www.ntdtv.com Open in urlscan Pro
2.19.126.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://reurl.cc/VLzovb
Effective URL:
https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Submission: On July 31 via api (July 31st 2023, 1:31:59 am UTC) from US — Scanned from DE

Summary HTTP 188 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 40 domains to perform 188 HTTP transactions. The main IP is 2.19.126.197, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.ntdtv.com. The Cisco Umbrella rank of the primary domain is 399543.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 10th 2023. Valid for: a year.

This is the only time www.ntdtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
18	2.19.126.197 2.19.126.197	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
9	23.32.238.33 23.32.238.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2.19.126.209 2.19.126.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223c:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.201.68.206 35.201.68.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.31.93.220 184.31.93.220	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	3.35.121.183 3.35.121.183	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:fe00:a:e047:753:be1	() ()
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	34.251.163.198 34.251.163.198	16509 (AMAZON-02) (AMAZON-02)
1	130.211.15.150 130.211.15.150	15169 (GOOGLE) (GOOGLE)
3	69.166.1.14 69.166.1.14	27630 (AS-XFERNET) (AS-XFERNET)
1 5	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
6 14	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	13.125.41.255 13.125.41.255	() ()
1	103.243.202.190 103.243.202.190	() ()
1	133.186.12.15 133.186.12.15	() ()
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.192.153.28 23.192.153.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	() ()
2 2	37.157.2.229 37.157.2.229	() ()
2 2	185.64.190.78 185.64.190.78	() ()
2 2	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
188	52

4 35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.19.126.197 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-197.deploy.static.akamaitechnologies.com

www.ntdtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.32.238.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-33.deploy.static.akamaitechnologies.com

vs1.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.19.126.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-209.deploy.static.akamaitechnologies.com

i.ntdtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.93.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-93-220.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

vs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.35.121.183 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-121-183.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:fe00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.163.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-163-198.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.15.150 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 150.15.211.130.bc.googleusercontent.com

comments.ntdtv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.125.41.255 (None, )

ASN- ()

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (None, )

ASN- ()

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.12.15 (None, )

ASN- ()

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.153.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	382 KB
34	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 114 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 347 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	254 KB
30	ntdtv.com www.ntdtv.com — Cisco Umbrella Rank: 399543 i.ntdtv.com — Cisco Umbrella Rank: 495761 comments.ntdtv.com — Cisco Umbrella Rank: 883985	649 KB
13	youmaker.com vs1.youmaker.com — Cisco Umbrella Rank: 88807 www.youmaker.com — Cisco Umbrella Rank: 81908 vs.youmaker.com — Cisco Umbrella Rank: 183699	930 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	536 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 461	10 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58 region1.google-analytics.com — Cisco Umbrella Rank: 1914	42 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	386 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2693	822 B
4	dable.io static.dable.io — Cisco Umbrella Rank: 23478 api.dable.io — Cisco Umbrella Rank: 21263 r-log.dable.io images.dable.io — Cisco Umbrella Rank: 26860	39 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5772	641 B
4	reurl.cc reurl.cc — Cisco Umbrella Rank: 240198	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	169 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 mug.criteo.com — Cisco Umbrella Rank: 2490	7 KB
3	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2380	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 403	959 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 725	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1361	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 482	418 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 869	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 837 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	media.net hbx.media.net — Cisco Umbrella Rank: 1258 hblg.media.net — Cisco Umbrella Rank: 2092	2 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017	10 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 497 ajax.googleapis.com — Cisco Umbrella Rank: 415	153 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	93 KB
1	adsrvr.org match.adsrvr.org	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 862	713 B
1	gssprt.jp cs.gssprt.jp	82 B
1	toast.com cm-exchange.toast.com	627 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1633	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 599	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	448 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
0	daum.net Failed analytics.ad.daum.net Failed
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
188	40

	Domain	Requested by
20	pagead2.googlesyndication.com	reurl.cc ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.ntdtv.com www.googletagservices.com
18	www.ntdtv.com	reurl.cc www.ntdtv.com
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com www.ntdtv.com
11	tpc.googlesyndication.com	www.ntdtv.com reurl.cc ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
11	i.ntdtv.com	www.ntdtv.com
10	s0.2mdn.net	ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com reurl.cc s0.2mdn.net www.ntdtv.com
9	securepubads.g.doubleclick.net	hbx.media.net securepubads.g.doubleclick.net reurl.cc www.googletagservices.com
9	vs1.youmaker.com	www.ntdtv.com vs1.youmaker.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	1 redirects www.ntdtv.com googleads.g.doubleclick.net
5	www.googletagmanager.com	www.ntdtv.com www.googletagmanager.com www.google-analytics.com
4	googleads4.g.doubleclick.net	reurl.cc
4	www.google.de	reurl.cc www.ntdtv.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	www.google-analytics.com	reurl.cc www.google-analytics.com www.ntdtv.com
4	reurl.cc	reurl.cc
3	googleads.g.doubleclick.net	ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
3	apex.go.sonobi.com	www.ntdtv.com
3	ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	vs.youmaker.com	www.ntdtv.com
3	www.google.com	reurl.cc www.ntdtv.com ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.google-analytics.com	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	sb.scorecardresearch.com	reurl.cc www.ntdtv.com
2	connect.facebook.net	reurl.cc connect.facebook.net
1	secure.adnxs.com	1 redirects
1	match.adsrvr.org	ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cs.gssprt.jp	www.ntdtv.com
1	cm-exchange.toast.com	www.ntdtv.com
1	images.dable.io	www.ntdtv.com
1	r-log.dable.io	static.dable.io
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	mug.criteo.com	www.ntdtv.com
1	comments.ntdtv.com	www.ntdtv.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	hblg.media.net	www.ntdtv.com
1	api.dable.io	static.dable.io
1	static.dable.io	reurl.cc
1	hbx.media.net	www.ntdtv.com
1	pixel.quantserve.com	www.ntdtv.com
1	www.youmaker.com	vs1.youmaker.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	reurl.cc
1	imasdk.googleapis.com	vs1.youmaker.com
1	www.facebook.com	reurl.cc
0	analytics.ad.daum.net Failed	www.ntdtv.com
0	d31qbv1cthcecs.cloudfront.net Failed	reurl.cc
188	62

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
competitions.ntdtv.com
www.ntdtv.com.tw
www.ntd.com
ntdtv.fr
ntdtv.ru
ntdtv.jp
www.ntdtv.co.kr
www.epochcar.com
www.youlucky.com
www.facebook.com
twitter.com
www.youtube.com
dance.ntdtv.com
www.shenyunperformingarts.org
www.epochtimes.com
www.ganjingworld.com
soundofhope.org
www.tuidang.org
www.minghui.org
dongtaiwang.com
www.wujieliulan.com
www.ganjing.com

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.ntdtv.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-10` - `2024-04-09`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-11` - `2024-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
static.dable.io R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2023-07-10` - `2024-08-09`	a year	crt.sh
cs.gssprt.jp GeoTrust RSA CA 2018	`2023-01-06` - `2024-02-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Frame ID: CB2F031D01BD235BAEFFB0F4DA88C55E
Requests: 123 HTTP requests in this frame

Frame: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 222B797E5B23117A4DD817A2EDEE4515
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ntdtv.com
Frame ID: FF045FEDA07A06229F6374D0B6136340
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzG0CHUNE1w2UlPFHCE18FoQPm3Nitg5xQGYqH5TQwRge1e4tPeb3rbkX916UMSn4EiiJxcljzpNpSuIwnP-g0QW6Y1ElOU4g8ol0T0C4Mk_6KhDwlO73KhQ_WJT4QidscKlkccxGpi8Lsbj7StfeJKoIC1pfvA4rnha6dc5LwIwxkJZ3cqA1RBk4C3rPFA7rKBsG2NsDA0qJ487On4uSp-bcyJBmR7OhvrHKJjamBVI67-4UptMkY4l9NCTcSW8y6i0PsTIgBt9s_BHSvOHZm8i2ZdauFOngTp3WHew6Y-5d5R_i8FPY5TMEq_6jyZ3IoZRWkldwhQ6hYtMgjHpDgfQmpBk745LLlUpo&sai=AMfl-YSeKkwSWR1qC75fS2JRBOyFxvHL6o-im_5HSbnvSHu6U35EfZHOk_wqUJJAswQYOZD00tzygoOyGzp8vDQh-wsbHVh9S4tHRXtvnNQOfmVXX4gtEgtK0sqQPAY0SrIyM1B5Ar-TzUI7_lpqlhaf&sig=Cg0ArKJSzJgYC0Ci2-cJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 510A75039C5099D0E786DB4D821D5913
Requests: 5 HTTP requests in this frame

Frame: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1CFD018588E049A5FD833EB34AF61D5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNU3-z7jxoAlckWfPjfkkKVd-lJXA4Jf_mwyTUj7kzk_VDlducrJDtTaRi12gXk3GWHLpe4RQ6VT_pFTlPlr3QEvgBuWszUMEYFYiZ6rqypP9FtFTped27ipRg0bvBW-6MKWf-hMuskbxdIomOe4mfl1ikSRLmb9S2QqafU6J0kNZRyyNw8
Frame ID: 87C39F2EE24D47BC90C2291D02F07832
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8758AB8684D6252F5F277000D69F050B
Requests: 3 HTTP requests in this frame

Frame: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E51159F215751B1F0D8A2D2F92FD3044
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY
Frame ID: 10F1730304EA55F39D9D2E010DA648FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3843C996D207481E63AAB16E5C66A40
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9F5A779B8E10E458FE2879B123411AF2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
Frame ID: 76ABEC3F7AF559A6FFBA8510E800BB39
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 7E3241A2F886C3FFA56379589546A203
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

乾淨世界MT0總部紐約上州開幕政要慶賀褒獎 | MT0大樓 | 網絡數字平台 | 新唐人中文電視台在線

Page URL History Show full URLs

https://reurl.cc/VLzovb Page URL
https://www.ntdtv.com/b5/2023/06/23/a103736362.html Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

188
Requests

90 %
HTTPS

42 %
IPv6

40
Domains

62
Subdomains

52
IPs

9
Countries

3749 kB
Transfer

11597 kB
Size

36
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuSwnJVmoXB1zbf8lGm_F-HjgiOVnYqxUBbUCD6nJ0IKL87SKdVgDusa9a-jEdZzrRtWQALuaPx91H_ukb40VEcLoLPWgWYE7Xk1haUgbRfKFgztC2ndJmk67jo47gBZfy-1dp2By4Zhe_oXTyFvcLfhQxuC4A-F42oQE9lT-C5iH8V84vOEC1QGDq9xIskgrzsmrUR4IYC2rL6DxE7iRCfBQUZr6uKYn-1y1bIOAW4H4fYV6WHyUVacD93iMeGaHHbFXdv4JDhgS-JFeR9DO7GVqA9JWFP7LNdHrnNx-zzh7q8LuSWtvZ7iaYxoj7BEmraUpnD1i8EYqMF&sai=AMfl-YTy6HN13K118it4aHhjBCwbjUJ-QYFRyCLOFHtloXIPYies-geJtFC7t0dp1nqq6Fa_N1wkDeFfY9MMZ7jf_aPJ4TcHRxe5enId4kFNqeX1hq447Gcq0T-ZWAjLxPy_XQ3zI95wU-0EiT6e_ecV&sig=Cg0ArKJSzMY-5oySmMumEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://dance.ntdtv.com/index.html?utm_source=EDN

Search URL Search Domain Scan URL

URL: https://competitions.ntdtv.com/
Title: 大賽

Search URL Search Domain Scan URL

URL: http://www.ntdtv.com.tw/
Title: 亞太台

Search URL Search Domain Scan URL

URL: https://www.ntd.com/
Title: English

Search URL Search Domain Scan URL

URL: https://ntdtv.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://ntdtv.ru/
Title: Русский

Search URL Search Domain Scan URL

URL: https://ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdtv.co.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.epochcar.com/
Title: 捐車

Search URL Search Domain Scan URL

URL: https://www.youlucky.com/
Title: 購物

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ntdchinese
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/ntdchinese
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/ntdchinese
Title: YouTube

Search URL Search Domain Scan URL

URL: https://dance.ntdtv.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95+%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E&url=https://www.ntdtv.com/b5/2023/06/23/a103736362.html&via=ntdchinese
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/
Title: 神韻藝術團

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com/
Title: 大紀元時報

Search URL Search Domain Scan URL

URL: https://www.ganjingworld.com/
Title: 乾淨世界

Search URL Search Domain Scan URL

URL: http://soundofhope.org/
Title: 希望之聲

Search URL Search Domain Scan URL

URL: https://www.tuidang.org/
Title: 全球退黨服務中心

Search URL Search Domain Scan URL

URL: http://www.minghui.org/
Title: 明慧網

Search URL Search Domain Scan URL

URL: http://dongtaiwang.com/
Title: 動態網

Search URL Search Domain Scan URL

URL: http://www.wujieliulan.com/
Title: 無界網

Search URL Search Domain Scan URL

URL: https://www.ganjing.com/zh-TW/channel/1eiqjdnq7gozJ9BKZeWTfN1061tn0c
Title: 新世紀影視

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reurl.cc/VLzovb Page URL
https://www.ntdtv.com/b5/2023/06/23/a103736362.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ntdtv.com&sn=ChromeSyncframe&so=0&topUrl=www.ntdtv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tuXYnXxRdkN4MGRHTTE3UTJQbS9CL1RZTlhRaklIaE1vVTZNK295SVIyVXdLanM2SnQxcngvWC93M0krZFQ3RVRNMzJCTkI2Vm83WGxwQndGcmhINHNOazlic1REQUJJT1VoT0tlVlhvSjMwbnByekVmcG1QVUtIK0tYVEJINmdSUFExOTB5Rm5zVUhpOHc0cXNTYlFxN2x3WWcrVnQ2YU11S2ExTGhmZVMvVHh3VmJINEZZTGpCUVpuZDQ3TWhRdXRaS3V0WS9DbTB4bWo4YTNmZEQ4WmVIMkJOM2lwMW5oM2hEZEErVUgwUzJyUVI4b0VuazVDaGtRQ3RpblZmdUI0Z1IzTW9tbEVld2QyQTJ6cXFreUpzb0FFUT09fA&cppv=2

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1&C=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMcPDbsmleLb9f7auyV0MAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBd4LaOCwZuZizjFq31QmRA&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://images.dable.io/1x1.gif?google_gid=CAESEBy0wWQqI4es3cXT4MzYAnA&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5K3HTr-97Nhsab_KyfXM&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKpeOdx-42fFERG1hSSqrZE&google_cver=1

