebee56e0837c693d103772

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E761 38 KB
13 KB 9ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 276615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:10:39 GMT
expires: Wed, 12 Feb 2025 09:10:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 54D9 183 KB
65 KB 20ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6adfa2c8ccb8b534d50510b5bb83405e8cfdddf5c34966ddc7016ca0bdbb0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66695
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15683587310463483904/ Frame A4E0 1000 B
543 B 43ms
43ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

890ada2c96922f7b20f83d63909f22bd3d65ed040ca82bf61607746d05d332a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 514
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Sat, 15 Feb 2025 14:00:54 GMT
last-modified: Thu, 25 Aug 2022 12:19:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F167 0
0 93ms
48ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMpYaZ29wDPJUkZTDl_TwJo7xYYEoF6oq5DVTBl09VAvgq1I2rGGN2Crlme6nxJBHQdzEOhl0ZJm5EwUvTc5Fdx48RFjT3Xvp77b-D4xKEWV5GdlyMaF-iDJxEJqAeR_y9_0zYJCC_OsJCNgRDOGXIBLqB84bqHKaZz9GjtGXz_shXnnw1EQl_Hdqi-6QehC6QCNnI5cxLtjST8rkRmJFvEP_VqViS_j-VnxSknc5a1_2i8trgWq-Iv-92icF9wh4RVwKHcNmmBjPRMm_If51Z0cWqoeet9qpAPgb_x2GlT2aA3LBKW_FeQdb6Vx7J1PYyIYemxVVS_HYtMs07wjugTeus1AtTzVeAsfDBjhX7bgc-Hs2tvuZfy5GTk0c20VLGQaxIjP5fryOt9rTRZwtl3RDw9mmh-Zoxv6hBgx0LF8R2oCrUlld2d3bKrUU6w9RyA-Ym8isVmco8rLLVWvRHY3voeblSru4n4UL5A-QbbFNsjG0Rx-WyStOheq9QGnZTiDdZTWykZeEo7F3yGVNzWXcZgCv3RP4D5YiK-H_W9N4gaopeSD-nAuWRkJYAu-WX_Q7KHwMVaFMPbTnhWwG02pXL8kgW566SBjyjfJTM5-uvMxeoUubz5i1GEUKXHnoS36lIFmi6NB_GUoTvHntHQxk01imUhmfa46oH0pGcXo0-fioYJlSZyulftTr9aziDydFcxqnb--41KWavFMwZ6oa5KnD3f6zJuLnJW3IVzHmc3SwBOtwRsh8m_Ur1aFwYU4rzvGT5Kl1knYXRdhUCs5jlBW24ITy2RKSp8OIk1lb78frUaefxRvnnHzyZLA7X5rjJ0kl9gCayDWmp8MMcyhWatEz1SxO-VhSCo0k5nFPsN-PobjNakPmhunMX7Q4MaOte7GtSYm3Y1JivQwey_4DJtNndiBay7hKbQvnjoV9l93gNFKlWa0htBUswLv3MqCGXSPKrESHeUYNxGuuzkF3az6SGJkBQoDeRWb0OH2pRNNHtULrI5iAP9C5T97Xxc3wMfrjz0M61QwABUv8CQnrr0hslS9AxX0VR2SsVtEtPOwnGNKy8zbs-gVstB0q7wYjdEy7E1JbaJDagk6Tho1zL-f0_7jtcHVtFFe9ZxVUpJmDKyDYHyDH9z4JyLYTkEtMhtBRiUBCG0KySF8k0Xn2zh5OmotpuNgDTkG2OYljTHNKRmO_YiLgO4QI760qe-1ABphNhTzSV7jTrIg7NYWTMTAS4mmGdAQqQmmOzY1Qc0gZaFOnvfWD-oYf1FeUczHgAJNW0M5Cdxf-PGT-Ibs7jorgc2u9xmGimJTm2E8mya-e-09vctJURRJEIBF5A8CA3Na3__WnnqrV8fz8pHVimOlfZYaMtKd0z5QU9tiX_qsfSl-dtjvWo-JRhGeDFuhWixlZ20Wi1hznm6blkJE9Gd8UYuOL1bZn2TBhEbIptkFwxQwxCSxcMhin0xO_YTpn6WxOA3gkaS1e35-RmwJ9VVzJy-luAieSDsAJYq_CGN9g&sai=AMfl-YQkkLAk9y6DSaMsEdYXIWyR0ekSQqp2JadhGe5_Irz30Ggw5aCA_143kv62B9WiNZUNjPCKRsCVIlI_TUutxCDJqRGFKyLsNa-661ThDyvAR6IHuHmqAZeqhif6cOD8TCT8ag3M-xFvjQ7KcDILLO_PliA4_MIjvEHDIUXFswunNhdpEcNfX09liLPmuss1xFNWPG5_sjxVnTJ2eufB3qIxuk_BFfmQ_YrA1rVWsuezDVUUMKI33ke5dqhQ3_T6gIadubiH2Cx4laRLYoggrUEpN1eVQFJyLrN51Q&sig=Cg0ArKJSzK76gFuQRiVPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=67&cisv=r20240214.29491&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 14:00:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:00:54 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 716B 5 KB
5 KB 5ms
4ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3553176216
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3

200

activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254 Show response
8019191.fls.doubleclick.net/ Frame 64EF
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254?

2 KB
933 B

53ms
52ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254?

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

cecd83ec105a1ef67ac0dbf12dea93d55edd158094f8211ebde8c9f2f5daf7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:55 GMT
expires: Fri, 16 Feb 2024 14:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame EADA 7 KB
2 KB 21ms
7ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 239d41be9ae38cc4c038bf812752bc7410b61beb53341705efd72f3885270ef1

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2049
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Feb 2024 14:00:54 GMT
Expires: Fri, 16 Feb 2024 14:00:54 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame BFFE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3e30e6ffdfad7e2ee7ca2304bb821c64f97d8013d76c01ca62426373d4d8822

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A4E0 118 KB
40 KB 11ms
8ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 04:12:33 GMT

GET
H3 200 adlDCO.js Show response
s0.2mdn.net/creatives/assets/3705119/ Frame A4E0 50 KB
16 KB 18ms
14ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

516662dd9977e229a39c361398cb3c298ae5ca241f184f898806392fc484a5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16176
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 20:07:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 14:13:26 GMT

GET
H3 200 adl.css
s0.2mdn.net/creatives/assets/3705119/ Frame A4E0 3 KB
960 B 13ms
10ms Stylesheet
text/css 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3705119/adl.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

24ee784f7efaee9e6b398f4f20335d9cef65475d258a436bc3d4c22fc8770a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 932
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 08:22:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 14:13:26 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E761 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 09:37:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EADA 5 KB
1 KB 70ms
41ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 13:01:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 14:00:55 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EADA 81 KB
81 KB 26ms
13ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1f3cddd23dffa16e500027b60382f0b3cebcae742e75f18bec8ce577423890be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 14:00:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EADA 95 KB
95 KB 147ms
134ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 629544ed58457e70736876b49fd980ec99d93ea0f515ecfc50e742c5ac4a6e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 14:00:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EADA 69 KB
69 KB 136ms
117ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Wuppertal, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 86a9a9ac0e150e38a8e3e6f87fb72d44927519ced17a522fb0c7ce540a2b84a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 14:00:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 54D9 280 KB
93 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9957f89bb69e21811ffa8daea3945391552a2dd4b5f39e693883f217e27ff048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 14:00:55 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame BFFE 56 KB
19 KB 61ms
11ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=23261800110162204444978012602025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:36:35 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 55461
etag: W/"3fb1dfeeb4c566b4a2aee7a623471da6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QednxhOFDCOumqoKROt7uxtTeF_YiKCX8lk02xRThiNA6MWyyIZHgg==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame BFFE 85 B
437 B 84ms
13ms Image
image/gif 18.239.50.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1708092354&Signature=mtwraTjTGVFFifSSIjdGvvYAPn3fVZcb1tm0a-rKPH0v3kES8ddQM0yu21lOtL5ggIOtcRvKxZKp1nZo6oaejF~K53NEvkwLDEy7X8YtMPdyqyFa97VgRNZfGWg2s3yK-NPKuvjcUREEDMed98RSUHyHnLxRONCXAcrZ2PZbHeKC91oscs7XBn6Sfq~MH4ippytdurAYOOH~agWb~RxwBtERdqlr-vRN~z4~jPEy7KYzc2JbOdUTH0-0ui-caq5xQMSdHw0G2Na9TlDA8dkSbf-wQXYnBOAvLxsMWHn0rsv2aOL4kzXiPtyOyoeIR9J4RJwh6aVWYDTZKRSgVJeZGg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-87.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 16 Feb 2024 07:58:32 GMT
via: 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 21745
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: QP-Ju-Pph3dmHvk0PBoBz4MeLI08fKHVlLEJdsxXGb-dnsZMDVes4A==