Request Chain 169

https://um.simpli.fi/gp_match?google_gid=CAESEIC5qArDB7NfEvLgKpRTrqo&google_cver=1&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3935x5QU61QHeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97C241DE5A634D1CA7C19626E8768A70&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3935x5QU61QHeA

Request Chain 171

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF0KU2epfEaJveR70-r6ueU&google_cver=1&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431stzXPCfWFPLOveE_bnpjIX HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF0KU2epfEaJveR70-r6ueU&google_cver=1&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431stzXPCfWFPLOveE_bnpjIX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3MDU1MjE1NDU5OTUxNjMxOA&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431stzXPCfWFPLOveE_bnpjIX

Request Chain 172

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA8Nwppiy5hW8rXtWeKZNSc&google_cver=1&google_push=AaAOQGFGqXRimnhBhmZ81oZjkzOFbYqjC1lUcCQCcNM7iNNL7UDog7Z9waDsfEfsXTFg0EXyBMCG7tcZuarsGCKMTWRGs-sqZRDm HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA8Nwppiy5hW8rXtWeKZNSc&google_cver=1&google_push=AaAOQGFGqXRimnhBhmZ81oZjkzOFbYqjC1lUcCQCcNM7iNNL7UDog7Z9waDsfEfsXTFg0EXyBMCG7tcZuarsGCKMTWRGs-sqZRDm&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5rIFRCORv6bjGEIrR06Rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFGqXRimnhBhmZ81oZjkzOFbYqjC1lUcCQCcNM7iNNL7UDog7Z9waDsfEfsXTFg0EXyBMCG7tcZuarsGCKMTWRGs-sqZRDm

Request Chain 173

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN8iP7y-p7l1HqMu6VuXRv0&google_cver=1&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN8iP7y-p7l1HqMu6VuXRv0&google_cver=1&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA&google_hm=HEe7sGZHi1W7x9U1SHG96vUG

Request Chain 174

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHyveLj5DZffcUmgQS2JP1k&google_cver=1&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr&google_gid=CAESEHyveLj5DZffcUmgQS2JP1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE3MzkyODg1ODI4OTY0MjMzODMzOA%3D%3D&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr

Request Chain 175

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZCCgDu1iRZ-A8lakEfLxixY7ZVTjkjeczmFQHKDGAxyk_ewBpK3s8iIoZcuUs6ov0OCbJ3s6l4duFG0zgH9xxFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZCCgDu1iRZ-A8lakEfLxixY7ZVTjkjeczmFQHKDGAxyk_ewBpK3s8iIoZcuUs6ov0OCbJ3s6l4duFG0zgH9xxFQ

188 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VLzovb Show response
reurl.cc/ 1 KB
807 B 621ms
202ms Document
text/html 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2f4ad02d26db12fbbb727d60ad2c908a0bf40c7ce506c194469ffc5ce02acd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 01:31:53 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
vary: Accept-Encoding

GET
H2 200 ga.js Show response
reurl.cc/javascripts/ 368 B
486 B 201ms
201ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/VLzovb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:54 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-170"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 30 Jul 2024 01:31:54 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 202ms
201ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/VLzovb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:54 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 30 Jul 2024 01:31:54 GMT

GET
H2 200 redirect.js Show response
reurl.cc/javascripts/ 112 B
326 B 202ms
202ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/redirect.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/VLzovb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:54 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 30 Jul 2024 01:31:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 23:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6129
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 31 Jul 2023 01:49:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 31 Jul 2023 01:31:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47009
x-xss-protection: 0
pragma: public
x-fb-debug: PEbkf14TIz8OZjkhTsrvJmmikVVqrshFQ/YNq5Y1MmwTcm/2ZDLjMq8CTu0ATvpC8vlL3DHeMByzZrL0XfSVpg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=446364054&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FVLzovb&ul=en-us&de=UTF-8&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=865925993&gjid=607108634&cid=1286292767.1690767114&tid=UA-102456694-1&_gid=490372351.1690767114&_r=1&_slc=1&z=374246832

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 169 KB
46 KB 246ms
245ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.119&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61e1a452830067eaedc7dda12c8a923635c8bc64f53cdfa169bcaca4edf1495b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 31 Jul 2023 01:31:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Ed/KXMxxdpqCHA0/bOtCKTaMM/xHo1EkVgTeRM2mOTTWbMBiUCrXyhgoyoxUqIMc5eiTROUfnqCh7gqVY/2PTw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1286292767.1690767114&jid=865925993&gjid=607108634&_gid=490372351.1690767114&_u=IEBAAEAAAAAAACAAI~&z=769260148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 31 Jul 2023 01:31:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 46ms
18ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1286292767.1690767114&jid=865925993&_u=IEBAAEAAAAAAACAAI~&z=1695745241

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 46ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1286292767.1690767114&jid=865925993&_u=IEBAAEAAAAAAACAAI~&z=1695745241

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 34ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1690767114630&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=28&fbp=fb.1.1690767114628.828466352&cs_est=true&pm=1&it=1690767114367&coo=false&cs_cc=1&exp=a1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 31 Jul 2023 01:31:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK Primary Request a103736362.html Show response
www.ntdtv.com/b5/2023/06/23/ 96 KB
21 KB 1055ms
935ms Document
text/html 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/redirect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-197.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 406881bf31e90bf703368e1f00ee94ef002963f120457802f98529e21d5c78a1

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Access-Control-Max-Age: 86400
Akamai-Mon-Iucid-Del: 1295244
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive Transfer-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 31 Jul 2023 01:31:55 GMT
Expires: Mon, 31 Jul 2023 01:31:55 GMT
Pragma: no-cache
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Status: STALE

GET
H/1.1 200
OK style.css
www.ntdtv.com/assets/themes/ntd/ 2 KB
2 KB 192ms
192ms Stylesheet
text/css 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/style.css?ver=20190424

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

59506d5c3f15e0d9a46f47d18516d66b30936854eaee426a47821f32e2cb73cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 899
Pragma: no-cache
Last-Modified: Tue, 25 Apr 2023 16:40:58 GMT
Server: nginx/1.12.2
ETag: W/"6448029a-772"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:55 GMT

GET
H/1.1 200
OK global.css
www.ntdtv.com/assets/themes/ntd/css/ 16 KB
5 KB 761ms
748ms Stylesheet
text/css 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

b33dabc45ed56acdbaea6b9dc6ad05e7a886def4adf52ec0854f04f4bf593f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 4795
Pragma: no-cache
Last-Modified: Thu, 11 May 2023 14:19:14 GMT
Server: nginx/1.12.2
ETag: W/"645cf962-3fe5"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK genericons.css
www.ntdtv.com/assets/themes/ntd/css/genericons/ 40 KB
26 KB 943ms
924ms Stylesheet
text/css 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

8293680d98f41e221b3e344fee477d8951fde8a92c24dd4c7229266a97b8299c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 25773
Pragma: no-cache
Last-Modified: Sat, 26 Oct 2019 17:51:19 GMT
Server: nginx/1.12.2
ETag: W/"5db48797-a08c"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK single.css
www.ntdtv.com/assets/themes/ntd/css/ 19 KB
5 KB 788ms
748ms Stylesheet
text/css 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/css/single.css?ver=20210917

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

d54a0efb531889c852c5ed1466e5f5dfaeaef2f3cdfb34ba8312d95d6b12ab3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 4071
Pragma: no-cache
Last-Modified: Fri, 17 Sep 2021 18:45:38 GMT
Server: nginx/1.12.2
ETag: W/"6144e252-4ce1"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
87 KB 49ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-962LDZH4HM

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

488827c62b3d0d9238fe43e92dba59b602e110fb511d9dbb995f48254c80f25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK logo_ntd.png
www.ntdtv.com/assets/themes/ntd/images/logo/ 29 KB
29 KB 7ms
7ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/logo/logo_ntd.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

d3271d8526d35e55c39bef7a16c78d55b1f6410b22bc84e83aeae8a8de199488

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 29296
Last-Modified: Tue, 26 Feb 2019 17:17:05 GMT
Server: nginx/1.12.2
ETag: "5c757491-7270"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22412575
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 15 Apr 2024 11:14:51 GMT

GET
H/1.1 200
OK logo_ntd_amp.png
www.ntdtv.com/assets/themes/ntd/images/logo/ 18 KB
18 KB 14ms
7ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/logo/logo_ntd_amp.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

25d8b81f13a628989817a00625bf8e79f7390de1805045e32e675df74f314c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 17925
Last-Modified: Fri, 26 Apr 2019 20:41:41 GMT
Server: nginx/1.12.2
ETag: "5cc36d05-4605"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=24356656
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 07 May 2024 23:16:12 GMT

GET
H/1.1 200
OK 47645b60-3d89-4b4a-a90b-d4173831ac2d Show response
vs1.youmaker.com/assets/player/ 7 KB
3 KB 209ms
90ms Script
application/json 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 9b139bd5626a7338b220477f7436ba773ae4f7c9292c31b16f5416026b081092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 2786

GET
H/1.1 200
OK white.png
www.ntdtv.com/assets/themes/ntd/images/ 95 B
842 B 20ms
7ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 95
Last-Modified: Tue, 05 Jun 2018 22:44:20 GMT
Server: nginx/1.12.2
ETag: "5b171244-5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22469721
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 16 Apr 2024 03:07:17 GMT

GET
H/1.1 200
OK logo_ntd_small.png
www.ntdtv.com/assets/themes/ntd/images/logo/ 4 KB
5 KB 13ms
8ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/logo/logo_ntd_small.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

e7cad8f4ce788667b681e878fd52f5a63c2465e7f1c6a11666bf81de9a4b8ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 4240
Last-Modified: Tue, 26 Feb 2019 17:17:05 GMT
Server: nginx/1.12.2
ETag: "5c757491-1090"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22469712
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 16 Apr 2024 03:07:08 GMT

GET
H/1.1 200
OK jquery-all.min.js Show response
www.ntdtv.com/assets/themes/ntd/js/ 103 KB
37 KB 194ms
193ms Script
application/javascript 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

38cbe66f94798e6d75a449709d7d8fe96d6ebf31af68cb95540b9d6da91b1a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1295244
Pragma: no-cache
Last-Modified: Fri, 09 Oct 2020 20:07:32 GMT
Server: nginx/1.12.2
ETag: W/"5f80c304-19c6d"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK bottom.js Show response
www.ntdtv.com/assets/themes/ntd/js/ 29 KB
9 KB 196ms
195ms Script
application/javascript 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/js/bottom.js?ver=20220915

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

c5c9925cbd947e52bb8f403143c9e962fb4897be59e486f2db0c75dcd70fd74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 8229
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:48:47 GMT
Server: nginx/1.12.2
ETag: W/"6323819f-740a"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK article_ads.js Show response
www.ntdtv.com/assets/themes/ntd/js/ 25 KB
7 KB 196ms
195ms Script
application/javascript 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/js/article_ads.js?ver=20220915

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

8c49d453f88f6c88c8d4518e3ce3d575764c46d27be613c29c0409d0956769aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 6005
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:48:47 GMT
Server: nginx/1.12.2
ETag: W/"6323819f-63de"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
44 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5777RW

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f05a25d3c11fb288c27e8ca9ff84e4810a9d434fb1b57aa0b0c1f186dbb7a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44872
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK icon_fb.png
www.ntdtv.com/assets/themes/ntd/images/ 19 KB
20 KB 7ms
7ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/icon_fb.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

8a2758409b7d225ffc38895f6048b8110500b6bbdca4f34fc0e8856480cdf275

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 19486
Last-Modified: Sat, 26 Oct 2019 17:51:19 GMT
Server: nginx/1.12.2
ETag: "5db48797-4c1e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22180619
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Fri, 12 Apr 2024 18:48:55 GMT

GET
H/1.1 200
OK icon_twitter.png
www.ntdtv.com/assets/themes/ntd/images/ 20 KB
21 KB 10ms
7ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/icon_twitter.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

a484754a857b3ea7105fcb2d7b2a35eda49bf86c1e22973c48d75bfca67d503b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 20279
Last-Modified: Sat, 26 Oct 2019 17:51:19 GMT
Server: nginx/1.12.2
ETag: "5db48797-4f37"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22394119
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 15 Apr 2024 06:07:15 GMT

GET
H/1.1 200
OK icon_youtube.png
www.ntdtv.com/assets/themes/ntd/images/ 719 B
1 KB 10ms
6ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/icon_youtube.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

489582e266a3b5486e998e8bb66c1c129b6458e52eaff33dbca92660185a5728

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/assets/themes/ntd/css/global.css?ver=20220511
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 719
Last-Modified: Tue, 26 Feb 2019 17:17:05 GMT
Server: nginx/1.12.2
ETag: "5c757491-2cf"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22469713
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 16 Apr 2024 03:07:09 GMT

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ef293e035fecf8e3d222cb1787b3c179cb83beef535c09aedfeffeff3ee9f51

Request headers

Referer
Origin: https://www.ntdtv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK vplayer.css
vs1.youmaker.com/assets/css/ 38 KB
10 KB 8ms
7ms Stylesheet
text/css 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/css/vplayer.css?ver=15.2
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 220219f0c86902611683b2edbeef619e7e74879cd0339e96859ced2f8f254630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29309036
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 9890

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 345 KB
120 KB 69ms
27ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121900
x-xss-protection: 0
expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK epochplayer7.min.js Show response
vs1.youmaker.com/assets/js/ 563 KB
158 KB 16ms
7ms Script
application/javascript 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22878867
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 161198

GET
H/1.1 200
OK vplayer.min.js Show response
vs1.youmaker.com/assets/js/ 28 KB
10 KB 20ms
7ms Script
application/javascript 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/vplayer.min.js?ver=15.2
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: ce323aa953ae069b9da58d3a6d9f9e132a21abfc4c90930f15ece4938a76bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22014666
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 9161

GET
H/1.1 200
OK epochplayer7.ads.min.js Show response
vs1.youmaker.com/assets/js/ 61 KB
14 KB 20ms
7ms Script
application/javascript 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/js/epochplayer7.ads.min.js
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/player/47645b60-3d89-4b4a-a90b-d4173831ac2d?r=1280x720&cat=program/prog301/prog1244/prog1288&autostart=true&mute=false&api=7&logo=true&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&poster=https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29104385
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 13661

GET
H/1.1 200
OK white.png
www.ntdtv.com/assets/themes/ntd/images/ 95 B
842 B 7ms
6ms Image
image/png 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntdtv.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 95
Last-Modified: Tue, 05 Jun 2018 22:44:20 GMT
Server: nginx/1.12.2
ETag: "5b171244-5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=22469721
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 16 Apr 2024 03:07:17 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 23:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6131
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 31 Jul 2023 01:49:45 GMT

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 74ms
8ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 07 Aug 2023 01:31:56 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 44ms
7ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:24:04 GMT
content-encoding: gzip
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 11272
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: P7VSf6Yur1yggHMWDw82SJVA-1Be3V3mpHQmX9BUJ92Pd5dPnk27zA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
87 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-962LDZH4HM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5777RW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

561c87d5e8e3dc398e400ffa7a179f2d2b380570ed2867045160abb061cfbb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 01:31:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 45ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-962LDZH4HM&gtm=45je37q0&_p=210898461&_gaz=1&cid=1681493397.1690767117&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690767116&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&dr=https%3A%2F%2Freurl.cc%2F&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.author_id=5-auto&ep.author_name=auto&ep.category_ids=prog1288-1288%3Bprog115-115%3Bprog1244-1244%3Bprog301-301%3Bnews-200%3Bprog14-14%3Bprog212-212%3Bprogram-300&ep.category_names=%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E5%A4%A7%E7%BA%BD%E7%BA%A6%3B%E6%96%B0%E5%94%90%E4%BA%BA%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E6%96%B0%E8%81%9E%E8%A6%96%E9%A0%BB%3B%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E8%A6%96%E9%A0%BB%E7%AF%80%E7%9B%AE&ep.page_type=post&ep.post_id=103736362&ep.primary_category=category-1288-%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E&ep.publish_date=20230623&ep.tags_slugs=mt0%E5%A4%A7%E6%A8%93%3B%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8C%3B%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%3B%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0&ep.term_ids=front-single-news-hosted-391574%3Bnewsletter-news-421939%3Bfront-instant-news-1751%3Bfront-headlines-1759%3Bfront-daily-headlines-1756&ep.updated_date=20230623
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-962LDZH4HM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
73 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-962LDZH4HM&cid=1681493397.1690767117&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-962LDZH4HM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-962LDZH4HM&cid=1681493397.1690767117&gtm=45je37q0&aip=1&z=188511943

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=210898461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&dr=https%3A%2F%2Freurl.cc%2F&ul=en-us&de=UTF-8&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1711056641&gjid=629189468&cid=1681493397.1690767117&tid=UA-15555792-1&_gid=1714298271.1690767117&_r=1&_slc=1&cd1=category-1288-%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E&cd2=5-auto&cd3=%3Bprog1288-1288%3Bprog115-115%3Bprog1244-1244%3Bprog301-301%3Bnews-200%3Bprog14-14%3Bprog212-212%3Bprogram-300%3B&cd4=%3Bfront-single-news-hosted-391574%3Bnewsletter-news-421939%3Bfront-instant-news-1751%3Bfront-headlines-1759%3Bfront-daily-headlines-1756%3B&cd5=103736362&cd6=auto&cd7=%3B%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E5%A4%A7%E7%BA%BD%E7%BA%A6%3B%E6%96%B0%E5%94%90%E4%BA%BA%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E6%96%B0%E8%81%9E%E8%A6%96%E9%A0%BB%3B%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E8%A6%96%E9%A0%BB%E7%AF%80%E7%9B%AE%3B&cd8=20230623&cd9=20230623&cd10=941&cd11=%3Bmt0%E5%A4%A7%E6%A8%93%3B%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8C%3B%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%3B%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%3B&cd12=post&z=903982271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

35635de9b4a952c6658473ba73f5212941f9b91c1e8fc3a5e6849970001d868b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id103736379-2306221425261973-800x450.jpg
i.ntdtv.com/assets/uploads/2023/06/ 71 KB
72 KB 876ms
794ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/06/id103736379-2306221425261973-800x450.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 4fe7dd0baea47aad045c280b140ab72f66fa411c2f5c06562e85e136c0d82b38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 72600
Last-Modified: Fri, 23 Jun 2023 00:47:19 GMT
Server: LiteSpeed
ETag: "11b98-6494eb97-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31535976
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 30 Jul 2024 01:31:33 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9

Request headers

Referer
Origin: https://www.ntdtv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15555792-1&cid=1681493397.1690767117&jid=1711056641&gjid=629189468&_gid=1714298271.1690767117&_u=YADAAEAAAAAAACAAI~&z=2110073210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 31 Jul 2023 01:31:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PN3NJZ2HR9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2995e079dafc5e698f2cc58381b26bacfe19e6ccb036737bf4e513e58abe9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 01:31:56 GMT

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/ 678 B
990 B 273ms
250ms XHR
application/x-mpegurl 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/playlist.m3u8
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: bfc9a6e2d7ec01165c867b7615653bd042333f684b57fa468b9d99863dbb6a31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Cdn-Cache-Control: no-store
Content-Length: 241
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=10
Access-Control-Allow-Credentials: true
Akamai-Cache-Control: max-age=10,must-revalidate
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15555792-1&cid=1681493397.1690767117&jid=1711056641&_u=YADAAEAAAAAAACAAI~&z=995372486

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15555792-1&cid=1681493397.1690767117&jid=1711056641&_u=YADAAEAAAAAAACAAI~&z=995372486

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK cfc107b5-3f0d-44f7-aea9-7a2a4390b24e
https://www.ntdtv.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntdtv.com/cfc107b5-3f0d-44f7-aea9-7a2a4390b24e
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK fd00f1bb-904e-4395-893a-5c5145d03b81
https://www.ntdtv.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntdtv.com/fd00f1bb-904e-4395-893a-5c5145d03b81
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 6ac28ff7-d88c-4461-bdf5-116cbb8d5c17
https://www.ntdtv.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntdtv.com/6ac28ff7-d88c-4461-bdf5-116cbb8d5c17
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 9ms
8ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690767116962&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&c8=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&c9=https%3A%2F%2Freurl.cc%2F
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:56 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Est-9T1NKeBUY2dC-Gn8LIDgAeO_9HDdaawzQH8VVZKYzB2Y-78Okw==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-W-wBh8L-4E88u.js Show response
rules.quantcount.com/ 3 B
448 B 39ms
6ms Script
application/javascript 2600:9000:223c:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-W-wBh8L-4E88u.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 02:18:28 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 83629
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:39:02 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: G64Z2rlAVsr5imT1HAHTMm84QkbHxRwdQJtfxiYFhuemfdMTP7KH2Q==

GET
H2 200 subtitle Show response
www.youmaker.com/v1/api/video/ 35 B
236 B 164ms
119ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/v1/api/video/subtitle?systemid=47645b60-3d89-4b4a-a90b-d4173831ac2d
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H/1.1 200
OK timeline_thumbnail_0.jpg Show response
vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/ 0
614 B 119ms
107ms XHR
image/jpeg 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/timeline_thumbnail_0.jpg
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Server: nginx/1.20.1
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535973
Access-Control-Allow-Credentials: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PN3NJZ2HR9&gtm=45je37q0&_p=210898461&ul=en-us&sr=1600x1200&cid=1681493397.1690767117&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhAI&_s=1&dl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&dr=https%3A%2F%2Freurl.cc%2F&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&sid=1690767116&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=category-1288-%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E&ep.ua_dimension_2=5-auto&ep.ua_dimension_3=%3Bprog1288-1288%3Bprog115-115%3Bprog1244-1244%3Bprog301-301%3Bnews-200%3Bprog14-14%3Bprog212-212%3Bprogram-300%3B&ep.ua_dimension_4=%3Bfront-single-news-hosted-391574%3Bnewsletter-news-421939%3Bfront-instant-news-1751%3Bfront-headlines-1759%3Bfront-daily-headlines-1756%3B&ep.ua_dimension_5=103736362&ep.ua_dimension_6=auto&ep.ua_dimension_7=%3B%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E5%A4%A7%E7%BA%BD%E7%BA%A6%3B%E6%96%B0%E5%94%90%E4%BA%BA%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E6%96%B0%E8%81%9E%E8%A6%96%E9%A0%BB%3B%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E8%A6%96%E9%A0%BB%E7%AF%80%E7%9B%AE%3B&ep.ua_dimension_8=20230623&ep.ua_dimension_9=20230623&ep.ua_dimension_10=941&ep.ua_dimension_11=%3Bmt0%E5%A4%A7%E6%A8%93%3B%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8C%3B%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%3B%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%3B&ep.ua_dimension_12=post
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PN3NJZ2HR9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PN3NJZ2HR9&gtm=45je37q0&_p=210898461&ul=en-us&sr=1600x1200&cid=1681493397.1690767117&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&dr=https%3A%2F%2Freurl.cc%2F&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&sid=1690767116&sct=1&seg=0&cu=USD&en=pv&_c=1&ep.ua_dimension_1=category-1288-%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E&ep.ua_dimension_2=5-auto&ep.ua_dimension_3=%3Bprog1288-1288%3Bprog115-115%3Bprog1244-1244%3Bprog301-301%3Bnews-200%3Bprog14-14%3Bprog212-212%3Bprogram-300%3B&ep.ua_dimension_4=%3Bfront-single-news-hosted-391574%3Bnewsletter-news-421939%3Bfront-instant-news-1751%3Bfront-headlines-1759%3Bfront-daily-headlines-1756%3B&ep.ua_dimension_5=103736362&ep.ua_dimension_6=auto&ep.ua_dimension_7=%3B%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E5%A4%A7%E7%BA%BD%E7%BA%A6%3B%E6%96%B0%E5%94%90%E4%BA%BA%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E%3B%E6%96%B0%E8%81%9E%E8%A6%96%E9%A0%BB%3B%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E6%B5%B7%E5%A4%96%E8%8F%AF%E4%BA%BA%3B%E8%A6%96%E9%A0%BB%E7%AF%80%E7%9B%AE%3B&ep.ua_dimension_8=20230623&ep.ua_dimension_9=20230623&ep.ua_dimension_10=941&ep.ua_dimension_11=%3Bmt0%E5%A4%A7%E6%A8%93%3B%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8C%3B%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%3B%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%3B&ep.ua_dimension_12=post&epn.value=0&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PN3NJZ2HR9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1085463763;rf=0;a=p-W-wBh8L-4E88u;url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html;ref=https%3A%2F%2Freurl.cc%2F;uht=2;fpan=1;fpa=P0-1841858435-1690767116965;pbc=;ns=...
pixel.quantserve.com/ 35 B
371 B 21ms
8ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1085463763;rf=0;a=p-W-wBh8L-4E88u;url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html;ref=https%3A%2F%2Freurl.cc%2F;uht=2;fpan=1;fpa=P0-1841858435-1690767116965;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=ntdtv.com;dst=0;et=1690767117027;tzo=0;ogl=locale.zh_TW%2Ctype.article%2Ctitle.%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%2Cdescription.%E9%80%B1%E5%9B%9B%EF%BC%8C%E5%9C%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E7%9A%84%E6%A9%99%E7%B8%A3%E4%B8%AD%E5%9F%8E%EF%BC%8C%E3%80%8C%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8C%E3%80%8D%E9%AB%98%E7%A7%91%E6%8A%80%E5%B9%B3%E5%8F%B0%E5%85%AC%E5%8F%B8%E7%9A%84%E6%96%B0%E7%B8%BD%E9%83%A8%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%B9%95%EF%BC%8C%E7%B4%90%E7%B4%84%E6%94%BF%E8%A6%81%E8%92%9E%E8%87%A8%E8%A4%92%E7%8D%8E%EF%BC%8C%E4%BE%86%E7%9C%8B%E8%A8%98%E8%80%85%E7%9A%84%E5%A0%B1%E5%B0%8E%E3%80%82%2Curl.https%3A%2F%2Fwww%252Entdtv%252Ecom%2Fb5%2F2023%2F06%2F23%2Fa103736362%252Ehtml%2Csite_name.www%252Entdtv%252Ecom%2Cupdated_time.2023-06-23T22%3A18%3A34%2B08%3A00%2Cimage.https%3A%2F%2Fi%252Entdtv%252Ecom%2Fassets%2Fuploads%2F2023%2F06%2Fid103736379-2306221425261973-800x450%252E;ses=c5cd5c64-ebaa-4f75-8810-919da03eb736;mdl=

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 3 KB
1 KB 185ms
136ms Script
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntdtv.com&https=1

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/js/article_ads.js?ver=20220915

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0cb508d558cc7b6be7d0b20728e15d3cbaac7478d5c7e38b6a235a09c039b618

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 31 Jul 2023 01:31:57 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1173
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H/1.1 200
OK prebid.js Show response
www.ntdtv.com/assets/themes/m-ntd/js/ads/ 236 KB
75 KB 193ms
193ms Script
application/javascript 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/js/article_ads.js?ver=20220915

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

f5fa1444ddc4e15efcdcb8a1f37b1ae257c4f8a701dc737aad3b545df1288280

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1295244
Pragma: no-cache
Last-Modified: Mon, 16 Nov 2020 15:50:56 GMT
Server: nginx/1.12.2
ETag: W/"5fb29fe0-3ae1f"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H/1.1 200
OK articlecomments.js Show response
www.ntdtv.com/assets/themes/ntd/js/ 22 KB
15 KB 378ms
377ms XHR
application/javascript 2.19.126.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntdtv.com/assets/themes/ntd/js/articlecomments.js

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-197.deploy.static.akamaitechnologies.com

Software

nginx/1.12.2 /

Resource Hash

ee1f7b4dcefe3c544dd06bd87084742d9a1e7469750ef876561bcdee63bd2261

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1295244
Content-Length: 14303
Pragma: no-cache
Last-Modified: Sat, 15 Dec 2018 16:34:47 GMT
Server: nginx/1.12.2
ETag: W/"5c152d27-58bf"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 105 KB
37 KB 60ms
7ms Script
application/javascript 184.31.93.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/VLzovb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-93-220.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 758404fbe7e8bcefea4afca02c918d61efc49b9071a7e703ac54b1343f01bcde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: FU9YQJ5BEtUuSSwSg_DV8GrlSCuLbnKh
content-encoding: gzip
date: Mon, 31 Jul 2023 01:31:57 GMT
last-modified: Thu, 27 Jul 2023 07:41:17 GMT
server: nginx/1.20.0
x-amz-request-id: KV5H8CPR7MJ4FQYT
etag: "4f581dd0dcd9f7e391092729e38e51a5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=85106
accept-ranges: bytes
content-length: 37472
x-amz-id-2: NURiQj9Kg794jTEIKbcZMTiLUtc38UeSMgo4b21tIYPnkA0fb8Vfa6BtY53sO7iJ/v2fdqy0Iis=