GET
H3 200 container.html Show response
5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C687 6 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:53 GMT
expires: Sat, 15 Feb 2025 14:00:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F167 0
0 45ms
43ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMpYaZ29wDPJUkZTDl_TwJo7xYYEoF6oq5DVTBl09VAvgq1I2rGGN2Crlme6nxJBHQdzEOhl0ZJm5EwUvTc5Fdx48RFjT3Xvp77b-D4xKEWV5GdlyMaF-iDJxEJqAeR_y9_0zYJCC_OsJCNgRDOGXIBLqB84bqHKaZz9GjtGXz_shXnnw1EQl_Hdqi-6QehC6QCNnI5cxLtjST8rkRmJFvEP_VqViS_j-VnxSknc5a1_2i8trgWq-Iv-92icF9wh4RVwKHcNmmBjPRMm_If51Z0cWqoeet9qpAPgb_x2GlT2aA3LBKW_FeQdb6Vx7J1PYyIYemxVVS_HYtMs07wjugTeus1AtTzVeAsfDBjhX7bgc-Hs2tvuZfy5GTk0c20VLGQaxIjP5fryOt9rTRZwtl3RDw9mmh-Zoxv6hBgx0LF8R2oCrUlld2d3bKrUU6w9RyA-Ym8isVmco8rLLVWvRHY3voeblSru4n4UL5A-QbbFNsjG0Rx-WyStOheq9QGnZTiDdZTWykZeEo7F3yGVNzWXcZgCv3RP4D5YiK-H_W9N4gaopeSD-nAuWRkJYAu-WX_Q7KHwMVaFMPbTnhWwG02pXL8kgW566SBjyjfJTM5-uvMxeoUubz5i1GEUKXHnoS36lIFmi6NB_GUoTvHntHQxk01imUhmfa46oH0pGcXo0-fioYJlSZyulftTr9aziDydFcxqnb--41KWavFMwZ6oa5KnD3f6zJuLnJW3IVzHmc3SwBOtwRsh8m_Ur1aFwYU4rzvGT5Kl1knYXRdhUCs5jlBW24ITy2RKSp8OIk1lb78frUaefxRvnnHzyZLA7X5rjJ0kl9gCayDWmp8MMcyhWatEz1SxO-VhSCo0k5nFPsN-PobjNakPmhunMX7Q4MaOte7GtSYm3Y1JivQwey_4DJtNndiBay7hKbQvnjoV9l93gNFKlWa0htBUswLv3MqCGXSPKrESHeUYNxGuuzkF3az6SGJkBQoDeRWb0OH2pRNNHtULrI5iAP9C5T97Xxc3wMfrjz0M61QwABUv8CQnrr0hslS9AxX0VR2SsVtEtPOwnGNKy8zbs-gVstB0q7wYjdEy7E1JbaJDagk6Tho1zL-f0_7jtcHVtFFe9ZxVUpJmDKyDYHyDH9z4JyLYTkEtMhtBRiUBCG0KySF8k0Xn2zh5OmotpuNgDTkG2OYljTHNKRmO_YiLgO4QI760qe-1ABphNhTzSV7jTrIg7NYWTMTAS4mmGdAQqQmmOzY1Qc0gZaFOnvfWD-oYf1FeUczHgAJNW0M5Cdxf-PGT-Ibs7jorgc2u9xmGimJTm2E8mya-e-09vctJURRJEIBF5A8CA3Na3__WnnqrV8fz8pHVimOlfZYaMtKd0z5QU9tiX_qsfSl-dtjvWo-JRhGeDFuhWixlZ20Wi1hznm6blkJE9Gd8UYuOL1bZn2TBhEbIptkFwxQwxCSxcMhin0xO_YTpn6WxOA3gkaS1e35-RmwJ9VVzJy-luAieSDsAJYq_CGN9g&sai=AMfl-YQkkLAk9y6DSaMsEdYXIWyR0ekSQqp2JadhGe5_Irz30Ggw5aCA_143kv62B9WiNZUNjPCKRsCVIlI_TUutxCDJqRGFKyLsNa-661ThDyvAR6IHuHmqAZeqhif6cOD8TCT8ag3M-xFvjQ7KcDILLO_PliA4_MIjvEHDIUXFswunNhdpEcNfX09liLPmuss1xFNWPG5_sjxVnTJ2eufB3qIxuk_BFfmQ_YrA1rVWsuezDVUUMKI33ke5dqhQ3_T6gIadubiH2Cx4laRLYoggrUEpN1eVQFJyLrN51Q&sig=Cg0ArKJSzK76gFuQRiVPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=257&vt=11&dtpt=179&dett=3&cstd=67&cisv=r20240214.29491&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 14:00:55 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4950 182 KB
58 KB 176ms
85ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Zc9qlgAIh_IIEdlfAAv2pa9R0Rt9uKYYil3Lvw&u=%7CiV4nJrwwlT8iAwdlIi18jOVZDpto%2BZRgA%2FJWTtuyFlg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxfdxjfJc45ALmCO_rFtyAZJKB0Omnf4X9ihe0T-j0QWVsaD08ifRQNklaNCxIOKrj_6D8DAecDCfLr8AHhiLD8djrECvjRXRtvgA8tFBWvbTZzTQMkDQgMpQMA_2tV2AKH6B70q1uknuVUtlxkLThG-TejD5n0V2c--R75nIb2lKBnN93CHy4HGn6LIP2DDpDspDxWp60d-PK8WCFm6pdmVcuJpuVw-SCiWHD-G5hgSyySxEAz4REFZkWaq2ErfgJwqtNPlPBwG7CJqFkuKNvp9g6m_ah2xsn7Ih8LipjW5u5_kNIVsyaz1s9Picf5YOI93caxs5XV_lcPRRnEv6XazysuJNxudwNmjyHNIrHwAKch77oD9yGcRI3VUN1q60Qf2FTwxsUPx2tec48iWoclgbPs7aQfzZSPlpRp2hPf1HOcHNFh2JXzTHxBFbY90y_VXWIlhK3-EOlv6sdiEy3j2GdwlVLEYW5n6L-zuFPwx7KZWfGsIUNOzLHsgNXRtyPGH8SG7Wj9SkdPZCjXgg1_6z_kLpjx7lHC_KE7sONBCn_cUB4T1qAXjWSf8j0lU1d3GZ7Aes3an8sKsLtYyv1aJhomc5affXEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-_jHlmrPZfKPIt-yx_APpe2v0AnJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDcwNTU4MDUzNTM3NzU3OcgBCakCE5AHDFACsj7gAgCoAwHIAwKqBKoCT9C1ePh2WGDIKkPLkptNCzmIrqHV6WCAi23CY44I8l6Ck0QqgSV7rUrtPduNRl99F4G0wrC340xtHHu3qQrO6eliPQ9twQ6TLt1AFkJb-mqAh2_3D7CyxXqT2Z0oNTdzI2gMV_bgnENqYJjPoiYeYgaWkpbWKEU6nYW14c1_keKBaYxZI_ELywxc5y6SpQOBXqvFxn2FYlp04h3O4MiqGdJXjAvF6Z8qw1FN74_5ElR90k-uv1xaR9zRSVV8k3nFdN9Z7I9JA53ybzj4w4tjLggj8b08vsFjxbAVc6yVbfbfPKKgfG01QghYJOSNDIPmNhsAIC0IVFAEqF0VEErpCWWxkhspjYX9RTJBHpS1FGfRvdinw_7GiVz_uVckqkLIfl_PJg_9R_VGjeAEAYAGmLnZrZHrnbNMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOljNx9jggrCEA_oLAggBgAwB4g0TCLyK2eCCsIQDFV_ZEQgdpfYLmtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mmBT0YnHQQ5VOKzcvNjpxcHJBsA%26client%3Dca-pub-4705580535377579%26adurl%3D

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b2efe5084929b4ddca995e5e473f83c252687bd016c1ebb5fcbb353b2d320e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BBtK6cnNzQH-NYaiohqyS-Guk2dhkUse_2VWOq7vwdByNLx1w6Sr-IZKvYLfCFETPtTMftwtDtXmg5A4xE-k_9zw-Z8y_20wftt5kdmwrylvQeSd4PQEEzW4wdwLgzgNsqD2wTf7FOIGhyTDI4-JTyC9jofKJWe2FmX5Gz5Bt4AyErYN0UdnuqAJXpqyK7pNva03DKu3eqSqQQXaTJ_6aNz-1SZzVdO00g8CKg2_mriunKFAGichXTvzQYDa4bV7PHZiCQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55928251
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame C687 3 KB
1 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:57:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame C687 20 KB
8 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C687 24 KB
6 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Feb 2025 08:56:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C687 204 KB
61 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:37:14 GMT

GET
H2 200 dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254
adservice.google.com/ddm/fls/z/ Frame 64EF 42 B
401 B 92ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIeJu-GCsIQDFVhVHgIdnj0FeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9265742192779.254?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame 64EF 0
23 B 48ms
47ms Image
image/png 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAyNjUzNDg3OTIyODI4MDAxMjM3CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogMQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYwMzkwMDEKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMTYiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDkwNDk2NTY0NjYxODYzMjYyNDkK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9049656466186326249"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0xf3a6573a5971ad88","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xcff95edaedcd723d","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0xde96cd80a0558549","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x35c7d281a05f0f2d","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"2653487922828001237","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9049656466186326249","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"9049656466186326249","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"9049656466186326249","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"9049656466186326249","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame EADA 0
150 B 44ms
25ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=23261800110162204444978012602025&a=09300e1a&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=23261800110162204444978012602025&a=0013812f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 14:00:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 54768-366886-1685093212273_bdef00f5b888bdf5b841f1c050ec666815cc339b.jpg_1706785310287_54768-366886-1685093212273_bdef00f5b888bdf5b841f1c050ec666815cc339b.jpg Show response
s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/dco/54768/ Frame A4E0 16 KB
16 KB 22ms
20ms XHR
image/jpeg 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/dco/54768/54768-366886-1685093212273_bdef00f5b888bdf5b841f1c050ec666815cc339b.jpg_1706785310287_54768-366886-1685093212273_bdef00f5b888bdf5b841f1c050ec666815cc339b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

44e86fee60b7ac8c3a48935f239ccc3f7f3f5662c05b4dbdf09e63e365e334d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:39:42 GMT
x-content-type-options: nosniff
age: 217273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15965
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 11:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 01:39:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A4E0 7 KB
6 KB 51ms
50ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa076150980b41ec22078b13ca0bcac8d6309496ed501e358ff6a7469806986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5778
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8CF 42 B
174 B 48ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstS2IZyROxty21fzq_uY7Zx5A3gosAcF6YMeQJLNrw6_dHk6G0N44YJp4byBh3zp6OieWlLGo9H4IfpITLbc3NI7Jp8aZs8zA5N42Ia1R06UEoEkGWswTS0J9ELstc3zzmd2XQcZwgweD1LXBOeyxvc&sai=AMfl-YTTfgGm8-AWxDevghy-XeXkxjPMPmigkoxgCdLNTb1WJjTC50B5X_yhXNacQbpPwYNuedIiA7l_34KXEKBQrmuAz1LAmrwnw05Vq3JbRhs2aN-KZkdSxIVXRDF6rcli6_CjKx6zAKqdPCXfmp9v&sig=Cg0ArKJSzHg2PNpfIKwcEAE&cid=CAQSTgAvHhf_fdCZ8SJh0DmbmkODGPxl2OonN0xWxUR2HurKEGIvy2NbgJqTyRn75PVBxvDRhiHnYXrE64_X06Tgy1wWMiZ-STWloBRAT8oyUhgB&id=lidar2&mcvt=1099&p=850,1022,1100,1322&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1149995127&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=402485400&rst=1708092054042&rpt=134&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EADA 14 KB
15 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:27:52 GMT
x-content-type-options: nosniff
age: 196383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 07:27:52 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EADA 15 KB
15 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:51:14 GMT
x-content-type-options: nosniff
age: 277781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:51:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4950 2 KB
1 KB 47ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zc9qlgAIh_IIEdlfAAv2pa9R0Rt9uKYYil3Lvw&u=%7CiV4nJrwwlT8iAwdlIi18jOVZDpto%2BZRgA%2FJWTtuyFlg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxfdxjfJc45ALmCO_rFtyAZJKB0Omnf4X9ihe0T-j0QWVsaD08ifRQNklaNCxIOKrj_6D8DAecDCfLr8AHhiLD8djrECvjRXRtvgA8tFBWvbTZzTQMkDQgMpQMA_2tV2AKH6B70q1uknuVUtlxkLThG-TejD5n0V2c--R75nIb2lKBnN93CHy4HGn6LIP2DDpDspDxWp60d-PK8WCFm6pdmVcuJpuVw-SCiWHD-G5hgSyySxEAz4REFZkWaq2ErfgJwqtNPlPBwG7CJqFkuKNvp9g6m_ah2xsn7Ih8LipjW5u5_kNIVsyaz1s9Picf5YOI93caxs5XV_lcPRRnEv6XazysuJNxudwNmjyHNIrHwAKch77oD9yGcRI3VUN1q60Qf2FTwxsUPx2tec48iWoclgbPs7aQfzZSPlpRp2hPf1HOcHNFh2JXzTHxBFbY90y_VXWIlhK3-EOlv6sdiEy3j2GdwlVLEYW5n6L-zuFPwx7KZWfGsIUNOzLHsgNXRtyPGH8SG7Wj9SkdPZCjXgg1_6z_kLpjx7lHC_KE7sONBCn_cUB4T1qAXjWSf8j0lU1d3GZ7Aes3an8sKsLtYyv1aJhomc5affXEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-_jHlmrPZfKPIt-yx_APpe2v0AnJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDcwNTU4MDUzNTM3NzU3OcgBCakCE5AHDFACsj7gAgCoAwHIAwKqBKoCT9C1ePh2WGDIKkPLkptNCzmIrqHV6WCAi23CY44I8l6Ck0QqgSV7rUrtPduNRl99F4G0wrC340xtHHu3qQrO6eliPQ9twQ6TLt1AFkJb-mqAh2_3D7CyxXqT2Z0oNTdzI2gMV_bgnENqYJjPoiYeYgaWkpbWKEU6nYW14c1_keKBaYxZI_ELywxc5y6SpQOBXqvFxn2FYlp04h3O4MiqGdJXjAvF6Z8qw1FN74_5ElR90k-uv1xaR9zRSVV8k3nFdN9Z7I9JA53ybzj4w4tjLggj8b08vsFjxbAVc6yVbfbfPKKgfG01QghYJOSNDIPmNhsAIC0IVFAEqF0VEErpCWWxkhspjYX9RTJBHpS1FGfRvdinw_7GiVz_uVckqkLIfl_PJg_9R_VGjeAEAYAGmLnZrZHrnbNMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOljNx9jggrCEA_oLAggBgAwB4g0TCLyK2eCCsIQDFV_ZEQgdpfYLmtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mmBT0YnHQQ5VOKzcvNjpxcHJBsA%26client%3Dca-pub-4705580535377579%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4950 2 KB
1 KB 54ms
22ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4950 308 B
636 B 16ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4950 293 B
621 B 19ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4950 43 B
348 B 84ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DXl5vneShxk9_ANgIMcHINsEC5UFuceh8bbk62Sq40tRh6wKHRUzTHDTHuoHlUXRVBBbm782F1zBvVBF1Ll-IgUa-BaDr7z2hXtc1BOZLydMtkD9NJ8LLFRV81s8uCibuqEmL3hoKCj5RpdfMJI_38CtRD443Xs37e3_B-acGQKVHd5mgTpRRbHtamg-45Ax-QOZEzoVt9HjsK8v9POTU7PheV0S1-MUyFc126w7S5KmTiGRTX4UUFXXkilzabQMM5k1R7cVmEKWFJ_grM4y5ML_Rkq9x5n5OlQgw4h8sVv3Ki3UUBjFqeaMEVdzIymBRw34vYZR1y8npNVThJpA06pSTpBNslLvqJUlA9ewMTzOhBCubQCkhtyZbPfSAvQPDEPLNHW4-9JLSvj0VBviKA3SG8slutI4Iu5zBCjsIYnTL4gq8O_ZGLmthAesoRcIRrlYiA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1620171
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402120101&jk=1160736603410997&bg=!3t2l3ZLNAAZN4L4YbeA7ADQBe5WfOHL7alU-40PWL7klPSHOE_rSpSGy54yq0YxAhM7V4Si5Ee9J9FYzy_1tKWfMrQ-eAgAAAK1SAAAABGgBBwoAIVRsaC6oxs8aTtErrHpPb5v1reKTIhUDDH3LEhoyHSPrSJkC1Q0jbiR0EKK6A2Kp5Jd41WJJ4bejjUi-2WuwrRSRzK2I01EtSQFvSiK_-3B1wBaqZAuVkyB_ESDYm3yNKAoldNeH2PMr6H_CHQN5aF5COSyQbClogIb4GKvRuRoaitqurcTdHuaLlzpf9XtiGQIW1FILbm0ufGpKmFs1k7m-4pshybMRPTAwzTj3Ocd5XvXKUlJbUW46inv1VXfNjLpUP-UwoSrLGMQbKMPUv-De_4gqWPyRM0IjjUH9VgiPwDFkdEy1NW9aLd4-K9n7t-DHubm_Ca0YIKMyRHUQkiWpRjfmafP-hlJgOzXX2aB9Oaw8MW3NiEa8wCC_FIJiH6McZsBhI4GeKm9wJ0Bf7YX1hDLi_8QxWUslzrXxtuItY0LQQcpmzgeMVrX--OpxZjDtcXcShxo39H5reR34Pe6mQmthMpOrmLX3PlvBpZ9gpn_Ld4PHNBu4hmecaMxnSD7tO8shNJaWX6cxHXse9nWkR2wxroOI9XP7_Kx6cICpccJhMLg05NVm1pBcB5hjLtH5lM_VIPdNc_eRURDa_7Dgdgmilk2WBU00lemm0t-UAqJUHr-ZFwghUBNhOlOT1tY4fDJWyN3KSq6XWGwSzVUQ_e572DPCz8cZAik08_RnxsUxh_zdAk-NPMIJqMZf7jEML6Ha35TGvRj2wL5vAIBGRuVdThatFP5zjPs63N_LZftI2aBH7SdLyq8VOTbFOsddmc-1qIs3pzAVF8Jpvn5CtMYPRxrVuQX7uOnfWKZ5FZEbpHGqEHEheE18PyLEmd9J0Dpt9Q_L1Hnt8DbewbhPUkp8hhz1toFu4iDIoqfnc3yVBAkAPSSieRDUUWBcxDIbfG7GOHfYsAZxS1CC_S0QGksqG6kGdQ4xZ0um_SHM1DJ-kXxfgOZreidbf8qPrPPMOm_MSeBPDqHVS6lYQRWWOLzr8eIU4GpPuliEKN2GSWGu6Y9FlCTh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C687 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a56782d6013a1c9523e9f83918d7f0935196ee11cca0b02dcb117329f042fb18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4950 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A4E0 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 14:00:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 3 KB
4 KB 209ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F50716%2F5264690%2F37d8496d0723447b9158abd91fda91dd_js_logo_1200x628px_blue.jpg&v=3&w=596&rid=4&s=uYjrTFEcB1Mzle01NDzRhg02