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK id103733187-511-1000x250.png
i.ntdtv.com/assets/uploads/2023/06/ 146 KB
147 KB 30ms
8ms Image
image/png 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/06/id103733187-511-1000x250.png
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 3e2fe26bdf82fde60747b968ff3a414de605b01613b97f0a44d46162cdaca916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 149961
Last-Modified: Sat, 17 Jun 2023 06:56:56 GMT
Server: LiteSpeed
ETag: "249c9-648d5938-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=30721075
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 20 Jul 2024 15:09:52 GMT

GET
H/1.1 200
OK id103753877-F1uV0eHWwAEAVph-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 20 KB
20 KB 29ms
7ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103753877-F1uV0eHWwAEAVph-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 2f29739f378036171a5ef28efa038a205f3298d7e81a5e8ad51968fb34d04640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 20022
Last-Modified: Sun, 23 Jul 2023 17:40:49 GMT
Server: LiteSpeed
ETag: "4e36-64bd6621-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=30905062
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 22 Jul 2024 18:16:19 GMT

GET
H/1.1 200
OK id103754700-ed1d7f000b1eb1e77cff677b57507e1b-800x450-1-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 9 KB
10 KB 43ms
11ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103754700-ed1d7f000b1eb1e77cff677b57507e1b-800x450-1-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 34e9c29bfc3c6b3f65788b70ff315d7dc05a619b79ef4ef0f93b105c3261e213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 9071
Last-Modified: Tue, 25 Jul 2023 03:41:27 GMT
Server: LiteSpeed
ETag: "236f-64bf4467-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31053860
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Wed, 24 Jul 2024 11:36:17 GMT

GET
H/1.1 200
OK id103756802-GettyImages-1066050766-1-800x450-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 8 KB
9 KB 50ms
7ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103756802-GettyImages-1066050766-1-800x450-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 09b82d32c0de32ba6968314e839854186ecc65c49fffbaaa6363914c8e8f966e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 8645
Last-Modified: Fri, 28 Jul 2023 02:59:34 GMT
Server: LiteSpeed
ETag: "21c5-64c32f16-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31283131
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 27 Jul 2024 03:17:28 GMT

GET
H/1.1 200
OK id103756223-GettyImages-1406124991-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 13 KB
14 KB 51ms
7ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103756223-GettyImages-1406124991-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 9f4e3469e4f1d2610135ce7b5e4b384fbd6364d61795b5388156e12e3246e6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 13472
Last-Modified: Thu, 27 Jul 2023 08:37:18 GMT
Server: LiteSpeed
ETag: "34a0-64c22cbe-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31217216
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Fri, 26 Jul 2024 08:58:53 GMT

GET
H/1.1 200
OK id103755078-GettyImages-1158819660-crop-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 13 KB
14 KB 20ms
7ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103755078-GettyImages-1158819660-crop-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 1d4af10fa91fc14c6e5e6c338ab4fc39f4171f076425aee50af12fc91d980739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 13663
Last-Modified: Tue, 25 Jul 2023 16:27:48 GMT
Server: LiteSpeed
ETag: "355f-64bff804-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31071397
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Wed, 24 Jul 2024 16:28:34 GMT

GET
H/1.1 200
OK id103757278-youtube-copy-600x338.jpg
i.ntdtv.com/assets/uploads/2023/07/ 46 KB
46 KB 13ms
7ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103757278-youtube-copy-600x338.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 61d6c03167654afe11c674165eb9712318181b11714e8d6159cc1cd6184a1d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 46853
Last-Modified: Fri, 28 Jul 2023 21:51:29 GMT
Server: LiteSpeed
ETag: "b705-64c43861-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31451206
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 29 Jul 2024 01:58:43 GMT

GET
H2 206 video_1080p.mp4
vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/ 39 KB
0 102ms
21ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/video_1080p.mp4
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Referer: https://www.ntdtv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1690767117.cds240.lo4.hn,1690767117.cds276.lo4.c
content-type: video/mp4
Content-Range: bytes 0-6291940/6291941
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 6291941

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/ntdtv.com%2Fb5/ 841 B
1 KB 826ms
269ms Script
text/javascript 3.35.121.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ntdtv.com%2Fb5/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.35.121.183 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-121-183.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a127eef0775c11e5bd208b991599eaffae399647b2b080a4dd2a565f838d1133

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"349-07GrNusc2rH1KFf2Izw5AyKVzRI"
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK playlist.m3u8 Show response
vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/hls_480p/ 867 B
1 KB 309ms
309ms XHR
application/x-mpegurl 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/hls_480p/playlist.m3u8
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 5a367918bc6af3e550b8e0087a04a9f788df03a085fca8cf6263678597cfd44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1194989
Cdn-Cache-Control: no-store
Content-Length: 298
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: must-revalidate, max-age=10
Access-Control-Allow-Credentials: true
Akamai-Cache-Control: max-age=10,must-revalidate
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 206 video_1080p.mp4
vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/ 64 KB
65 KB 53ms
52ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/video_1080p.mp4
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: dbdd0a2db07ea319da0a8650670d12b3220336ecf83e8c17175917fa77bda767

Request headers

Referer: https://www.ntdtv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=6225920-

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1690767117.cds240.lo4.hn,1690767117.cds276.lo4.c
content-type: video/mp4
Content-Range: bytes 6225920-6291940/6291941
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 66021

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntdtv.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c30b65144045c8117696fac943345ac7170b607d199c4d278bde2566ff7b685f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27901
x-xss-protection: 0
server: cafe
etag: 900 / 19569 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 log
hblg.media.net/ 35 B
191 B 294ms
236ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&r=1004&cid=8CUBNN02K&m=4&pid=&svr=072810_700&abte=SSP_CLIENT&dn=www.ntdtv.com&requrl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 206 video_1080p.mp4
vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/ 4 MB
0 23ms
23ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/a2867ee0-1971-4a90-6fd1-a8b02e7d7834/video_1080p.mp4
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Referer: https://www.ntdtv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=32768-

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1690767117.cds240.lo4.hn,1690767117.cds276.lo4.c
content-type: video/mp4
Content-Range: bytes 32768-6291940/6291941
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 6259173

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 21:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14495
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 29 Jul 2024 21:30:22 GMT

GET
H/1.1 200
OK id103757679-maxresdefault-1-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 7 KB
8 KB 11ms
10ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103757679-maxresdefault-1-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: 4b9e1c635ab05b1b0b8561156459ab7b7f05a5ad6d1134831632b11c77b8f9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 7006
Last-Modified: Sat, 29 Jul 2023 18:11:31 GMT
Server: LiteSpeed
ETag: "1b5e-64c55653-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31450353
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Mon, 29 Jul 2024 01:44:30 GMT

GET
H/1.1 200
OK id103757286-Screenshot-2023-07-29-063526-crop-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 4 KB
5 KB 10ms
9ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103757286-Screenshot-2023-07-29-063526-crop-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: f268760d8d33de5e13fd73e5682667ac6eba4365a60676bf49e6a7c2e4b16a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 4555
Last-Modified: Fri, 28 Jul 2023 22:36:46 GMT
Server: LiteSpeed
ETag: "11cb-64c442fe-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31354382
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 27 Jul 2024 23:04:59 GMT

GET
H/1.1 200
OK id103757271-1-192x108.jpg
i.ntdtv.com/assets/uploads/2023/07/ 6 KB
7 KB 11ms
10ms Image
image/jpeg 2.19.126.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ntdtv.com/assets/uploads/2023/07/id103757271-1-192x108.jpg
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-209.deploy.static.akamaitechnologies.com
Software: LiteSpeed /
Resource Hash: ff4e8fbee7c62563e701d2f055cbe59354ec56d7ba999f2b33ae63d3ed72ec6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1292585
Content-Length: 6188
Last-Modified: Fri, 28 Jul 2023 21:35:47 GMT
Server: LiteSpeed
ETag: "182c-64c434b3-0;;;"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31351851
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 27 Jul 2024 22:22:48 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 34ms
17ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19924
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8nfcER1OeuwtaqQdaOUFPXhEBSIoCKo55mvwaBbieVDNjU8o%2BecHkR2oyxI4WfFnfQN4wIZQLxEEXelYnV1s01qCaVLTDdYg2ze%2BsnzQzfWgus%2BDjrE00yRiGG3RCSuJvYUnpEaUbvwvBQnoeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ef215b3996803d8-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 56ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EYAFV55K4BXD4QAJ
age: 752
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ef215b3c99a3627-FRA
x-amz-id-2: whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 74ms
38ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 01 Aug 2023 01:31:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 37ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 82657
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: v5Lasc9oAYhH7JLEmf8qmFYil-0C7ymmxxUgbgtPOxPiRKPrHXvQ_A==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 47ms
9ms Script
text/javascript 2600:9000:2250:fe00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fe00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 31 Jul 2023 01:26:26 GMT
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 332
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: xzxkMAv8Oogdpd27tif4lGk3BoFVvOAwpr56gHoUQnpUf8WB9bmCeA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 723 B
403 B 37ms
36ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876505896341082&correlator=1692208297249429&eid=31072020%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=37445998%2CNTDtv_cn_relative_article&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x25%7C500x25&ifi=1&adks=259550665&didk=2951025673&sfv=1-0-40&eri=1&cust_params=NTD_category%3Dntd_prog1288-1288%252Cntd_prog115-115%252Cntd_prog1244-1244%252Cntd_prog301-301%252Cntd_news-200%252Cntd_prog14-14%252Cntd_prog212-212%252Cntd_program-300%252Cntd_front-single-news-hosted-391574%252Cntd_newsletter-news-421939%252Cntd_front-instant-news-1751%252Cntd_front-headlines-1759%252Cntd_front-daily-headlines-1756%26site%3Dwww.ntdtv.com%252Cntdtv.com&sc=1&cookie_enabled=1&abxe=1&dt=1690767117383&lmt=1690767117&adxs=300&adys=2175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&frm=20&vis=1&psz=675x2696&msz=320x0&fws=128&ohw=0&ga_vid=1681493397.1690767117&ga_sid=1690767117&ga_hid=210898461&ga_fc=true&dlt=1690767115723&idt=1619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b3698cebaff99d011c1ec18557706e479d4812553ee3a6517d8204383dfe23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 222B 6 KB
3 KB 97ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:57 GMT
expires: Tue, 30 Jul 2024 01:31:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 137ms
136ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876505896341082&correlator=1692208297249429&eid=31072020%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=5965368%2CNTDtv_article_wallpaper&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2841358482&didk=284362330&sfv=1-0-40&eri=1&cust_params=NTD_category%3Dntd_prog1288-1288%252Cntd_prog115-115%252Cntd_prog1244-1244%252Cntd_prog301-301%252Cntd_news-200%252Cntd_prog14-14%252Cntd_prog212-212%252Cntd_program-300%252Cntd_front-single-news-hosted-391574%252Cntd_newsletter-news-421939%252Cntd_front-instant-news-1751%252Cntd_front-headlines-1759%252Cntd_front-daily-headlines-1756%26site%3Dwww.ntdtv.com%252Cntdtv.com&sc=1&cookie_enabled=1&abxe=1&dt=1690767117402&lmt=1690767117&adxs=0&adys=4452&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&frm=20&vis=1&psz=1600x4452&msz=1600x0&fws=0&ohw=0&ga_vid=1681493397.1690767117&ga_sid=1690767117&ga_hid=210898461&ga_fc=true&dlt=1690767115723&idt=1619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6ec5ffb7c7817b73608c16ff03fe83151bdb3377405aaa8a8f86edf28b9436c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12537
x-xss-protection: 0
google-lineitem-id: 6317402346
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138436497272
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 552 B
306 B 39ms
38ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876505896341082&correlator=760662852120734&eid=31072020%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=37445998%2CNTDtv_cn_roadblock_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C900x600%7C336x280%7C300x600%7C600x400%7C970x250&ifi=3&adks=3656176146&didk=2444062702&sfv=1-0-40&eri=1&cust_params=NTD_category%3Dntd_prog1288-1288%252Cntd_prog115-115%252Cntd_prog1244-1244%252Cntd_prog301-301%252Cntd_news-200%252Cntd_prog14-14%252Cntd_prog212-212%252Cntd_program-300%252Cntd_front-single-news-hosted-391574%252Cntd_newsletter-news-421939%252Cntd_front-instant-news-1751%252Cntd_front-headlines-1759%252Cntd_front-daily-headlines-1756%26site%3Dwww.ntdtv.com%252Cntdtv.com&sc=1&cookie_enabled=1&abxe=1&dt=1690767117407&lmt=1690767117&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1681493397.1690767117&ga_sid=1690767117&ga_hid=210898461&ga_fc=true&dlt=1690767115723&idt=1619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c90166bdf9fe6cfb6eb88a22b02c0146d4f0486290940acf52ac4f8bffd1692a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
40 KB 257ms
257ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876505896341082&correlator=760662852120734&eid=31072020%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=5965368%2CNTDtv_cn_article_native_right_320x120&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x120%7C250x72&ifi=4&adks=2211854620&didk=2443230526&sfv=1-0-40&eri=1&cust_params=NTD_category%3Dntd_prog1288-1288%252Cntd_prog115-115%252Cntd_prog1244-1244%252Cntd_prog301-301%252Cntd_news-200%252Cntd_prog14-14%252Cntd_prog212-212%252Cntd_program-300%252Cntd_front-single-news-hosted-391574%252Cntd_newsletter-news-421939%252Cntd_front-instant-news-1751%252Cntd_front-headlines-1759%252Cntd_front-daily-headlines-1756%26site%3Dwww.ntdtv.com%252Cntdtv.com&sc=1&cookie_enabled=1&abxe=1&dt=1690767117428&lmt=1690767117&adxs=1000&adys=584&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&frm=20&vis=1&psz=300x-1&msz=320x-1&fws=128&ohw=0&ga_vid=1681493397.1690767117&ga_sid=1690767117&ga_hid=210898461&ga_fc=true&dlt=1690767115723&idt=1619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b157f13dd06e1b5262a60d36a868d52274f16b87099cf3482d0a35dda23fa31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40479
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 40ms
8ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ntdtv.com
date: Mon, 31 Jul 2023 01:31:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 118ms
32ms XHR
application/json 34.251.163.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.163.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-163-198.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c68776948dd802d074f7bde7316d970db42bad3342bb43b907f5d05f5ae35a74

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache
x-server: 10.45.0.126
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 comments.php Show response
comments.ntdtv.com/ 319 B
622 B 423ms
369ms XHR
application/json 130.211.15.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://comments.ntdtv.com/comments.php?aid=103736362&offset=0&number=10000

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.15.150 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.15.211.130.bc.googleusercontent.com

Software

nginx /

Resource Hash

1503b9a3d86e2727c8679f41d4857684712f4f2efd63b9b2cdee0670f0c417a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 136 B
769 B 385ms
89ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FNTDtv_cn_article_Billboard_728x90%7C2e018ea3abe51%22%3A%22970x250%2C970x90%2C728x90%2C1000x250%22%7D&ref=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&s=85929c7f-3c45-45dc-b9db-dffbef6d00e9&pv=48810b91-dfaa-45c8-93a5-d3ebf80b0efe&vp=desktop&lib_name=prebid&lib_v=4.16.0&us=0&ius=1

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

6a44edbad6613d6160ac8ff42598afd84726d84043ce8d8d0f3f759dbe3a0c52

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-81
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.ntdtv.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 161
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
701 B 43ms
7ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

62a68515473d6907d530ab3f499f64563e5e3aeecef913ef94898f5779517bfa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
an-x-request-uuid: b0bd7df6-ff1c-4753-89bd-fe65ad58ea80
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 131 B
764 B 384ms
90ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FNTDtv_cn_article_top_728x90%7C649bf4b9e1953e%22%3A%22970x250%2C970x90%2C728x90%22%7D&ref=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&s=0deeeda1-2abf-4264-9334-4dc4c6dd9fb1&pv=48810b91-dfaa-45c8-93a5-d3ebf80b0efe&vp=desktop&lib_name=prebid&lib_v=4.16.0&us=0&ius=1

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

de2ede331d57ca0c304073e340507607b71033826495bfb743bb9fcb2e456d17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.ntdtv.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 156
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
700 B 42ms
7ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b8d3e1de3c4191a4427bb12e6562dfb4c150402b8515e18a0fc6ece6bf182a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
an-x-request-uuid: 2992e130-caab-4e60-b3f7-8affb481e900
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 124 B
759 B 385ms
95ms XHR
application/json 69.166.1.14
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FNTDtv_cn_sticky_ads%7C105dc378dfdd566%22%3A%22300x250%2C300x600%22%7D&ref=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&s=38c034b6-45a2-4249-9406-a5614f5c895f&pv=48810b91-dfaa-45c8-93a5-d3ebf80b0efe&vp=desktop&lib_name=prebid&lib_v=4.16.0&us=0&ius=1

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

30971a1ca4cc5310a4f53c814620c9bb0d08f98e937994dccb2626aa1e24144b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-199
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.ntdtv.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 149
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 187ms
156ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

863f4058ba26c543181a5228413ef39472ad234963dff121497a5fcb1833eec7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
an-x-request-uuid: 8ed8c3f3-dc31-40a7-9d9e-c1aaceba1083
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FF04 15 KB
6 KB 41ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ntdtv.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ntdtv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 239269
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK out0000.ts Show response
vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/hls_480p/ 666 KB
667 KB 297ms
297ms XHR
video/mp2t 23.32.238.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs1.youmaker.com/assets/47645b60-3d89-4b4a-a90b-d4173831ac2d/hls_480p/out0000.ts
Requested by: Host: vs1.youmaker.com
URL: https://vs1.youmaker.com/assets/js/epochplayer7.min.js?ver=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-33.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: c4932b55a0a0078c3a2beb5b089571d86414f0a1ea466e9b723b2a951a86b99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:57 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535950
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Akamai-Mon-Iucid-Del: 1194989
Access-Control-Allow-Headers: origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2

200

sid Show response
mug.criteo.com/ Frame FF04
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ntdtv.com&sn=ChromeSyncframe&so=0&topUrl=www.ntdtv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tuXYnXxRdkN4MGRHTTE3UTJQbS9CL1RZTlhRaklIaE1vVTZNK295SVIyVXdLanM2SnQxcngvWC93M0krZFQ3RVRNMzJCTkI2Vm83WGxwQndGcmhINHNOazlic1REQUJJT1VoT0tlVlhvSjMwbnByekVmcG1QVUtIK0tYVE...

441 B
658 B

75ms
16ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tuXYnXxRdkN4MGRHTTE3UTJQbS9CL1RZTlhRaklIaE1vVTZNK295SVIyVXdLanM2SnQxcngvWC93M0krZFQ3RVRNMzJCTkI2Vm83WGxwQndGcmhINHNOazlic1REQUJJT1VoT0tlVlhvSjMwbnByekVmcG1QVUtIK0tYVEJINmdSUFExOTB5Rm5zVUhpOHc0cXNTYlFxN2x3WWcrVnQ2YU11S2ExTGhmZVMvVHh3VmJINEZZTGpCUVpuZDQ3TWhRdXRaS3V0WS9DbTB4bWo4YTNmZEQ4WmVIMkJOM2lwMW5oM2hEZEErVUgwUzJyUVI4b0VuazVDaGtRQ3RpblZmdUI0Z1IzTW9tbEVld2QyQTJ6cXFreUpzb0FFUT09fA&cppv=2

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5915830010bc69041cc577895687433e098a3b138f0dfff42844ad844602639d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1167825
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tuXYnXxRdkN4MGRHTTE3UTJQbS9CL1RZTlhRaklIaE1vVTZNK295SVIyVXdLanM2SnQxcngvWC93M0krZFQ3RVRNMzJCTkI2Vm83WGxwQndGcmhINHNOazlic1REQUJJT1VoT0tlVlhvSjMwbnByekVmcG1QVUtIK0tYVEJINmdSUFExOTB5Rm5zVUhpOHc0cXNTYlFxN2x3WWcrVnQ2YU11S2ExTGhmZVMvVHh3VmJINEZZTGpCUVpuZDQ3TWhRdXRaS3V0WS9DbTB4bWo4YTNmZEQ4WmVIMkJOM2lwMW5oM2hEZEErVUgwUzJyUVI4b0VuazVDaGtRQ3RpblZmdUI0Z1IzTW9tbEVld2QyQTJ6cXFreUpzb0FFUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1123818
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 510A 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzG0CHUNE1w2UlPFHCE18FoQPm3Nitg5xQGYqH5TQwRge1e4tPeb3rbkX916UMSn4EiiJxcljzpNpSuIwnP-g0QW6Y1ElOU4g8ol0T0C4Mk_6KhDwlO73KhQ_WJT4QidscKlkccxGpi8Lsbj7StfeJKoIC1pfvA4rnha6dc5LwIwxkJZ3cqA1RBk4C3rPFA7rKBsG2NsDA0qJ487On4uSp-bcyJBmR7OhvrHKJjamBVI67-4UptMkY4l9NCTcSW8y6i0PsTIgBt9s_BHSvOHZm8i2ZdauFOngTp3WHew6Y-5d5R_i8FPY5TMEq_6jyZ3IoZRWkldwhQ6hYtMgjHpDgfQmpBk745LLlUpo&sai=AMfl-YSeKkwSWR1qC75fS2JRBOyFxvHL6o-im_5HSbnvSHu6U35EfZHOk_wqUJJAswQYOZD00tzygoOyGzp8vDQh-wsbHVh9S4tHRXtvnNQOfmVXX4gtEgtK0sqQPAY0SrIyM1B5Ar-TzUI7_lpqlhaf&sig=Cg0ArKJSzJgYC0Ci2-cJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 510A 94 KB
33 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 18:55:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 510A 179 KB
57 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
DATA 200
OK truncated
/ Frame 510A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b6c3e202b612b28961a26934f17381fe082f2ce5560d0db8868298186df6d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12001249138596665383
tpc.googlesyndication.com/pimgad/ 98 KB
98 KB 35ms
13ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/12001249138596665383?

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b54caed3eaaaaa5dc03a996662f4d44a98712bb729e5dda6f44f1e5849093c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:09:10 GMT
x-content-type-options: nosniff
age: 98567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100553
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 22:41:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 22:09:10 GMT

GET
H2 200 13148874885857575186
tpc.googlesyndication.com/pimgad/ 99 KB
99 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/13148874885857575186?

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20a55197fb455b9141c43ffabb08b2907ed811a27beffc1e893e1b430b727038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:02 GMT
x-content-type-options: nosniff
age: 155755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100875
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 22:42:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:16:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 510A 0
0 58ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvtLXWqQiJxwPJHYe1vCVC_QzdfrZIzAxZGTL88limKYAqs_v2NpWEAy0owupeB4EPhFw_1bCRg9tjCc9rv9F5_cKNaNZ-3V8Fbp8_ZR1t2gMB3aZhbSAJiNFqK03xP_omxVRaNPNscchHqDyKfnXyiWFXAA0L8R9anW419tpNRTtdzwl2HzjTIjmwe4x5pCq5BB4RSZLusMjGOscx8-YMxqmRRdGc4ilvzrGVmMPEA5psje2UfaUMnBciEUDLUJYlYxH_kJkdMh0M0lGWa9oBCIMKn2BhU-laFg7HggI3UKZdzQI7TCv6LxFtXO7XlpiL8rCyaRa3qSea5OQ51fc&sai=AMfl-YQqUgOWn1FjEoTUE1v7j7pMHbM9voZAT4zxf0SKZWdG8X1za35Qv132WXzm7QpPzzbzt3388bjp5UYulp5mdR4LQjyQ9KdVSy4U3Vl558XLgdZVrLi0T3ZqudkVU0vQRuwN_Rr9PWvc-4Q4yctG&sig=Cg0ArKJSzAFCLkFhfHnGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 container.html Show response
ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1CF 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:57 GMT
expires: Tue, 30 Jul 2024 01:31:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 87C3 624 B
689 B 39ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNU3-z7jxoAlckWfPjfkkKVd-lJXA4Jf_mwyTUj7kzk_VDlducrJDtTaRi12gXk3GWHLpe4RQ6VT_pFTlPlr3QEvgBuWszUMEYFYiZ6rqypP9FtFTped27ipRg0bvBW-6MKWf-hMuskbxdIomOe4mfl1ikSRLmb9S2QqafU6J0kNZRyyNw8

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:57 GMT
expires: Mon, 31 Jul 2023 01:31:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame A1CF 23 KB
9 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 04:01:17 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame A1CF 7 KB
3 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
server: cafe
etag: 10703168227084058840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 05:30:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A1CF 0
0 74ms
45ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCSW2K3CwHW0TVud1DudFCl61WUsIK93CeOhLTotqo0Rwn_uqIofnxyo0GwRukXfg9oBVwUlnARFoT_i_bYVEbMk0MEQSXJmSG55uUhB1CgOCGQXd4e8rjngA6AO8yGN12GkI02-HxtH-uis86NpgQsdhidVIgG5ejEn79mlNwi-EhvW9bZS3iS3-42cR4bIliJYtvqhc0-ZOG0u_pelinnFmxh2B0rvvnlcYT1DkpoZWyTfIxXWwfITfxP0A3uUlJo5x8zuGoUOFLlZVzKoQ0iIvhw5EjCE9tairlW047ASUaxk5ykWZRW2tYB-sRMIR-G4g1VupKmaUFjItXPOj-ONDECxWYBsxaIIzlEbmt5WVbgVjeO29XkTgEH8HQ9Yr0Yww-cYQNlRfdt6_CGu--XPFGLo3nrOlNXCG0sbwX92795k9inXHqZ_48uWJPl7BrWgvMClThMrpVLEZXf0cUnTPstOYM0-5mNs4Uhxi_st49dVatd1CERZVc_gpluouzya_qW2MrBq9Hr8AjdYQg1po60f2egtVeOGo8C4rDLwKYH9QQEaYWqifJxNuWVlvI0rrah-ybGssmkSvOrLcMxGhB7FIg9MAIyiNQc0qrAtPWjaTgsO1R7mgi5Fkv5mVGGBwsDvOCHprrkthCCnPJgxg6y76D2vfCOBNEjx4WvEbstcFxQjm1XzKtRg7kFWeAxh3eb6BzUg7nMul9psgxmB4bbXDc2k4941Pg9hrziFmSoUVW5QlP2It4kXINb8-01BLKK-EMmr_AjAn2JTtPfgD1Pg93Vo-h0JSUUi13xQUQ9xY6aQXYam3TE-0tbGfwADeLlUxY7mG1N7JaoanXB8a_CcVq6sZ7OZvA_t51jvCVG70EpMp-3-pYCrkapHsR5yb4cGn341EqDO2RL2v3Vl8PnMxSYHo1Fw9wllIcKogkxWsopTRZqlDvf9Pfys-uBq6ec-KxezezaBfY5S5HkzPSysPpBi3VN0Fwaj6fVPFlzZDSxwp1C-JPxpFR5b_loxkrDreh-uhTO7Hsojv87mMdG_m45dXvEQHgVV16WA3-NRC59om8KrEWXByAifjcPK9SnF2mvA7OcwYE0xI3UEdGPSK3pFZ-s5Vn1a4d5T8uo36iMxKieBMNcTP8Bozm7D4SljVDmpRNnSlYgqtElU7GMpT_yjrfQT1m0-rro4g0ewjnuLfSQufOpV6hCrDnb4DsrwbW9mtZf0w9VzKFXXoavqy7&sai=AMfl-YTpE4AKOg3OuQZXpYwGL6AV9987Pt7MGpvN9RnDbKofgZB8rvnxF84PbCwW8HD7e2onMtw5Gn6T8X8E4_nX8ok1zQDn-vZFMEmGW6cSlzOsaAbJeM1NUuFJHlnqaCC4ry19j397lU1fvGRRb9h75ZiW-lH5Z2gyKpsMcLKYYF12nN_zfvfedG5hjDHJ5eomuxZcv7zanhY44xIBGC6ld1yH20FBvMnarQSZVvG2wYyNXBJr-Hm9KdoB4WJ6B9K8loHC57Bz_sHIFPIZ-73QGoJQrQHKsEnG5LUgxOef_CXH7aFWzpyoXn8YDpjDeYLs6CIdDEWZFpIWXqIi8xiYO5t73YjMvIItYEh1U3uHZiB3fT3VtAA2B17dNU4xy4JT1xJ4trP0uwMBOdit2WfJHSm0WIYSiNLimiHgWDYFZpuF-UPUWITLsPkjEzb7Yx1Bqc5rTQjiJi2_kvFuhgWPx2bF3zlwNgvnlQ&sig=Cg0ArKJSzHM_kCHhcoA5EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230726.18009&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A1CF 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:47:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A1CF 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 21:46:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A1CF 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1CF 42 B
173 B 58ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYqpq8X0u02JQTZMn9shS9i8BH8-POlilX1_XOj8EgRjsj0WBiH0_WtTnsq2eLqGm9nWg47t0o9-v-4bVryDlK-nU39suczTW7E1c4tzXFzghdq6I

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1CF 179 KB
56 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 7102141292423558684
s0.2mdn.net/simgad/ Frame A1CF 15 KB
15 KB 30ms
7ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7102141292423558684?sqp=uqWu0g0HCGQQwAJAZA&rs=AOga4qltVyEdFxRSXpgrA2EVnkee9Dpcgw