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e6fb05a962e8f721a15b4e1c0ec07cd3d784e362d51f0a0d1ef29d10728f34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3462
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 9 KB
9 KB 208ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRc2xTsMwEIDhV0E3N3aohBAeW7IwVWXE6GTsS5OQ2JZ9liOivDswdfnH798gJwsKBuaYlZZa1lrFFOxAvsl2qDT-UBKOtIwpuGK56YmclhnfXrvudL527VFM8fZwFxYzepHZ8GjFlBfX3FIoUdiwaGlyJs5aeqroqDdlZixxDsbhV7HfxFreXbzgKaz4zoYcE6cx4jl4Tys-Htt2fX5p4_r_hgP0M4P62CARqA1sChHU0wH-yqnQvn_uvw.jpg&v=3&w=400&rid=4&s=2Tk-HioyEkZILwiWT9Es8XL_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bbcb29777175a28dad889e524ce61e36f5b86f36f5c6779f811fc0f20a653799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9450
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 11 KB
11 KB 207ms
29ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRc29asMwFEDhVyl3jiWnEEq1NTQZSoeOgaoIRbr-q20J3StkavzuTaYsZ_zOCpQcKOiYIykttSyliCG4DueKXFew_8MkPGoZU_DZcdUgei3JfLyfTsfL-VzvxRDbp4cw2X4WxJZ7JwaafNWmkKNwYdLSEiGTljMW47GxeWST4xisN9fsfpG1fLjmyxzDYj5zw32Lb1ecGTMms3-u6-XltY7L_Qw7aEYG9b1CQlAruBQiqMMObuWUcdt-tn8.jpg&v=3&w=400&rid=4&s=sIx1OtntM6rLyGqcuNqJE-WM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2908acf0dba5392095891f4f22a0e2551b29e9730185b71e2b3890d9d3ec4db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10860
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 10 KB
10 KB 193ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRY6xasMwFAB_pbw5ltxAKNUY6gzt0qFDoApClZ5ju7Ylnp6QifG_N52y3Hh3KyRyoKBjjklpqWUpRQzBdThXyXUF-xuS8KhlpOCz46pF9Fom8_7WNMdz81XvxRCvTw_DZPtZJLbcOzGkyVdXCjkKFyYtbUrIScsZi_HY2jyyyXEM1puf7H6RtXx4zac5hsWcMtLH_aglzLNH87yv6-XltY7Lfxh20I4M6nsFQlArOAoR1GEHdzJl3LbL9gc.jpg&v=3&w=400&rid=4&s=X3ynAbcplAW27RCSymokOKya&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3678e9e250e5d54c8cf298260be991eec8d8bf1ae723049582bede5a8d597e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9780
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 6 KB
7 KB 209ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FVc29igIxFEDhV1lubZK1sEkpayMIloKRISZ3_mcScm-IOMy7q5Vsc8rzLUDJgYaWOZI2yqhSiuyDa3EW5NqC3ROT9GhUTMFnx6JG9EZRdfw7HPaX0_l3K_vY_HwPk-1mSWy5c7KnyYsmhRylC5NRlgiZjJqxVB5rm0euchyD9dU9uwHZqAbpow_38BCcbJ5s5iD-a7CBemTQ1wUSgl7ApRBB7zbwLqeM63pbXw.jpg&v=3&w=400&rid=4&s=lPuJo9aYfiP_rMTvEogFGFRu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b187a0d88087084269d3af717caf6b94d09a0d7db6c9318cf53f5b5da8b209d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6476
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 9 KB
9 KB 212ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FVc29asMwFEDhVwl3jqRAyKKx1EvnDoEoGFm6_rcldK9QsPG7p51KlzOebwdKDjT0zJG0UUaVUuQYXI-rINcXHDZM0qNRMQWfHYsW0RtF9ddnVX3cq-_LVY6xO_0dFjusktjy4ORIixddCjlKFxajLBEyGbViqT22Ns9c5zgH6-smuwnZqA7pV5-a8BJbXkQJ_Sz-Y3CGdmbQjx0Sgt7BpRBB387wU04Zj-N5vAE.jpg&v=3&w=400&rid=4&s=Avof22BBp-TB-3BnjNprcZQL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5196f69f2af870f8b7c589c97e38fb9d089b3e499295ee96afd926948e9b30fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9276
expires: Fri, 24 Jan 2025 07:59:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4950 217 KB
217 KB 35ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F50716%2F5264690%2F4cc5aba1061c4e8090073395d92e094a_paid_criteo_ongoing_winter2024_geschenkboxen_1200x1200.jpg&v=3&w=1200&rid=4&s=h1_Ds_sGosWisVHapwaYqBE_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4236647979c561d1ff52cfe082cc31e2c9f7ce9663bf7362e364ba2f103e44e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 221882
expires: Fri, 24 Jan 2025 07:59:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4950 0
128 B 184ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BBtK6cnNzQH-NYaiohqyS-Guk2dhkUse_2VWOq7vwdByNLx1w6Sr-IZKvYLfCFETPtTMftwtDtXmg5A4xE-k_9zw-Z8y_20wftt5kdmwrylvQeSd4PQEEzW4wdwLgzgNsqD2wTf7FOIGhyTDI4-JTyC9jofKJWe2FmX5Gz5Bt4AyErYN0UdnuqAJXpqyK7pNva03DKu3eqSqQQXaTJ_6aNz-1SZzVdO00g8CKg2_mriunKFAGichXTvzQYDa4bV7PHZiCQ&sds=2&rev=90666&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4950 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4950 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:00:55 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame F167
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1925920/78089287/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015639193&ias_pubId=pub-4705580535377579&ias_chanId=1&ias_placementId=20986593569&bidurl=ht...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_lmrPZZWcLqyy9u8Pi7CK0AY&cbFunctionName=goog_wrapCb_lmrPZZWcLqyy9u8Pi7CK0AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected...

1 KB
1 KB

21ms
8ms

Script
application/javascript

2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_lmrPZZWcLqyy9u8Pi7CK0AY&cbFunctionName=goog_wrapCb_lmrPZZWcLqyy9u8Pi7CK0AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:45:03 GMT
x-amz-version-id: N8a6HZlDh9F3zdobaU4MToCpsTqdbQs8
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 328553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: yBX9T9qSQZfWgE--4ic0qQ561OdF11tQpEhOgp1dy3trCTk1RuO6_g==

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_lmrPZZWcLqyy9u8Pi7CK0AY&cbFunctionName=goog_wrapCb_lmrPZZWcLqyy9u8Pi7CK0AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7EE7 91 KB
23 KB 111ms
7ms Script
application/javascript 2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12837105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: e3Ra5G0qxa-JaMjW6bvuHUVThJvmu6BMwSpe2gGIE1-yu0bT8ozZ0w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F167 43 B
215 B 576ms
191ms Image
image/gif 2600:1f13:800:7781:90bd:c37c:5cc6:b26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925920&asId=ea2b0ccc-e5ae-3b21-708e-2df85679ea79&tv=%7Bc:4oCZj6,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:36%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4ssbXT+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C16*.1925920-78089287%7C161%7C1621%7C163%7C171,idMap:16*,rmeas:1,rend:0,renddet:na,siq:38%7D&br=c
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:90bd:c37c:5cc6:b26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F167 43 B
216 B 550ms
168ms Image
image/gif 2600:1f13:800:7781:90bd:c37c:5cc6:b26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925920&asId=ea2b0ccc-e5ae-3b21-708e-2df85679ea79&tv=%7Bc:4oCZj7,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4ssbXT+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C16*.1925920-78089287%7C161%7C1621%7C163%7C171,idMap:16*,rmeas:1,rend:0,renddet:na,siq:38%7D&tpiLookup=ao:www.hellpress.com*&br=c
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:90bd:c37c:5cc6:b26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 volvonovum.css
s0.2mdn.net/creatives/assets/4028882/ Frame A4E0 2 KB
272 B 8ms
7ms Stylesheet
text/css 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

b5b0d723bddb063bc19dce7596120bc82b9dcf0f8e36c5ebbbd29f9ec0161e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15683587310463483904/index.html?e=69&leftOffset=0&topOffset=0&c=ILZwOQcPHB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 12:07:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 14:05:17 GMT

GET
DATA 200
OK truncated
/ Frame A4E0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3c493846d41fc55b4db348e142c41b61761198554cbc0a4a648effda5b9e47f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 player.js Show response
video.seenthis.se/v2/player/94/ Frame A4E0 35 KB
12 KB 66ms
9ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/player/94/player.js

Requested by

Host: www.hellpress.com
URL: https://www.hellpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0af16b19cc50ae078537519ec699cc79161818cb1c021ac312791792325ab5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: Nyh9ytZyYw8Hf2DpCA6sVQjonGRo1rgt
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2AYHJ1691MCX5258
age: 3844142
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11753
x-amz-id-2: mkk/03Jle+2hYJaDslsWUFW8IjI6b9iqfrWPj46QyPRbySjP4JVv+swMgWSgBCaFSeDJK8unIpE=
x-served-by: cache-lcy-eglc8600036-LCY, cache-fra-etou8220065-FRA
last-modified: Wed, 11 Oct 2023 13:03:52 GMT
server: AmazonS3
x-timer: S1708092056.606781,VS0,VE0
etag: "829128df51c63433a41faf6b0580e818"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6, 618

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F167 43 B
215 B 526ms
169ms Image
image/gif 2600:1f13:800:7781:90bd:c37c:5cc6:b26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925920&asId=ea2b0ccc-e5ae-3b21-708e-2df85679ea79&tv=%7Bc:4oCZjx,pingTime:-2,time:114,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:843,beZ:845,mfA:848,cmA:850,inA:850,inZ:855,prA:856,prZ:872,si:881,poA:883,poZ:910,cmZ:910,mfZ:910,loA:931,loZ:933,ltA:958,ltZ:958%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:36%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4ssbXT+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C16*.1925920-78089287%7C161%7C1621%7C163%7C171,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:38,sinceFw:74,readyFired:true%7D&br=c
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:90bd:c37c:5cc6:b26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 VolvoNovum-Medium.woff
s0.2mdn.net/creatives/assets/4028882/ Frame A4E0 80 KB
80 KB 9ms
9ms Font
font/woff 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4028882/VolvoNovum-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

f6c5035e04845f6a26f9a9482717abf3ac36711b85e5b2ac87e423ba0ceaaf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:50:33 GMT
x-content-type-options: nosniff
age: 622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81784
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:40:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 14:05:33 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame A1E0 39 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 09:37:31 GMT

GET
H2 200 / Show response
geoworker.ayads.co/ 1 B
292 B 85ms
15ms XHR
text/plain 18.239.94.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geoworker.ayads.co/
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-52.ams1.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 09:24:12 GMT
via: 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
server: CloudFront
sublime-worker: true
x-amz-cf-pop: AMS1-P3
age: 16603
access-control-allow-methods: GET
x-cache: Hit from cloudfront
access-control-allow-origin: *
content-length: 1
x-amz-cf-id: yGuocqYfr-B-1laSBCLiuLlHxJhAsuS6pysD-fydfMS792lqOLcUQA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E761 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOzgUlmrPZZWcLqyy9u8Pi7CK0AYAAAAAOAHgBAI&bg=!EhGlEV7NAAZN4L4YbeA7ADQBe5WfOO6L599wwnzaLvb4mC8emltYlWD_GAfD6-2RY5cwgyF4um9lRU5CvjzH17mf1TSbAgAAAg1SAAAAAmgBBwoAeyug0W93XQ1O-qbnMERRzzmY1phhZ2VWcwoAEiuYAx-7hRFzbE5tgF5aJVSZgC2V6gyOq8Ti6Dyn5LES68gsT_NrYb4xk0ncfehDKqCufCPQERgVl0_hZoWUzomQ72raenDAmIIxoovP9ofsWZtBrEFrIW52r4PyaRkDvpkDDCZopaZxYOYyYU4aUmcPg4KyyStFeYsvZD3_k4QFLlIwcnGgKVVetB1jEq8ILBT_9RmuoeiM_VCkDW-zmC0ab-KXHtzFyBQNbkB5J3y_OUG6zcAaL8lMjX7ungW9Dt6mbcnyUunVIkIUGV07BlTmrNnDejl4hse3PdC7DSt-thUlDW7ECQbJ1bOaf2Z1wO2REh_VVc8zaSvnu8VkH6-I_WHU_kAGypfGvqbnTZQaBWze86fgU5E_Jk0h4SAmGktwzv0VgLg-lJQ77soi3N9YUuMvc80GlZUZO9tl9acmjR8dk5Dc42jgsPcZ54GRXjjJfiKdZgBN-kITnzX9fWIQaxfwb96QWL4aCRJTUjTDJdeekpGvpIBHV3ojH2Y2bwH0_BDz30cigQh8sEBYxOXLjzcA-MIX0DkD55p17GPPdaytC4xNwtypJPn840YZkE65Y7s0GyCmxUBJd5iVJhvz9QFawEKbAN6MeFRO3l5M9nlMegz3kxCvGZ0dFtvjJ8L9_WLQ5stzEp3743NbmRI01pLJR64NOYv2SdC5jHuMoslvx7nYYpRMLk_tmcHDQxxj5-05y6vFU76CAgOaCtJUq2Mohc88_GTX25UbputWVX6twgDf5YEprgBbSg3_1PgztBM8C1v4Q__GH8Ve2HHd3qIsLgUqBBOEwZ2xf6PNc0ctMqMs6qSkNdApezEG685i0NjxExhaeGHuStWumCgSA2HdsCnJfOHFB4frL5P6U49p83QKqIBNiE8rvLq50NBlYZjuTSNbC0ErWIwuPm3moh7nJcgpgVV_RxSzS6AFT7VQ9lbYh3Wx2CG03eORH5jlHG-5CtHTDFhSQaBQpViFH-FsOQN6TZStRdzqnhnZ_aMQootCl5XUgsbiGi7egsDfWaqcFYBSRgYJ-jJK0tC1bYxbZbRDmDvA1oYxAdNbmG3fEfmH7CcvikpaxW5YMA6KonfkcMYg9vGy24i4rnYXEf6g3E4aLa2mZJRaCIo253R7aAQ4iq7aXXpJ95nvSHvBa4TUPcA4RY67-nSpNg