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1af8482107a39b623534fdda8cf6cf5f68987d4276a4798e5eb1af94a11d5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 09:58:13 GMT
x-content-type-options: nosniff
age: 142424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14959
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:15:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jul 2024 09:58:13 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8758 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 157253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 05:51:04 GMT
expires: Sun, 28 Jul 2024 05:51:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A1CF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f2b088aa8e31f6aa69a20959b7e031811a1409944d13cf713969ccf42d4c1e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 87C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNU3-z7jxoAlckWfPjfkkKVd-lJXA4Jf_mwyTUj7kzk_VDlducrJDtTaRi12gXk3GWHLpe4RQ6VT_pFTlPlr3QEvgBuWszUMEYFYiZ6rqypP9FtFTped27ipRg0bvBW-6MKWf-hMuskbxdIomOe4mfl1ikSRLmb9S2QqafU6J0kNZRyyNw8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 87C3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMcPDbsmleLb9f7auyV0MAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNU3-z7jxoAlckWfPjfkkKVd-lJXA4Jf_mwyTUj7kzk_VDlducrJDtTaRi12gXk3GWHLpe4RQ6VT_pFTlPlr3QEvgBuWszUMEYFYiZ6rqypP9FtFTped27ipRg0bvBW-6MKWf-hMuskbxdIomOe4mfl1ikSRLmb9S2QqafU6J0kNZRyyNw8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 01:31:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHEfOLi-8aUJFgS9w5FTvt0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 87C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBd4LaOCwZuZizjFq31QmRA&google_cver=1

43 B
845 B

7ms
6ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBd4LaOCwZuZizjFq31QmRA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGMqVxd0BMAE&v=APEucNU3-z7jxoAlckWfPjfkkKVd-lJXA4Jf_mwyTUj7kzk_VDlducrJDtTaRi12gXk3GWHLpe4RQ6VT_pFTlPlr3QEvgBuWszUMEYFYiZ6rqypP9FtFTped27ipRg0bvBW-6MKWf-hMuskbxdIomOe4mfl1ikSRLmb9S2QqafU6J0kNZRyyNw8

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
an-x-request-uuid: 49f0feb8-ef57-4dda-8fe8-7c8ca0d459dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBd4LaOCwZuZizjFq31QmRA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 87C3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D

170 B
243 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
an-x-request-uuid: cddd8b98-1ace-496a-9a80-125e3063ada9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A1CF 0
0 43ms
42ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCSW2K3CwHW0TVud1DudFCl61WUsIK93CeOhLTotqo0Rwn_uqIofnxyo0GwRukXfg9oBVwUlnARFoT_i_bYVEbMk0MEQSXJmSG55uUhB1CgOCGQXd4e8rjngA6AO8yGN12GkI02-HxtH-uis86NpgQsdhidVIgG5ejEn79mlNwi-EhvW9bZS3iS3-42cR4bIliJYtvqhc0-ZOG0u_pelinnFmxh2B0rvvnlcYT1DkpoZWyTfIxXWwfITfxP0A3uUlJo5x8zuGoUOFLlZVzKoQ0iIvhw5EjCE9tairlW047ASUaxk5ykWZRW2tYB-sRMIR-G4g1VupKmaUFjItXPOj-ONDECxWYBsxaIIzlEbmt5WVbgVjeO29XkTgEH8HQ9Yr0Yww-cYQNlRfdt6_CGu--XPFGLo3nrOlNXCG0sbwX92795k9inXHqZ_48uWJPl7BrWgvMClThMrpVLEZXf0cUnTPstOYM0-5mNs4Uhxi_st49dVatd1CERZVc_gpluouzya_qW2MrBq9Hr8AjdYQg1po60f2egtVeOGo8C4rDLwKYH9QQEaYWqifJxNuWVlvI0rrah-ybGssmkSvOrLcMxGhB7FIg9MAIyiNQc0qrAtPWjaTgsO1R7mgi5Fkv5mVGGBwsDvOCHprrkthCCnPJgxg6y76D2vfCOBNEjx4WvEbstcFxQjm1XzKtRg7kFWeAxh3eb6BzUg7nMul9psgxmB4bbXDc2k4941Pg9hrziFmSoUVW5QlP2It4kXINb8-01BLKK-EMmr_AjAn2JTtPfgD1Pg93Vo-h0JSUUi13xQUQ9xY6aQXYam3TE-0tbGfwADeLlUxY7mG1N7JaoanXB8a_CcVq6sZ7OZvA_t51jvCVG70EpMp-3-pYCrkapHsR5yb4cGn341EqDO2RL2v3Vl8PnMxSYHo1Fw9wllIcKogkxWsopTRZqlDvf9Pfys-uBq6ec-KxezezaBfY5S5HkzPSysPpBi3VN0Fwaj6fVPFlzZDSxwp1C-JPxpFR5b_loxkrDreh-uhTO7Hsojv87mMdG_m45dXvEQHgVV16WA3-NRC59om8KrEWXByAifjcPK9SnF2mvA7OcwYE0xI3UEdGPSK3pFZ-s5Vn1a4d5T8uo36iMxKieBMNcTP8Bozm7D4SljVDmpRNnSlYgqtElU7GMpT_yjrfQT1m0-rro4g0ewjnuLfSQufOpV6hCrDnb4DsrwbW9mtZf0w9VzKFXXoavqy7&sai=AMfl-YTpE4AKOg3OuQZXpYwGL6AV9987Pt7MGpvN9RnDbKofgZB8rvnxF84PbCwW8HD7e2onMtw5Gn6T8X8E4_nX8ok1zQDn-vZFMEmGW6cSlzOsaAbJeM1NUuFJHlnqaCC4ry19j397lU1fvGRRb9h75ZiW-lH5Z2gyKpsMcLKYYF12nN_zfvfedG5hjDHJ5eomuxZcv7zanhY44xIBGC6ld1yH20FBvMnarQSZVvG2wYyNXBJr-Hm9KdoB4WJ6B9K8loHC57Bz_sHIFPIZ-73QGoJQrQHKsEnG5LUgxOef_CXH7aFWzpyoXn8YDpjDeYLs6CIdDEWZFpIWXqIi8xiYO5t73YjMvIItYEh1U3uHZiB3fT3VtAA2B17dNU4xy4JT1xJ4trP0uwMBOdit2WfJHSm0WIYSiNLimiHgWDYFZpuF-UPUWITLsPkjEzb7Yx1Bqc5rTQjiJi2_kvFuhgWPx2bF3zlwNgvnlQ&sig=Cg0ArKJSzHM_kCHhcoA5EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=73&vt=11&dtpt=72&dett=2&cstd=0&cisv=r20230726.18009&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 01:31:57 GMT

GET
H2 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8758 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 228ms
228ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876505896341082&correlator=760662852120734&eid=31072020%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=5965368%2CNTDtv_cn_article_Billboard_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C1000x250&ifi=5&adks=856752424&didk=1951933411&sfv=1-0-40&eri=1&cust_params=NTD_category%3Dntd_prog1288-1288%252Cntd_prog115-115%252Cntd_prog1244-1244%252Cntd_prog301-301%252Cntd_news-200%252Cntd_prog14-14%252Cntd_prog212-212%252Cntd_program-300%252Cntd_front-single-news-hosted-391574%252Cntd_newsletter-news-421939%252Cntd_front-instant-news-1751%252Cntd_front-headlines-1759%252Cntd_front-daily-headlines-1756%26site%3Dwww.ntdtv.com%252Cntdtv.com&sc=1&cookie=ID%3Dc89f951e677e63a5%3AT%3D1690767117%3ART%3D1690767117%3AS%3DALNI_MZj1Fc1RPU74p0-nZ_bGLyZoeeTrQ&gpic=UID%3D00000c4948827a1b%3AT%3D1690767117%3ART%3D1690767117%3AS%3DALNI_MbPQXPWIBOd4iYP3xFX4_BLYTBI5A&abxe=1&dt=1690767117875&lmt=1690767117&adxs=315&adys=446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&frm=20&vis=1&psz=1600x5&msz=1600x0&fws=0&ohw=0&psts=ABnkTfBdnbX2aB91mfMKN6pmB_cNb9sVkTvqDpIt_qYcmc9uPL7ue6AWfCZZqBX5IkMkKMUsL6Hio5VCsLo3dwRmTMGPWw&ga_vid=1681493397.1690767117&ga_sid=1690767117&ga_hid=210898461&ga_fc=true&dlt=1690767115723&idt=1619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65906555c0e97445b1f91f6ce64badb800f5070e2f7f1cc749d089d14672fbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11041
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8758 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTQyoDQ_HZIecHJOP9u8P5PmlkAgAAAAAOAHgBAI&bg=!JSalJnLNAAZGOVy5Zjk7ADkAdvg8WsJ-I2HRqHMn7enxtyUOPMQjtKfwA5EIoFOhG16-2VhpuTreYD-zzMGjjHpCkfEt9bNvLfsCAAAAc1IAAAAGaAEHmQL8ovOED9unA7icM4e2RG-84kSAXJKxRczYJOrzhc4enSdcDwikk9LhDOebCEkT43pBOa_pHfA-bPK_4ltakoQGIoKdlP3BFIZKBpv-515UiTwnsp7ghKdBeRlLWk1vFq1xzgunZu4332D2DErDUfWTU9bhDwLEMKLGPE742-Y51bW1w5Jrwtn46xXeSHW1MJscqzBKg2qPzpSYnYM75XtfBADEOdvBZ-QLmI6LeSsDwhJltg1PhkhEmSDMU56dsEkshd-SqpRf3OPJ594LMSwQqR6gc3xpf_bvbLBd2ljJtYmxM0_0x6uHL70ED-ql_Jcg3l_ECUYDak841TBMfIvytu51u5U_D4XVqFu3OK_0QMVBFpSSA9bZju0l7VIqXB-X5HH790nzjJicyv6lMZg_8mSl3CwiIaOFIQLfSTr4wS89NjE3-VUnra-5h-Snh3dr3mw0bxGlA0WKKGkR0ExxMBY4cgj8ole2CpHbNtJNicXOTYeAZK6UiAkJXAH0-iVPYBnaF-QV-5rKymhKwYf1ZQjU1zR4VXfkSF7C_z8jZWh8mSmdG1fwyadld3TXtTEBiQA0aDusP7W6K0rIpzaUn42l-Fo-WljqBs8cuawsS-BKSm9x_DU-i4neWJZlHMnipjde9OwwFP7L-kk1J1P4m_ZD4SMzmCrDfKWJH57hsib1kDMISSitgjo1iDtsSVsEumaH0dExG82jPms6OcXQgR3rKx-cpzWPUavCmSpvjrHL_jgcu4wngfeLvLSa9FI7T907sBrGXTDoiqmCXQlPpXiimkC-kH0Y99FC6lharEvGZ65Kj1nqgF7Q5eErRhzmfNoisasDT7MqDZ0zyteCqjup_IaAwKaL-MARwXxIAUqDfhRuLOs48_AJPI0uoeLPeS4dakWrjaB5kvR5IBopPlNdP5bdzLa3OEeAN5GuvqWypQxDqN83UfAn_Xby0aLg3SxXbpBCzTRO6l3Oxzd7Diz6i_KiU2F-KhlFx35eyZJpBQsIirS73AgbMbg

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
r-log.dable.io/s/ntdtv.com%2Fb5/u/00000000.0000000000000/ 54 B
199 B 1122ms
270ms Script
text/javascript 13.125.41.255

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/ntdtv.com%2Fb5/u/00000000.0000000000000/view?url=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&ref=https%3A%2F%2Freurl.cc%2F&lang=en-US&items%5B0%5D%5Bid%5D=103736362&items%5B0%5D%5Bc1%5D=%E5%85%A8%E7%90%83%E6%96%B0%E8%81%9E&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&cid=00000000.0000000000000&gdpr=1&z=575154&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.125.41.255 -, , ASN (),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET match
analytics.ad.daum.net/ 0
0

GET
H2

200

1x1.gif
images.dable.io/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://images.dable.io/1x1.gif?google_gid=CAESEBy0wWQqI4es3cXT4MzYAnA&google_cver=1

42 B
459 B

51ms
7ms

Image
image/gif

184.31.93.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/1x1.gif?google_gid=CAESEBy0wWQqI4es3cXT4MzYAnA&google_cver=1
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Server: 184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-93-220.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: oKJFwmZ_5JYp0vaYHyM0FpQvWVQZV1l2
date: Mon, 31 Jul 2023 01:31:58 GMT
x-amz-request-id: FD5AV466TXBE18VC
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: SDMl/VF5WogYNW3ws0bJxIP2199hybENNgKLqRQNDBBOQTWr9aW6A9UQr64VC+kbnAwnM8rwkD8=
last-modified: Wed, 26 Jul 2023 06:47:12 GMT
server: nginx/1.20.0
etag: "d89746888da2d9510b64a9f031eaecd5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://images.dable.io/1x1.gif?google_gid=CAESEBy0wWQqI4es3cXT4MzYAnA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
627 B 748ms
247ms Image
text/plain 103.243.202.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 01:31:58 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H2 403 cs
cs.gssprt.jp/yie/ld/ 82 B
82 B 767ms
241ms Image
application/octet-stream 133.186.12.15

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Requested by: Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.15 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 82
content-type: application/octet-stream

GET
H3 200 container.html Show response
ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E511 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntdtv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:57 GMT
expires: Tue, 30 Jul 2024 01:31:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 10F1 640 B
308 B 22ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E511 86 KB
29 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30178
x-xss-protection: 0
server: cafe
etag: 18056378990419963096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E511 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Arsvnfq0mUNTDqLXZLAQOhL1Bto-TDoWB7ktXjd3Eff08RKP1t5Vb8Y2Kr5IlpHGtuRNcDs1DfWZYRqTLVfxJZBYv1TQLUiwU0ExpNogxBTsU4-14

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E511 0
20 B 41ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15507264865904502626&x=1&ct=76

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E511 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E511 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E511 0
0 15ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzO0ObEvqpCcJ4ESFK1zFQey1ERMFSSojBjlBq2YBcjX7t8bFfRHbCMxQJyN5T3WNsiAQ87NnLtiFhCE7FD2HsCE4H2g
Requested by: Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E511 179 KB
56 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:58 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 10F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5K3HTr-97Nhsab_KyfXM&google_cver=1

43 B
114 B

29ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5K3HTr-97Nhsab_KyfXM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5K3HTr-97Nhsab_KyfXM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 10F1 43 B
304 B 53ms
15ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 10F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKpeOdx-42fFERG1hSSqrZE&google_cver=1

23 B
163 B

31ms
31ms

Image
image/gif

23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKpeOdx-42fFERG1hSSqrZE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY
Protocol: H2
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Mon, 31 Jul 2023 01:31:58 GMT
pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKpeOdx-42fFERG1hSSqrZE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 10F1 23 B
163 B 70ms
31ms Image
image/gif 23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUw5atnGb-p-VBXzc-QmGJK4wGruNCyo6s57WdGvEQnBJ_Ltigvtvj3f9Kg5ttnBhjCuJxaTmo9hpxMCCrezqnVyADNpixZFV9DI4V0KhxYCEvPE3aVD6oh-diVS3p0rsly4-jYF5ykuN2DykqFtKjmhodtz1lfcCYcH-ji04g-MZU1UeY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Mon, 31 Jul 2023 01:31:58 GMT
pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E511 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9714425182958&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E511 0
20 B 39ms
38ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9714425182958&version=m202307240101&ct=76&x=1&cor=15507264865904503000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E511 88 KB
37 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbKt2ZdfKLKXIeQ6XBtd_i3PSgNAdHnrX-C-xm0VWSteM8WbOpAjIlipxC-LK6HEh-FuKfaDjyVpF2nBrxSy_7s6XMIDs7mxmFvD5dpK1x7H1xVnI&cry=1&dbm_d=AKAmf-BxCKHedllKTvPPpQbjFtMsD94mxYSWPRAH0yPNRgeW2cJlDrU7uBmfxDEuVnDqpVeKGyGT8HJwhy812i1P8RvJQ8PmiRXV753KTVj8x0Sa7-l2nmMCxEmy0Aae-Q9MMkRK_stCxmUTQeiRarX7MeuzRcJpFoIy_gi-p-d-LckTgc4wUvr1Fq2dHCGjmkunbZwFmaIPb6EkETbl2Us2b4bkmTr6mEg25eUGKscF1H-wBTd5uH4aizYqKd39bzyfR_63PAcr1Fl4UqBIUCTOeai8k67fIttMyK3jd1av4VuttWoL0yK4ZgjhMfMLdJx-09wO427xi-8g4UxyA0hxvbklBkNcX2Nc2-Ft9Sp2oZgZZY0cKAWDm7gh9aodtlcSNtKrdhG2Mg2WK7h6UeQhHTZOBbKx9WFzdqN5E9Ob9MVfwYtlPmWDwDyJ3wtIgLwgcbyAvRr4KG1LMxlidORRu9S4PnJAMxN10qlHC44b5BarVgVDO4TKV-PvtZP8DE_BlHnL3zCkjzJFgB_I4wJHgZ6n96sYeT3qR6OXHEPwdYWnKdTYIgVeLCxv6b04qMfNp8q_rWW3o4Domc0ZzAbWX8xdipVP2BG3Y3qgQWmvuXCBHZ1FGitJRopVo2U0Ln2uN6xPYKwaQukdS5t3MErVYsn58LoHIzUtchwVmTZFsK_fI3UzOU1oWf6UioX9U-sRmuI3wfqSJmTMe02pACYW6LVT1vYPsQUWezYZb0-Xtw4yH-2yrmCbdEXELyIRL_iZ8TMouzHpZtmTQY__8VgwDhQ6xeaiShzYgDygr0nS41sFI8Shyi-Dj-m5UKwb7Mi2ce5zeh80mEMJ90DI3Cuo1gY6az-I9qud3eSWFcrTUMFcVTKssSVC3CEx7s-l940V4WaGAX9I3XNn9qqZnsh8UIId5bWQxMLKd5390ZHP4OKdjQBY31BfDc_gzfx86PjALLVthr1adVXDA3d16LDpuznqMHdEs48KkZ38EId6d11jI2wy-U3MNUtUrBDl1NhchowBnlUjL9AQ89BpYcRgBEjJ5rLItIhZNh0HRVwI33Qul1DqepSf_amRxV0Jfo7okRyLnG5RjioLVGdQYPMdqebLclpoqa_VwBcvzUbPurqBwJK-ZeZcfD26SuyQDp4f8nYa-Dtx2jFAoZWH_ELbHqKE6aD1xZVPhhQFHfXGm8HkA-QAg5aTRsW_K71kkYw2OsKIAmki7WFFefVU0dU5nRa8Je24cgm8-cGBt-yE_P6PKVhPUjnSgGXjB8GukIKzwxWkTL8oD4yzL4opGnoLU1KXmMZdVNXAspxyx0pCLyz0vAzDXp4I9aJHFD4MJDBdyMvDPrT6hjOnAywr2N_Pl5NdtOMpSb9j2jglVnMXU2ECZgrGshtdBRc3Kw6PUr3tCiFslaKDghU8xBaXmObmX0lodU0BSSO8ClrOQ8BsbnxHZ6T2li771gq2vXPwR-1XAUlJtcQw4OIfEgQRguzFAXvzTVJRPuBkb2vo2JrzlycEcCGrgGRhu_35LipNJXzA2Cv3m8oWh60oHbwcS50j-1yNaihOCBWHuW_BAOG9BiI8tSxKlxl7dPDQB45gACcijEarL-woB8Ke7WV4LugvJZnSQi_siFCDSUfSpBncC7NUdKC5_euQ3yQmAV_dHod6p74tPxS7ipk8PgpIfyQeehBWeFOwCKydKWiNq8jY-C9TCL5Ag4qQjnH7HKtAJZMAZem9hCmb2aPkYmnEmW00rdXoAi8CL2T61K-bKfa5Atmi6T5gzbQMdboSR3vXKHvppGG22pcBwJSIhvDAKRRiKbEP8IdDdgQd7hcr8nxBuce4r_KuttzXyDpDX9_Ak0TFvIBmgM0eDtM78LtOSl9D5oY0_cYMq-K7POBUJ_bf32vKarPcUU1oLGuLTa-6AL6UXc42kG36z1GYO52zM4O-93OIglIwsCZGEShERuk2HBVbfkSuEHlYM5EZDUr-zpcVMzjn9u4EpHxkhhpTRUF2KuyRUKlxqJR-3htnLk4botDdV61BbmlpdQwsLZaQ0JPRhOh-4IYWPQZoe12_zUWhB8GQaOVTDkt_h8Uhd-BN3QBxEZU909_ZASCRagTklcif8Spp-zXBmrWu2PDPyhBeH63qsCQ4O7NexyHSBxuBgO3aiTvvYb3FMh-WDoIzNCqCXR6lYUeSh9BsVTz7xdpUffmjaxbfptwdP19JC894ipKxDWliy5LCUnBWqzYCN-LuwZ1RJVoUdQNjoUbKnRn1JIf-cvCOCIq6AUNh9IENK8mnYbU_GTs9Fz9de-hxFFTruQcBB1b4Vu9YvQEZn4rOn-Y0_JpAEUNbiGOf-T0DVyOalfQ0S-VwN-p0pQBJO8x5dQ46Z2mTsAvAD_cQmJuMxko2PertscX2sgGipLGxiHLgdMDrrI66oAIN9BoCDktyebvTYk39Hz7UggI4fVOxYTGomYynXl8r9IqDFKXoJhcVjZ4kUOHeCllPsSl93JgpvRaDjWRm0RPIgtzJUy3LlPDbP7lq03hjb47E80ofjBiOjCF3GrzaP8yO0adoZWPx6yTnaz4nnTw9a8WlnsITJs75XpyQsSGM3e9RSRO5kTCRckOwh7D-itkyLE5CjCCGHLNF0x6nK5GRvGOeOomX1-eiPr0I7if18TvVP716P2YXjJc9DjbbmYBorlK547_OMVyL_UofM1kTZE1qgy2zDNfs4nHHt5qIVH-Cg3tfppeAlyiAEz4yHtvJgsRg7TxLU4--VFXrJJcD_FpAGZybLnob7tqhneIg5cfgT7-BTdnfvBkcmQn07Vw9o2-aMtdImBahc3_OpzYMp4pYuN2ymsl1dAUc9UlS27VohZgr8DPFXXqXd5m84RMAkj2U86po_SiowkXL6yNyIQebgectUkd8ye9zdUN3pgT-McaBk2mmtylE8IjCf672KBDBo8uJS5W1Txzrsp-O33jzAYxkno7jy77AGL6LT4deABs-bBUFDs1l_gg5q_oIrF4AJVT_3WA_7l-tSSCac1mj0ykM0zCYtuAL73PSwiF0AZm5N4fhIw-MQsMP3Eu0V40bIRmyRDk4howXZ3rRmCJqQwtGpKu-jT9gPbVv7As5JZdcZpHyq8dQP3WR7aWYueCDCuBwIT_wkDQ5mTou8D9HMEOlrN6b2DCTm9vFHcvIEcXUXYh-8Awb6DC9xvv_t9OlwVYdHdCiZ1VIRq4_ca_JLs0owOwrf07NmXhfwteXi_aVDSlJ5CGjp8V9j2BZMHH2D4TCmQoebAapZ0GAzLj3utVIg1xRrLpfGv05bMZ6tbHaAWL2VT3UH2SP-qGkDiaQQWzoImpbiHq3rqhGtbxo3KzGUjhj2VhMAKuohrxAVJ2RlswZAPgWBOU&cid=CAQSPABpAlJWYybVt6ZwYxlbNLijRQimaR0EX0u_BX5MVC017e_ymhq0dNASS7vcDnCeqUSuEG7MB51t73Tp6xgB&dc_eid=31076403&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ntdtv.com%2F&ds=l&xdt=1&iif=1&cor=15507264865904503000&adk=1964084972&idt=32&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e893d9d08e299066d456411275512ae990cdf931dcd417c4d547865db8e5434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E511 172 KB
60 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Origin: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 20:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 20:24:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame E511 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbKt2ZdfKLKXIeQ6XBtd_i3PSgNAdHnrX-C-xm0VWSteM8WbOpAjIlipxC-LK6HEh-FuKfaDjyVpF2nBrxSy_7s6XMIDs7mxmFvD5dpK1x7H1xVnI&cry=1&dbm_d=AKAmf-BxCKHedllKTvPPpQbjFtMsD94mxYSWPRAH0yPNRgeW2cJlDrU7uBmfxDEuVnDqpVeKGyGT8HJwhy812i1P8RvJQ8PmiRXV753KTVj8x0Sa7-l2nmMCxEmy0Aae-Q9MMkRK_stCxmUTQeiRarX7MeuzRcJpFoIy_gi-p-d-LckTgc4wUvr1Fq2dHCGjmkunbZwFmaIPb6EkETbl2Us2b4bkmTr6mEg25eUGKscF1H-wBTd5uH4aizYqKd39bzyfR_63PAcr1Fl4UqBIUCTOeai8k67fIttMyK3jd1av4VuttWoL0yK4ZgjhMfMLdJx-09wO427xi-8g4UxyA0hxvbklBkNcX2Nc2-Ft9Sp2oZgZZY0cKAWDm7gh9aodtlcSNtKrdhG2Mg2WK7h6UeQhHTZOBbKx9WFzdqN5E9Ob9MVfwYtlPmWDwDyJ3wtIgLwgcbyAvRr4KG1LMxlidORRu9S4PnJAMxN10qlHC44b5BarVgVDO4TKV-PvtZP8DE_BlHnL3zCkjzJFgB_I4wJHgZ6n96sYeT3qR6OXHEPwdYWnKdTYIgVeLCxv6b04qMfNp8q_rWW3o4Domc0ZzAbWX8xdipVP2BG3Y3qgQWmvuXCBHZ1FGitJRopVo2U0Ln2uN6xPYKwaQukdS5t3MErVYsn58LoHIzUtchwVmTZFsK_fI3UzOU1oWf6UioX9U-sRmuI3wfqSJmTMe02pACYW6LVT1vYPsQUWezYZb0-Xtw4yH-2yrmCbdEXELyIRL_iZ8TMouzHpZtmTQY__8VgwDhQ6xeaiShzYgDygr0nS41sFI8Shyi-Dj-m5UKwb7Mi2ce5zeh80mEMJ90DI3Cuo1gY6az-I9qud3eSWFcrTUMFcVTKssSVC3CEx7s-l940V4WaGAX9I3XNn9qqZnsh8UIId5bWQxMLKd5390ZHP4OKdjQBY31BfDc_gzfx86PjALLVthr1adVXDA3d16LDpuznqMHdEs48KkZ38EId6d11jI2wy-U3MNUtUrBDl1NhchowBnlUjL9AQ89BpYcRgBEjJ5rLItIhZNh0HRVwI33Qul1DqepSf_amRxV0Jfo7okRyLnG5RjioLVGdQYPMdqebLclpoqa_VwBcvzUbPurqBwJK-ZeZcfD26SuyQDp4f8nYa-Dtx2jFAoZWH_ELbHqKE6aD1xZVPhhQFHfXGm8HkA-QAg5aTRsW_K71kkYw2OsKIAmki7WFFefVU0dU5nRa8Je24cgm8-cGBt-yE_P6PKVhPUjnSgGXjB8GukIKzwxWkTL8oD4yzL4opGnoLU1KXmMZdVNXAspxyx0pCLyz0vAzDXp4I9aJHFD4MJDBdyMvDPrT6hjOnAywr2N_Pl5NdtOMpSb9j2jglVnMXU2ECZgrGshtdBRc3Kw6PUr3tCiFslaKDghU8xBaXmObmX0lodU0BSSO8ClrOQ8BsbnxHZ6T2li771gq2vXPwR-1XAUlJtcQw4OIfEgQRguzFAXvzTVJRPuBkb2vo2JrzlycEcCGrgGRhu_35LipNJXzA2Cv3m8oWh60oHbwcS50j-1yNaihOCBWHuW_BAOG9BiI8tSxKlxl7dPDQB45gACcijEarL-woB8Ke7WV4LugvJZnSQi_siFCDSUfSpBncC7NUdKC5_euQ3yQmAV_dHod6p74tPxS7ipk8PgpIfyQeehBWeFOwCKydKWiNq8jY-C9TCL5Ag4qQjnH7HKtAJZMAZem9hCmb2aPkYmnEmW00rdXoAi8CL2T61K-bKfa5Atmi6T5gzbQMdboSR3vXKHvppGG22pcBwJSIhvDAKRRiKbEP8IdDdgQd7hcr8nxBuce4r_KuttzXyDpDX9_Ak0TFvIBmgM0eDtM78LtOSl9D5oY0_cYMq-K7POBUJ_bf32vKarPcUU1oLGuLTa-6AL6UXc42kG36z1GYO52zM4O-93OIglIwsCZGEShERuk2HBVbfkSuEHlYM5EZDUr-zpcVMzjn9u4EpHxkhhpTRUF2KuyRUKlxqJR-3htnLk4botDdV61BbmlpdQwsLZaQ0JPRhOh-4IYWPQZoe12_zUWhB8GQaOVTDkt_h8Uhd-BN3QBxEZU909_ZASCRagTklcif8Spp-zXBmrWu2PDPyhBeH63qsCQ4O7NexyHSBxuBgO3aiTvvYb3FMh-WDoIzNCqCXR6lYUeSh9BsVTz7xdpUffmjaxbfptwdP19JC894ipKxDWliy5LCUnBWqzYCN-LuwZ1RJVoUdQNjoUbKnRn1JIf-cvCOCIq6AUNh9IENK8mnYbU_GTs9Fz9de-hxFFTruQcBB1b4Vu9YvQEZn4rOn-Y0_JpAEUNbiGOf-T0DVyOalfQ0S-VwN-p0pQBJO8x5dQ46Z2mTsAvAD_cQmJuMxko2PertscX2sgGipLGxiHLgdMDrrI66oAIN9BoCDktyebvTYk39Hz7UggI4fVOxYTGomYynXl8r9IqDFKXoJhcVjZ4kUOHeCllPsSl93JgpvRaDjWRm0RPIgtzJUy3LlPDbP7lq03hjb47E80ofjBiOjCF3GrzaP8yO0adoZWPx6yTnaz4nnTw9a8WlnsITJs75XpyQsSGM3e9RSRO5kTCRckOwh7D-itkyLE5CjCCGHLNF0x6nK5GRvGOeOomX1-eiPr0I7if18TvVP716P2YXjJc9DjbbmYBorlK547_OMVyL_UofM1kTZE1qgy2zDNfs4nHHt5qIVH-Cg3tfppeAlyiAEz4yHtvJgsRg7TxLU4--VFXrJJcD_FpAGZybLnob7tqhneIg5cfgT7-BTdnfvBkcmQn07Vw9o2-aMtdImBahc3_OpzYMp4pYuN2ymsl1dAUc9UlS27VohZgr8DPFXXqXd5m84RMAkj2U86po_SiowkXL6yNyIQebgectUkd8ye9zdUN3pgT-McaBk2mmtylE8IjCf672KBDBo8uJS5W1Txzrsp-O33jzAYxkno7jy77AGL6LT4deABs-bBUFDs1l_gg5q_oIrF4AJVT_3WA_7l-tSSCac1mj0ykM0zCYtuAL73PSwiF0AZm5N4fhIw-MQsMP3Eu0V40bIRmyRDk4howXZ3rRmCJqQwtGpKu-jT9gPbVv7As5JZdcZpHyq8dQP3WR7aWYueCDCuBwIT_wkDQ5mTou8D9HMEOlrN6b2DCTm9vFHcvIEcXUXYh-8Awb6DC9xvv_t9OlwVYdHdCiZ1VIRq4_ca_JLs0owOwrf07NmXhfwteXi_aVDSlJ5CGjp8V9j2BZMHH2D4TCmQoebAapZ0GAzLj3utVIg1xRrLpfGv05bMZ6tbHaAWL2VT3UH2SP-qGkDiaQQWzoImpbiHq3rqhGtbxo3KzGUjhj2VhMAKuohrxAVJ2RlswZAPgWBOU&cid=CAQSPABpAlJWYybVt6ZwYxlbNLijRQimaR0EX0u_BX5MVC017e_ymhq0dNASS7vcDnCeqUSuEG7MB51t73Tp6xgB&dc_eid=31076403&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ntdtv.com%2F&ds=l&xdt=1&iif=1&cor=15507264865904503000&adk=1964084972&idt=32&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 19:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 19:13:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame E511 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11572
x-xss-protection: 0
server: cafe
etag: 5014499061205845695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 04:32:07 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E511 41 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:47:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E384 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 15:33:00 GMT
etag: 48472445140208031
expires: Mon, 31 Jul 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E511 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fec69095b49e1b304b0223c14cf36e6a4cef6cbf78b9f95c786bdfa8b6f0fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9F5A 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 157254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 05:51:04 GMT
expires: Sun, 28 Jul 2024 05:51:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIC5qArDB7NfEvLgKpRTrqo&google_cver=1&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3935x5QU61QHeA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97C241DE5A634D1CA7C19626E8768A70&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97C241DE5A634D1CA7C19626E8768A70&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3935x5QU61QHeA