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 playlist.mpd Show response
video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/ Frame A4E0 5 KB
2 KB 22ms
9ms Fetch
binary/octet-stream 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/playlist.mpd?tid=12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6&tech=dash

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e913aab374d91c8f4efd868625a40770655a02ae387c1531b4a944aac5b1232

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: fvslh3aXd3VEhEgMNgRh1QLFkpkbmClE
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 3CPJA8A1DNNHAGGS
age: 1542484
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1185
x-amz-id-2: XMhtYZgrtwezl/7P/OWLUkLwm9VwqdN4q6JN1Nru0mg+e+J7rY9ehv0uu55xE9mUgTUqnDzYBCI=
x-served-by: cache-lcy-eglc8600029-LCY, cache-fra-etou8220078-FRA
last-modified: Tue, 21 Nov 2023 10:55:53 GMT
server: AmazonS3
x-timer: S1708092056.674184,VS0,VE0
etag: "7e0305b16fbbbeb7cced09dc46cff21a"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5, 1727

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/1/ Frame A4E0 43 B
461 B 42ms
12ms Fetch
image/gif 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/1/3?sid=none&_=1708092055661
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1151
x-cache: Hit from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220114-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.692573,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: bcAkde_Z7n7sumqpWdztR-dtXV5nj0oZM83AedCTSHvELS-MH7CtEw==
x-cache-hits: 2585

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/12/ Frame A4E0 43 B
239 B 43ms
13ms Fetch
image/gif 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/12/3?sid=none&_=1708092055662
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 0
x-cache: Hit from cloudfront, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220114-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.692731,VS0,VE2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: lPbx8npP5Sv2qMeqwzJAwos6WjaQ3qlBsiUu726_JnYO3ip1zJ-xWA==
x-cache-hits: 0

GET
H2 200 3 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/65/ Frame A4E0 43 B
105 B 42ms
13ms Fetch
image/gif 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/65/3?sid=none&_=1708092055662
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1151
x-cache: Hit from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220114-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.692737,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: bcAkde_Z7n7sumqpWdztR-dtXV5nj0oZM83AedCTSHvELS-MH7CtEw==
x-cache-hits: 2585

GET
H3 200 pixel.gif Show response
video.seenthis.se/delivery/stream/metrics/ Frame A4E0 42 B
532 B 20ms
9ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/metrics/pixel.gif?tid=12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: WE4z1Vy7btJc.Nh2WMwTJlQH3G0zItP_
via: 1.1 varnish, 1.1 varnish
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 1QTQ06X32P96E5BF
age: 6253856
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42
x-amz-id-2: XjNmf2aWdXm8wO01fKpES9+ZB0VkDaLFhN2j8NBZWUkhB7PMfQFgYtH4qDjG0j5CTBmB5k/EkTg=
x-served-by: cache-lcy19244-LCY, cache-fra-etou8220078-FRA
last-modified: Fri, 28 Oct 2022 09:11:27 GMT
server: AmazonS3
x-timer: S1708092056.674193,VS0,VE0
etag: "d89746888da2d9510b64a9f031eaecd5"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 13, 263321

GET
H3 200 12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6 Show response
video.seenthis.se/v2/validation/tracker/ Frame A4E0 4 B
466 B 17ms
7ms Fetch
application/json 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/validation/tracker/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
age: 38171
x-amzn-requestid: b131561f-b229-461c-b7b2-4b91e425ac2e
x-cache: MISS, HIT
x-amz-apigw-id: TNZLjHpAjoEEZMA=
content-length: 24
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-lcy-eglc8600039-LCY, cache-fra-etou8220078-FRA
x-timer: S1708092056.673406,VS0,VE0
x-amzn-trace-id: Root=1-65ced57c-1f7a1e911957d4ad17cb7911;Parent=0c0398a9281ff397;Sampled=0;lineage=28349b2a:0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0, 694

GET
H2 200 / Show response
optchk.ayads.co/ 16 B
339 B 66ms
7ms Script
application/javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optchk.ayads.co/?callback=sublimeOptchk
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
content-length: 16
x-amz-cf-id: 2Rkbddd9F6BxA-13M95uhZmRAyxpAUglX8Swj0rwbRPO5S6ckctuxw==
expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 160 B
1 KB 16ms
14ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

23796d466771f8c8885870d5227ffa84b4899a798402ee59192afa91c436565c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
an-x-request-uuid: feddd046-790f-49be-80c3-47f52b68ff9d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hellpress.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.198; 80.255.10.198; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 160
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
antenna.ayads.co/ 0
40 B 30ms
29ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?device=d&et=3181&ga=1&gc=0&gm=0&gs=2&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=2&src=wf&t=1708092053254&tfz=2430&tse=1708092055683&ver=20240216091008&z=25759&e=p&bh=1200&bw=1600&gd&gdv&ph=5172&schin=0&schinc=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
29ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=123155&at=skinz&device=d&et=3183&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=3&src=wf&sspname=sspv3-appnexus&sspplid=14056819&t=1708092053254&tfz=2432&tse=1708092055685&ver=20240216091008&z=25759&e=sspc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C687 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGgfklmrPZfKPIt-yx_APpe2v0AnJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDcwNTU4MDUzNTM3NzU3OcgBCakCE5AHDFACsj7gAgCoAwHIAwKqBKcCT9C1ePh2WGDIKkPLkptNCzmIrqHV6WCAi23CY44I8l6Ck0QqgSV7rUrtPduNRl99F4G0wrC340xtHHu3qQrO6eliPQ9twQ6TLt1AFkJb-mqAh2_3D7CyxXqT2Z0oNTdzI2gMV_bgnENqYJjPoiYeYgaWkpbWKEU6nYW14c1_keKBaYxZI_ELywxc5y6SpQOBXqvFxn2FYlp04h3O4MiqGdJXjAvF6Z8qw1FN74_5ElR90k-uv1xaR9zRSVV8k3nFdN9Z7I9JA53ybzj4w4tjLggj8b08vsFjxbAVc6yVbfbfPKKgfG01QghYJOSNDIPmNhsAIC0IVFAEqF0VEErpCWXzkDq7DRYteJSROU45NI51s_-tdfTokd5LcWqCWP3WUkdX7JvdruAEAYAGmLnZrZHrnbNMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOljNx9jggrCEA4AKAfoLAggBgAwB4g0TCLyK2eCCsIQDFV_ZEQgdpfYLmtAVAYAXAbIXHAoaEhRwdWItNDcwNTU4MDUzNTM3NzU3ORj_yGw&sigh=cc2qik5zhkk&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_IBPFzP6m14jebBCDs9jzCflj8PMsQiv6aAS5Hmc0X3ZMR7GJhABgNpnNSLrkve2OoYpjNkrImxmgp3UaVHz5Hems9xkNfXoBmhQYAQ&cbvp=2&vis=1
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C687 0
126 B 62ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kPzSGd-BMKwC2ASdg2ICAgAAAH3QRjrnO0rnEJVqz2U4kGaCMEIPsor8AAASAAAKCkFRVUJBUUVQQVE&wp=Zc9qlgAIh_IIEdlfAAv2pa9R0Rt9uKYYil3Lvw&cbvp=2

Requested by

Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168615
server: Kestrel
content-length: 0

GET
H3 200 1 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/19/ Frame A4E0 43 B
431 B 8ms
8ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/19/1?sid=none&_=1708092055707
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1152
x-cache: Hit from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220078-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.708584,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: bcAkde_Z7n7sumqpWdztR-dtXV5nj0oZM83AedCTSHvELS-MH7CtEw==
x-cache-hits: 3314

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 0
324 B 177ms
47ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=266080&pgid=998632&fmtid=42281&visit=M&tmstp=1708092055718&out=json&sh=1200&sw=1600&tgt=json%3Bvskinz%3Dtrue%3Bgm%3D0%3Bscreen%3Dlarge%3Blarge_screen%3DTRUE%3Btag%3Dwf%3Bpage_home%3Dtrue%3Bpage_height_num%3D5000%3Bpage_weight%3D360000%3Buser_bandwidth%3D10%3Bpage_loading_speed%3D290%3Biab%3D150%3Biab%3D338%3Biab%3D363%3Biab%3D367%3Bskinz%3Dtrue%3Bskinz-d%3D300&gdpr=1&pgDomain=https%3A%2F%2Fwww.hellpress.com%2F&schain=1.0%2C1!sublime.xyz%2C3027%2C1
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hellpress.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 204 /
antenna.ayads.co/ 0
40 B 30ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=123155&at=skinz&device=d&et=3213&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&rt=24&sqid=4&src=wf&sspname=sspv3-appnexus&sspplid=14056819&sspr=1&t=1708092053254&tfz=2462&tse=1708092055715&ver=20240216091008&z=25759&e=sspko
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=123174&at=skinz&device=d&et=3215&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=5&src=wf&sspname=sspv3-smartadserver&sspplid=266080%7C998632%7C42281&t=1708092053254&tfz=2463&tse=1708092055717&ver=20240216091008&z=25759&e=sspc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H3 200 input_0.m4s Show response
video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/ Frame A4E0 326 KB
326 KB 8ms
8ms Fetch
video/mp4 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/input_0.m4s?range=0-333740&tid=12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6&tech=dash

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ba8e7c1f43314119dba7eaa25fd8efbd73147ecc278628ecde6b6b5e98c7048

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: adkaVQDPZsS94JdBiYJcI.J8sBdUH7Qw
via: 1.1 varnish, 1.1 varnish
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: WYVQN9ASJVMBT8SM
age: 1490863
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 333741
x-amz-id-2: VKb4fpurTiphwjRv5SzLf0BP3BID4jfpSzTtbOjTRRXBe6Zj6iXrV6pTayFmj4LypR3yzGf58CM=
x-served-by: cache-lcy-eglc8600033-LCY, cache-fra-etou8220078-FRA
last-modified: Tue, 21 Nov 2023 10:55:53 GMT
server: AmazonS3
x-timer: S1708092056.747167,VS0,VE1
etag: "f587b84b53c24a44aa99f9ce880d4770"
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 1 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/9/ Frame A4E0 43 B
431 B 8ms
7ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/9/1?sid=none&v=869&_=1708092055765
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1152
x-cache: Hit from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220078-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.766208,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: bcAkde_Z7n7sumqpWdztR-dtXV5nj0oZM83AedCTSHvELS-MH7CtEw==
x-cache-hits: 3316

POST
H2 204 pb Show response
ad.360yield.com/335/ 0
171 B 141ms
33ms XHR
text/plain 54.155.181.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/335/pb
Requested by: Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.155.181.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-181-217.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hellpress.com
date: Fri, 16 Feb 2024 14:00:56 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=123174&at=skinz&device=d&et=3409&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&rt=189&sqid=6&src=wf&sspname=sspv3-smartadserver&sspplid=266080%7C998632%7C42281&sspr=1&t=1708092053254&tfz=2657&tse=1708092055911&ver=20240216091008&z=25759&e=sspko
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 32ms
32ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=211289&at=skinz&device=d&et=3410&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&ni=335&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=7&src=wf&sspname=sspv3-improve&sspplid=22623158&t=1708092053254&tfz=2658&tse=1708092055912&ver=20240216091008&z=25759&e=sspc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
server: nginx

GET
H3 200 1 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/4/ Frame A4E0 43 B
431 B 7ms
6ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/4/1?sid=none&_=1708092055959
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:55 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1152
x-cache: Hit from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220078-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.959710,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: bcAkde_Z7n7sumqpWdztR-dtXV5nj0oZM83AedCTSHvELS-MH7CtEw==
x-cache-hits: 3317

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame BFFE 16 B
209 B 76ms
76ms Fetch
application/json 35.178.247.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-247-241.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 74ms
19ms Preflight 35.178.247.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-247-241.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F167 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7781:90bd:c37c:5cc6:b26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925920&asId=ea2b0ccc-e5ae-3b21-708e-2df85679ea79&tv=%7Bc:4oCZqZ,pingTime:-10,time:576,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708092056013%7C%7C025868e47150a4418cc2f6614524dc9e%7C%7C1605e69839cb81a076535f1842285622%7C%7C01cc88fc4b8b0300949ef330655ee7f2%7C%7C87f21c0cd5b93657b84be7f9f4dd4c99%7C%7C5166f14ca07b837dc02de4d2edb65232%7C%7C8f14a2c8afe4c5dcbda28a94ab53d206%7C%7C9937b97c56745392e9a3c257fbd18a55%7C%7C1663701684%7D
Requested by: Host: 5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:90bd:c37c:5cc6:b26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame F760 127 KB
41 KB 20ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f57ef0ba2787377eb267380c7fbee757dd07f645a1a31cac1f8931686ef45801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-1fd8c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:00:56 GMT

GET
H2 204 /
antenna.ayads.co/ 0
40 B 30ms
29ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=211289&at=skinz&device=d&et=3556&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&ni=335&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&rt=144&sqid=8&src=wf&sspname=sspv3-improve&sspplid=22623158&sspr=4&t=1708092053254&tfz=2805&tse=1708092056058&ver=20240216091008&z=25759&e=sspko
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 30ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=221425&at=video&device=d&et=3557&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=9&src=wf&sspname=sspv3-criteovideo&sspplid=1671622&t=1708092053254&tfz=2806&tse=1708092056059&ver=20240216091008&z=25759&e=sspc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A4B1 14 KB
6 KB 47ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hellpress.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 495642
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F760 0
196 B 95ms
15ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=150&profileId=184&cb=61824574527

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.hellpress.com
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 1 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/13/ Frame A4E0 43 B
427 B 11ms
10ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/13/1?sid=none&_=1708092056175
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 0
x-cache: Hit from cloudfront, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220078-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092056.176455,VS0,VE4
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: mmQDpFdHlhggCkNzGgLmQQrnY71FlDBizz2bLEeTWXw5NVwpXUIqNg==
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F167 43 B
215 B 167ms
167ms Image
image/gif 2600:1f13:800:7781:90bd:c37c:5cc6:b26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925920&asId=ea2b0ccc-e5ae-3b21-708e-2df85679ea79&tv=%7Bc:4oCZui,time:781,type:e,im:%7Bpci:%7Btdr:725%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:781,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B772~0%5D,as:%5B772~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:176,fm:u4ssbXT+11%7C12%7C131%7C132%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C16*.1925920-78089287%7C161%7C1621%7C163%7C171,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:38,sis:208%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:90bd:c37c:5cc6:b26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 0719 127 KB
41 KB 20ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/25759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f57ef0ba2787377eb267380c7fbee757dd07f645a1a31cac1f8931686ef45801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-1fd8c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:00:56 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame F760 0
195 B 15ms
14ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hellpress.com
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F760 43 B
365 B 16ms
15ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Feb 2025 14:00:56 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F760 43 B
365 B 23ms
22ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Feb 2025 14:00:56 GMT

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
30ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=221425&at=video&device=d&et=3723&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=10&src=wf&sspname=sspv3-criteovideo&sspplid=1671622&t=1708092053254&tfz=2971&tse=1708092056225&ver=20240216091008&z=25759&e=sspko
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
31ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=114301&at=html5&device=d&et=3724&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=11&src=wf&sspname=sspv3-criteogeneric&sspplid=1272203&t=1708092053254&tfz=2973&tse=1708092056226&ver=20240216091008&z=25759&e=sspc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2

200

sid Show response
mug.criteo.com/ Frame A4B1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hellpress.com&sn=ChromeSyncframe&so=0&topUrl=www.hellpress.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=VGO21XxSc0d0Mmo1QjRSUXFwNzZLUTJXT2U3T1RucUtWaUt3eFNuMi9OdFFGbmhaZDZldnk4TUFNb1llTmRQaVNTV252M1ZCTmc2clpPQzlTaE5KY0l5WGlidmJKV2x4Q3NqTjRqZHcxY2t2cy9EWVdFbENtRSttdkhrVj...

441 B
658 B

16ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VGO21XxSc0d0Mmo1QjRSUXFwNzZLUTJXT2U3T1RucUtWaUt3eFNuMi9OdFFGbmhaZDZldnk4TUFNb1llTmRQaVNTV252M1ZCTmc2clpPQzlTaE5KY0l5WGlidmJKV2x4Q3NqTjRqZHcxY2t2cy9EWVdFbENtRSttdkhrVjAvRWdFbjRteTI3aWo5aGRmdHFEMWN2MjFwM0NkZ045WVQ5SGtLV2Y0UmNGSEdlanNWUmJITTZGUzZuczdRUWl0RG55cmZGeXlFbHZEb0FXZWVoVXU0MGxrUnRoK0djclV5UjE5U1ptTDV1ejc4NldjSkluZVB5ZVcxeCs4dGhhd0pheElCeE02d2tHd3R5ZEQxeDQ0Rnc3WGo4eitIQT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7375c1107f482e3972327059fe1801f80adc4882e9439cc321d9693fdb10c572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1001069
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VGO21XxSc0d0Mmo1QjRSUXFwNzZLUTJXT2U3T1RucUtWaUt3eFNuMi9OdFFGbmhaZDZldnk4TUFNb1llTmRQaVNTV252M1ZCTmc2clpPQzlTaE5KY0l5WGlidmJKV2x4Q3NqTjRqZHcxY2t2cy9EWVdFbENtRSttdkhrVjAvRWdFbjRteTI3aWo5aGRmdHFEMWN2MjFwM0NkZ045WVQ5SGtLV2Y0UmNGSEdlanNWUmJITTZGUzZuczdRUWl0RG55cmZGeXlFbHZEb0FXZWVoVXU0MGxrUnRoK0djclV5UjE5U1ptTDV1ejc4NldjSkluZVB5ZVcxeCs4dGhhd0pheElCeE02d2tHd3R5ZEQxeDQ0Rnc3WGo4eitIQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 364966
content-length: 0
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0719 0
195 B 22ms
21ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=150&profileId=184&cb=27223404968

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.hellpress.com
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0719 43 B
365 B 21ms
20ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Feb 2025 14:00:56 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0719 43 B
365 B 19ms
19ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Feb 2025 14:00:56 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 0719 0
195 B 15ms
14ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hellpress.com
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
31ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?a=114301&at=html5&device=d&et=3791&ga=1&gc=0&gcp=0&gm=0&gs=2&isssp=1&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=12&src=wf&sspname=sspv3-criteogeneric&sspplid=1272203&t=1708092053254&tfz=3039&tse=1708092056293&ver=20240216091008&z=25759&e=sspko
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 204 /
antenna.ayads.co/ 0
40 B 31ms
31ms Image
text/plain 34.246.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna.ayads.co/?device=d&et=3792&ga=1&gc=0&gm=0&gs=2&puid=ea422b25-6716-4b05-a6eb-5181d7fd0040&sqid=13&src=wf&t=1708092053254&tfz=3041&tse=1708092056294&ver=20240216091008&z=25759&e=ipb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.246.155.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-155-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hellpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:56 GMT
server: nginx

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 05B5 14 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hellpress.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hellpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 14:00:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 917797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 05B5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hellpress.com&sn=ChromeSyncframe&so=3&topUrl=www.hellpress.com&bundle=2FQIkV93cGp6cmRMWjRMNkFMZiUyQkpCUFhSSzYyRk9SdzJyMzNmMiUyRjBjdDRpN3ZH...
https://mug.criteo.com/sid?cpp=hQ4dx3x4cTFBYU9LU3NKSmlHam9kNnJZOW1EeXVzQWZ1QjBBczB5NlpnWnFIOHpGRFBBVGZTWGdmbVgvVkVwa25NSFZDcDZ1bXAyRmpRYXF5OVlQZmhGNEdIUU55OGUwZ0J2Ylo3cmhqRGJaOTU0UEFURjJIb2FaNWJJN2...

446 B
658 B

17ms
17ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hQ4dx3x4cTFBYU9LU3NKSmlHam9kNnJZOW1EeXVzQWZ1QjBBczB5NlpnWnFIOHpGRFBBVGZTWGdmbVgvVkVwa25NSFZDcDZ1bXAyRmpRYXF5OVlQZmhGNEdIUU55OGUwZ0J2Ylo3cmhqRGJaOTU0UEFURjJIb2FaNWJJN2NFcTRMNEhyUHVSeVFzbVNBb0ZKQ0ZuYUZmQmkxUlVMWjY3UGZwemwvN29Dek00ZW1CZmU4WXZycTZlaE9NaXhHRnhLMlo2OW9XS0FZVENYVnA2Y2U3dDhzSER4cmtVVm9RRmhxNU1TNVIxbmlqME5uQWY5cVJGZzlzam4xQmNUY2JCdnJ2K3lFVzF6K0hUMU1aQ1JUd1d3NWlaMkprai8vbFJIMUd5Uk9SeXQzRUo2WlFhcz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e0667e3da605de82611cc03ea1f3529f5dda03ee25581434a2f21302aa38f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1229619
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hQ4dx3x4cTFBYU9LU3NKSmlHam9kNnJZOW1EeXVzQWZ1QjBBczB5NlpnWnFIOHpGRFBBVGZTWGdmbVgvVkVwa25NSFZDcDZ1bXAyRmpRYXF5OVlQZmhGNEdIUU55OGUwZ0J2Ylo3cmhqRGJaOTU0UEFURjJIb2FaNWJJN2NFcTRMNEhyUHVSeVFzbVNBb0ZKQ0ZuYUZmQmkxUlVMWjY3UGZwemwvN29Dek00ZW1CZmU4WXZycTZlaE9NaXhHRnhLMlo2OW9XS0FZVENYVnA2Y2U3dDhzSER4cmtVVm9RRmhxNU1TNVIxbmlqME5uQWY5cVJGZzlzam4xQmNUY2JCdnJ2K3lFVzF6K0hUMU1aQ1JUd1d3NWlaMkprai8vbFJIMUd5Uk9SeXQzRUo2WlFhcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 353362
content-length: 0
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFFE 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7516146394783&version=m202401290101&ct=77&x=1&cor=15361353511779250000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F167 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5631363321804&version=m202401290101&ct=76&x=1&cor=113206177594389700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 14:00:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 input_0.m4s Show response
video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/ Frame A4E0 317 KB
318 KB 8ms
8ms Fetch
video/mp4 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/delivery/stream/VBCrqSD2YZblKPnpNHAMy/input_0.m4s?range=333741-658353&tid=12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6&tech=dash

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

285ef3ef518f851ccc24296bf6cd45ebfd2a81f16e7e6ad01316a9e332e21b94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: adkaVQDPZsS94JdBiYJcI.J8sBdUH7Qw
via: 1.1 varnish, 1.1 varnish
date: Fri, 16 Feb 2024 14:00:59 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: WYVQN9ASJVMBT8SM
age: 1490866
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 324613
x-amz-id-2: VKb4fpurTiphwjRv5SzLf0BP3BID4jfpSzTtbOjTRRXBe6Zj6iXrV6pTayFmj4LypR3yzGf58CM=
x-served-by: cache-lcy-eglc8600033-LCY, cache-fra-etou8220078-FRA
last-modified: Tue, 21 Nov 2023 10:55:53 GMT
server: AmazonS3
x-timer: S1708092059.364040,VS0,VE1
etag: "f587b84b53c24a44aa99f9ce880d4770"
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 1 Show response
t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/14/ Frame A4E0 43 B
427 B 32ms
31ms Fetch
image/gif 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seenthis.se/v3/12hmaprzj23fw80mur311f59snp42hmaprzj52n46taav61vy0fcuj735rgniab82vgx0tqj9313swd72a1d84l798b3jm1nwnqc1f6c5b7zd1yhy8gpqe2ddjijguf28rzqzq8g22j07v7ghydwjshtz25y6/14/1?sid=none&_=1708092059894
Requested by: Host: video.seenthis.se
URL: https://video.seenthis.se/v2/player/94/player.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:00:59 GMT
via: 1.1 832009bc56ffa63a1a2a1fcf3f95b9e4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MRS52-P3
age: 0
x-cache: Hit from cloudfront, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43
x-served-by: cache-fra-etou8220078-FRA
pragma: no-cache
server: AmazonS3
x-timer: S1708092060.894908,VS0,VE25
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private
accept-ranges: bytes
x-amz-cf-id: yteSnFUnPxbDxJa4eLT2dwHpo7N0DIYHV7YInE8uzOI4_2UviSEHxQ==
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hellpress.com/	1970-01-21 04:04:12	Name: _ga_ZNLC8QB558 Value: GS1.1.1708092053.1.0.1708092053.60.0.0
.hellpress.com/	1970-01-21 04:04:12	Name: _ga Value: GA1.1.182137827.1708092053
.hellpress.com/	1970-01-21 03:13:48	Name: cf_clearance Value: wtjTyx7JXu3JuE2p3c.2pkdSCMUjZ6yVbbSNYofvhqc-1708092054-1.0-AVy5M2dKydef21iA75FyFRHAeeaufp4m49RH6h170NzhFPivkQ1I9C4iEYVlXNDw9afCJ4vS++ugJpi6nvubvnk=
.doubleclick.net/	1970-01-21 03:49:48	Name: IDE Value: AHWqTUnPFsTR6IXQOsRJkIKFrz5cUfZMdFVqjj5DEYHbMa5jbO27ALaylac72dzSDPc
.doubleclick.net/	1970-01-20 22:47:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:37:48	Name: XANDR_PANID Value: NFAevDMCh2voDNBv-YNi-Hz0vp3Y_JfCK0In9MLlau8GEMUaj6y_YMWDUJLEV4C1q_O36RO5qLXBCq6BiA3BxxgakVfmJuOO6eCB0_eKbQI.
.adnxs.com/	1970-01-21 04:04:12	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:37:48	Name: uuid2 Value: 7204153572008824813
.casalemedia.com/	1970-01-21 03:13:48	Name: CMID Value: Zc9qlrmqPTQAAGYOAMr28gAA
.casalemedia.com/	1970-01-20 20:37:48	Name: CMPS Value: 2231
.casalemedia.com/	1970-01-20 20:37:48	Name: CMPRO Value: 2231
.adnxs.com/	1970-01-20 20:37:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTxjfKVc!]tbPl1M>e)ZlrFUfJ+tGXxoD9'vY9%h)jUvzOL^(upK]]q/YvoD@Lj8Qt3If)y3KL9D3I?+hPHQIC
.doubleclick.net/	1970-01-20 22:47:24	Name: APC Value: AfxxVi67djvymfxBB263L_ef4_6MTHmJJLEYTiF3cgH86QxIYU7h3Q
.doubleclick.net/	1970-01-20 19:11:24	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 20:37:48	Name: 8lcfmzhxc8d6_uid Value: 55315d834c424b55
.retailads.net/	1970-01-20 19:11:24	Name: ppb2172 Value: 3553176216
.futalis.de/	1970-01-20 19:54:36	Name: raSIDb Value: 3553176216
.office-partner.de/	1970-01-21 04:04:12	Name: source Value: {"webgains_webgains":{"timestamp":1708092055012,"clickCookie":false}}
.hellpress.com/	1970-01-21 03:49:48	Name: __gads Value: ID=df69348f9869193f:T=1708092053:RT=1708092053:S=ALNI_MZRJz5_LDSb0zZNlgUrvFbBz9bLfw
.hellpress.com/	1970-01-21 03:49:48	Name: __gpi Value: UID=00000d5ae633fb33:T=1708092053:RT=1708092053:S=ALNI_MZ4s8AGSGnJH4TbHu-JZFcxoFCsdA
.hellpress.com/	1970-01-20 22:47:24	Name: __eoi Value: ID=94b1e5c2707ed8cc:T=1708092053:RT=1708092053:S=AA-AfjZRX5nL6rZQt7hgGi5PcMzq
.criteo.com/	1970-01-21 03:49:48	Name: uid Value: 5213fd92-3321-4d92-a093-a2be017b52e5
.criteo.com/	1970-01-21 03:49:48	Name: receive-cookie-deprecation Value: 1
.hellpress.com/	1970-01-21 03:49:48	Name: cto_bundle Value: 5RPGOF93cGp6cmRMWjRMNkFMZiUyQkpCUFhSS3hZTE1CSjNOMUxFQXdKSUdnM2tnJTJCJTJCMGpZV1VUM21JQmVvayUyRm4yMnc3ZVp5YjQ3TktjRUNWakFzRXVUWDVWa3Z4YjBRR1FxbDVEQ3MyRCUyRk5nWGNsZjM3JTJGVXhLY2pYd0lNcDhOcERzaWZYdHIlMkZMMCUyQjVaRTVhQXpFenlySjBxN1RnJTNEJTNE

131 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/newspaper.woff?21 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://www.hellpress.com/wp-content/themes/Newspaper-child/images/icons/newspaper.ttf?21 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hellpress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cd8f7dc42bc06c504acea42b55ac217.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad.360yield.com
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
antenna.ayads.co
api.webgains.io
bidder.criteo.com
cat.nl3.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
geoworker.ayads.co
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
imageproxy.eu.criteo.net
mug.criteo.com
optchk.ayads.co
pagead2.googlesyndication.com
pv.medialead.de
region1.analytics.google.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
sac.ayads.co
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
t.seenthis.se
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
video.seenthis.se
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.hellpress.com
www8.smartadserver.com
13.32.99.47
138.201.135.164
138.201.84.245
142.250.184.226
142.250.186.38
151.101.129.91
151.101.65.91
172.217.16.194
172.64.151.101
178.250.1.6
178.250.1.8
18.239.50.87
18.239.94.52
18.245.46.127
18.66.147.98
185.89.210.180
2001:4860:4802:32::36
23.52.181.90
2600:1f13:800:7781:90bd:c37c:5cc6:b26
2600:9000:223f:1200:8:48e:53c0:93a1
2606:4700:3035::6815:55a6
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c1d::9d
2a01:4f8:d0a:2321::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a0b:4d07:102::1
3.8.213.175
34.246.155.13
35.178.247.241
35.244.159.8
49.12.22.42
5.135.209.97
52.213.49.255
54.155.181.217
91.121.248.44
0101169c1d63c747444a7b58c590d8e4cf58713fa63bd1dba99bfdfb4adc30c8
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
079f7f1e5b990d5110ed9f9eff2e6bd6b9dd499f84cdccfcf7079e7b66dc0be0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac9aade0db6b6ab9fdb82e776dd1a5f81bec809938beb3d2f07c6419892f03e
0af16b19cc50ae078537519ec699cc79161818cb1c021ac312791792325ab5b2
0b36397718611d0d8fe584abfadd03b2d7a433327e209f96654e9738c942b900
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e6fb05a962e8f721a15b4e1c0ec07cd3d784e362d51f0a0d1ef29d10728f34d
0eff24bea68531502cc3bc86b647d7890b4717a04c79978647c03bdc56af8ddb
15c53232dc2ab5791df82752923ebe32b12f6cc28964aecd51608edcdc383897
1b5ca9039c0a307caea46b5515124ae402921e5fced5caf130a3874f6dd15409
1db54dcc577c6bbc62b02c397f14ee4bc4d7670751a3c62a261485eadf158028
1f1c2bcc50860deba0a468cf8a20839df565e03496ebee56e0837c693d103772
1f3cddd23dffa16e500027b60382f0b3cebcae742e75f18bec8ce577423890be
23796d466771f8c8885870d5227ffa84b4899a798402ee59192afa91c436565c
239d41be9ae38cc4c038bf812752bc7410b61beb53341705efd72f3885270ef1
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
24ee784f7efaee9e6b398f4f20335d9cef65475d258a436bc3d4c22fc8770a58
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26615f4cf912a918c134e5942344dc3fd6f89b3c77274a529dffad8686964706
26cc1370ef10c326b2495c0279e97748ba488faa22fd3d189b887a5207b26ee1
285ef3ef518f851ccc24296bf6cd45ebfd2a81f16e7e6ad01316a9e332e21b94
2908acf0dba5392095891f4f22a0e2551b29e9730185b71e2b3890d9d3ec4db9
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2c59b193778c30c057f5e1d2213a9d55ae11fd88775b4d226a9015b21ea54e4a
312f716e4c0c5c0f1abfed323d7ada6bfd129daa6d7c5deb006f4b2146f4c998
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32eab928b1653235d639eddc8bb9c5d26ae4a98dc766d9b6abd307c7f5cf850f
3678e9e250e5d54c8cf298260be991eec8d8bf1ae723049582bede5a8d597e29
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3c86628ef00d39f6f13033179b9f15dfbe7cc586145a48f927427788af179dbf
4236647979c561d1ff52cfe082cc31e2c9f7ce9663bf7362e364ba2f103e44e2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e86fee60b7ac8c3a48935f239ccc3f7f3f5662c05b4dbdf09e63e365e334d7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e913aab374d91c8f4efd868625a40770655a02ae387c1531b4a944aac5b1232
516662dd9977e229a39c361398cb3c298ae5ca241f184f898806392fc484a5f6
5196f69f2af870f8b7c589c97e38fb9d089b3e499295ee96afd926948e9b30fe
519ed1cf7104eb2bfe0d64e0bcfe5bb97b005b1ba9a12689239f4a7ffa98891d
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5877732cd9db6a99e21af44a5d3f0e7d5284c679b8c4c5b20f719485732089ed
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
5b7345267124f934e147130ccd60ec744e7e60e9e633be9a5aefe74c5a07c1c9
5c842c0eb155cd0fbb2e43a455c2e53fc43cbe1da549757d13df9bd6bc08520c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629544ed58457e70736876b49fd980ec99d93ea0f515ecfc50e742c5ac4a6e9e
637b8692891757a155c0931f5c77b31005be86f65c5d06872d03adcda4a338c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4b035186a15b7de0fa2b56228e7933295e0122d04d6cacd32705f4990bdb7d
6f9cc4b7800736a68c3bcd9a02055277817f6b4d7789e6c5e1031c665011e8b0
6fa076150980b41ec22078b13ca0bcac8d6309496ed501e358ff6a7469806986
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7283ba57892848e9d230021408983694c8ac72010d5c397eb12d5ef0f3056c27
7375c1107f482e3972327059fe1801f80adc4882e9439cc321d9693fdb10c572
75aacf994cc5cc3eddb9fdb09566bc766f4b81bccc66ee37c20625cf8e9a9c75
7aeacad2ba0651fab445f34d952ae5898b0b0acaa15aa9e8e53d749d2c1b252a
7b2efe5084929b4ddca995e5e473f83c252687bd016c1ebb5fcbb353b2d320e6
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ba8e7c1f43314119dba7eaa25fd8efbd73147ecc278628ecde6b6b5e98c7048
7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc
810eef31207a7baf1178396bd55d5459de14e37095d6ff6f973690d7d4b0506e
8143cc93ba9555bc670d43faad3edda8c803597a9227ac1a9dcc0eb0e444a258
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
86a9a9ac0e150e38a8e3e6f87fb72d44927519ced17a522fb0c7ce540a2b84a5
890ada2c96922f7b20f83d63909f22bd3d65ed040ca82bf61607746d05d332a1
8bcbd7515d88f54cd7c7eb6d7292a1593a36aca2dd92c6601bcc8fe3272835c2
8d739e9bc6d43b6b3f01e43cab3449079d5cf1f2a88203682afee48a038346e5
8dcd5f54b5d66f7b8a53dfb3117b075f7cfd4ce570689ea12ee809f6ccf30642
8e0667e3da605de82611cc03ea1f3529f5dda03ee25581434a2f21302aa38f07
8e47688e3228bb4b9534c2324147cb9917c8111b773469f233f0c2fbb1e170af
8e83cf9f3c12892e25485e60a9fce55953d4e4225968b66953fac061c192b0c0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9170bd0db981f084ed9e2534b6316459b93ea6158c9bf5a6b2dadc5000cd028d
96eac7db58681de92f0f045ca7d47ddf8b5bfecda63f01db3053dafd6068200d
9957f89bb69e21811ffa8daea3945391552a2dd4b5f39e693883f217e27ff048
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a202f40066bbffd1d6a1741bceaa0e233a24e6e3143db7ebd8f97e72cb2743ee
a2231ba532c5079062e39612b4e86eca5c0c8dbf101c50b1f5a8936bf74fc5cf
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a56782d6013a1c9523e9f83918d7f0935196ee11cca0b02dcb117329f042fb18
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a950a2f65b284987def5bd6d63095bf55075dcd412e81c0fd9522714d883b5ed
a9f96ac52806cef9a85ded0a995f2411f4f8c6906bb094a8a398892ca5be0ae2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b187a0d88087084269d3af717caf6b94d09a0d7db6c9318cf53f5b5da8b209d6
b48a6862a4b9d72c34942d44d54e7cdeeda1e8343e6af2f79c57dfc777b3c23b
b5b0d723bddb063bc19dce7596120bc82b9dcf0f8e36c5ebbbd29f9ec0161e1d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9709dab3a9e4b5ed7331825aff55c35504e09ef7768100478bd1c40a1fc4044
b984a853681593d30894cc5538b42f0fca2259218a9a88cb31c7e87a1e8ac366
bba4e249dd2d8ae05da42a62685cc1e0f0281e5468431959dbbe9de811b3e4ed
bbcb29777175a28dad889e524ce61e36f5b86f36f5c6779f811fc0f20a653799
c3e30e6ffdfad7e2ee7ca2304bb821c64f97d8013d76c01ca62426373d4d8822
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cecd83ec105a1ef67ac0dbf12dea93d55edd158094f8211ebde8c9f2f5daf7f0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf96a8803fdc35f21446d5713c5255d205e78f8b1e46a2033e68b8f38080cdf9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d3c493846d41fc55b4db348e142c41b61761198554cbc0a4a648effda5b9e47f
d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477
db448fb064d0f9c095a25132a62d9f6c56001c1d67a3eb015b045ecd81d54fec
dd2eb349ab50bcc252cf84742bdb96def2027321cdcba72205cec0892209fb53
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ded9ba86cb6510c6e1df1558136048f758d08289c4674b5ea061e9bd76e9c5
e6adfa2c8ccb8b534d50510b5bb83405e8cfdddf5c34966ddc7016ca0bdbb0fc
eaa32dc4585d3dc960f78a1f94a6e531a301f8a951769ec24b0ec605ddeba749
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed94cf271bb589954abffbaa186866435e8281f517206b449279582bf2a2e37f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f289868c7729c02b5c6e870c4a6625314979cb8d47a6deb0681eb80cc322d4e0
f57ef0ba2787377eb267380c7fbee757dd07f645a1a31cac1f8931686ef45801
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6513b21938d1db49817b1d73eace3b7d51688bad88c161af59e4da998cd922d
f6c5035e04845f6a26f9a9482717abf3ac36711b85e5b2ac87e423ba0ceaaf89
fc89ee46f06d28aa5fcf9fe72da1bda5f3dd4f90ef1e272604bee1418362e6ab
fe128879e48d94c7350fb46ba64ae0c4aaa10f2e8a38d3ed703fbdf607a09a40
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.hellpress.com Open in urlscan Pro 2606:4700:3035::6815:55a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

94 %HTTPS

50 %IPv6

29 Domains

54 Subdomains

53 IPs

7 Countries

3837 kBTransfer

9258 kBSize

24 Cookies

6 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hellpress.com Open in urlscan Pro
2606:4700:3035::6815:55a6 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

94 %
HTTPS

50 %
IPv6

29
Domains

54
Subdomains

53
IPs

7
Countries

3837 kB
Transfer

9258 kB
Size

24
Cookies

238 HTTP transactions
12 data transactions