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jul 2023 01:31:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97C241DE5A634D1CA7C19626E8768A70&google_push=AaAOQGFRFAFj2gTNBZauhezbV8uiE6DQSSWSuISFqvEp5vnUdShpcNyJn-k6lptYEX_2xxZ03gvEgvlnOqLu5Z3935x5QU61QHeA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 30 Jul 2023 01:31:58 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E384 70 B
265 B 114ms
32ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECwPcl-SoSQVpCVtXnVb8Bk&google_cver=1&google_push=AaAOQGFQQSvJsj1scXCCpCf22wuxw6McH3pHH8AWUPE42VXcs0i7tZ4MOyynblsbXc_aL_8jrA33bKZrlgDJmqEeeGWE_rreVAI3
Requested by: Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF0KU2epfEaJveR70-r6ueU&google_cver=1&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431st...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF0KU2epfEaJveR70-r6ueU&google_cver=1&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3MDU1MjE1NDU5OTUxNjMxOA&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3MDU1MjE1NDU5OTUxNjMxOA&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431stzXPCfWFPLOveE_bnpjIX

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3MDU1MjE1NDU5OTUxNjMxOA&google_push=AaAOQGFyN6Hn8D12VSyu6b6MdUWYRb28vrbxdxmHa0v7fOsm4pPx0xpebCmgpcnuWKpJGA6ImmK431stzXPCfWFPLOveE_bnpjIX
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5rIFRCORv6bjGEIrR06Rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5rIFRCORv6bjGEIrR06Rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFGqXRimnhBhmZ81oZjkzOFbYqjC1lUcCQCcNM7iNNL7UDog7Z9waDsfEfsXTFg0EXyBMCG7tcZuarsGCKMTWRGs-sqZRDm

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5rIFRCORv6bjGEIrR06Rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFGqXRimnhBhmZ81oZjkzOFbYqjC1lUcCQCcNM7iNNL7UDog7Z9waDsfEfsXTFg0EXyBMCG7tcZuarsGCKMTWRGs-sqZRDm
date: Mon, 31 Jul 2023 01:31:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN8iP7y-p7l1HqMu6VuXRv0&google_cver=1&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-um...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN8iP7y-p7l1HqMu6VuXRv0&google_cver=1&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-um...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA&google_hm=HEe7sGZHi1W7x9U1SHG96vUG

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA&google_hm=HEe7sGZHi1W7x9U1SHG96vUG

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 31 Jul 2023 01:31:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFuPNZazWjxHxhxgA77ItPBByvtrvQYVk1dHlRQDc-2KkKCg6nFN5tdhBJG-weey1rh78bHrtJL8z1jOg-umO1BhfewTIA&google_hm=HEe7sGZHi1W7x9U1SHG96vUG
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHyveLj5DZffcUmgQS2JP1k&google_cver=1&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAk...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE3MzkyODg1ODI4OTY0MjMzODMzOA%3D%3D&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB...

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE3MzkyODg1ODI4OTY0MjMzODMzOA%3D%3D&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE3MzkyODg1ODI4OTY0MjMzODMzOA%3D%3D&google_push=AaAOQGGrvvIhZAQGi7zG0wViwQxXM4ztaKe5NtXH_zRx4JITMy3FtscB4UdFWsd4kDs6q6ErCTnAFgXzt9PnyUzjfujHHDEsEAkr
date: Mon, 31 Jul 2023 01:31:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E384
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZC...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZCCgDu1iRZ-A8lakEfL...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZCCgDu1iRZ-A8lakEfLxixY7ZVTjkjeczmFQHKDGAxyk_ewBpK3s8iIoZcuUs6ov0OCbJ3s6l4duFG0zgH9xxFQ

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
an-x-request-uuid: 65f01983-5391-4364-aa7f-7d699fdf4398
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM1OTgzMzgzMzgyMTQzNjU2Nw%3D%3D&google_gid=CAESEJmUWOUO0oxt5uMyclWxcIE&google_cver=1&google_push=AaAOQGEQs8Edv93ZCCgDu1iRZ-A8lakEfLxixY7ZVTjkjeczmFQHKDGAxyk_ewBpK3s8iIoZcuUs6ov0OCbJ3s6l4duFG0zgH9xxFQ
x-proxy-origin: 45.141.152.75; 45.141.152.75; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E384 0
12 B 16ms
16ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3BMB7_D7pdknv8CNrjiCMi0N4zma8RuPKQcri5N1-FolQASialxOqLNCoAs5O-d0y9Buayg

Requested by

Host: ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
URL: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 76AB 133 KB
35 KB 16ms
15ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 01:31:58 GMT
expires: Tue, 30 Jul 2024 01:31:58 GMT
last-modified: Tue, 07 Feb 2023 13:03:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E511 0
0 59ms
58ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA3nmtdjp8kaDgCx_b3Jy7dl0AHhrBQGpUgKUcYd1s1pG1mtu7-sqORKxD5LmiUw1QdTvwcm5o_KLxWcT6BaPqqEDLBqWA2QaqrEN7SwACiJJfDWpzwwvDCSkyZKV9iGd0rfpXeXBcuuuYptET_S80tJLCt8TvBjl7lZsUyaWRxOr1xS-psQ9jwVrAzgEossFhcthk-DubyPRdeoymsBWlGiIO-zfq8ERgdst6cG8Pn_WeDJOQtk5XJ9eRVyfFnwf4OHCJUHNAkztoVkHul-Hpf57_OkJlG1XkgaYLrt_rBSqxn8A8KZtAgDqAUaOb0O_M6s0-i6E6tkXSbgh3ED_l6iv_rCd5LYOXooG7DHXQJUCDo96X0RnJKhhlorIP_UOaBHWNbmqGGIycbM8cKP3DMzbqarkAkamXUage4HPPRI8RqUFj7eJaTxShYF5SqT-ueSRAzC0T9xBlBHlgxlipIwS6RQofXP1TZL_DHpvUL4365-_dKo5DuSDaW_Djrewk3aKxs3eEYCCpWxwc4m_KO9dGd5RUU9VU5T7Y1CdtkaHwANpN0p-u5u6xDQY-JdiiVuh3-B-3Hyo4Yv_ZqFbprUCZzhVeITFzTXeNWG0iY1c0LAMWo4stoaVeCP-nsJVC1jjXLaQcTTVZwjP0-5yUKkMo52dIiwdB7Qb5KA-bB8ys3wbopinQ5zeui0_YfEMX6s-nuFG4ojPfqFt1l-kNjmY62CtjUyqMGGz36R-muPMj9Hk8lE3PAa3QWzbOIMZC8HjDl9Okh2AXQxMVbqVG5TQ6PzqJtxYEsaJ7mNt2t2arpQ0GJwga6oAtXnks_61BcDV6kY0Mi6dfqDuzMvB-EcSSpn9Av-K-a8uviF-4fvVfl1cV1i39gWuWiz3XXuqK2LoZlsYwtb2_oo-HMmWH1Q_VNojIipq4Nhb3dG5YUi2bMMCpY_lj3BPNdOoJkRUF3mXYV6Ahq30gFO__C73OJiMjezGImm0gZ1HWNxvNKAS4YqVLjwsJiJmNfBj2k0v6iK34gFwclW21PUtjb5O7AMuN_hPItj_mcOHTwcXVnmGBhvoHYT1SlLlstc8I3P7jEC2SZpUd62uSJMnYVzVTzwgff8D8wLjJZfzRQ0JnWw4bmhppYbkv67O1vlromsOnFP7emmWFt27ULsC_CGjhwhwCIbxwKOmPN8MCN0aVHWUmzj8AXt2SPQrMQC1RbOO3kfheukE-YJ6hESFpTd-llBX6HbxKGd7g0fXguz9HC69s9YTW1kWH8h5AYHuv9cbbiA&sai=AMfl-YR2Kmo5VgFr1mGdEoH8LiDIO4U1y1FBS8kWeLxEc_tPSsqtY2kkHshInmtbouqnALoERwTIpkUHtRwQt7cXqgbZBY1E4NRhrCld5iUpj5bg6Uemuo5O2ICrwgv67H06zTPihSW5R4hEYduzVcTtbEVJx2zHeAIqa90oa2x8JzXAf9rpX1iOneRAA6Poccri4pSbZVw4TO3t8pePuACx7-NkqefG-q38UwsA5SQcVo5DbRjdPQM5-wUHSsc08uHzDhNTH4Y&sig=Cg0ArKJSzCjZl-x5ep9JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=73&cisv=r20230726.45743&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 31 Jul 2023 01:31:58 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 76AB 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 05:58:17 GMT

GET
H3 200 VMHXwlRl0aRovV9KE1XlRs0i03xOSg-zEwyRWzidyeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F5A 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMHXwlRl0aRovV9KE1XlRs0i03xOSg-zEwyRWzidyeg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c1d7c25465d1a468bd5f4a1355e546cd22d37c4e4a0fb3130c915b389dc9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14843
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 11:26:05 GMT

GET
H3 200 GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 76AB 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:01:23 GMT
x-content-type-options: nosniff
age: 156635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jul 2024 06:01:23 GMT

GET
H3 200 GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 76AB 23 KB
23 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:19:41 GMT
x-content-type-options: nosniff
age: 173537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23636
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jul 2024 01:19:41 GMT

GET
H3 200 GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 76AB 37 KB
37 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansText-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:10:59 GMT
x-content-type-options: nosniff
age: 213659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38296
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Jul 2024 14:10:59 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E511 0
0 43ms
43ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA3nmtdjp8kaDgCx_b3Jy7dl0AHhrBQGpUgKUcYd1s1pG1mtu7-sqORKxD5LmiUw1QdTvwcm5o_KLxWcT6BaPqqEDLBqWA2QaqrEN7SwACiJJfDWpzwwvDCSkyZKV9iGd0rfpXeXBcuuuYptET_S80tJLCt8TvBjl7lZsUyaWRxOr1xS-psQ9jwVrAzgEossFhcthk-DubyPRdeoymsBWlGiIO-zfq8ERgdst6cG8Pn_WeDJOQtk5XJ9eRVyfFnwf4OHCJUHNAkztoVkHul-Hpf57_OkJlG1XkgaYLrt_rBSqxn8A8KZtAgDqAUaOb0O_M6s0-i6E6tkXSbgh3ED_l6iv_rCd5LYOXooG7DHXQJUCDo96X0RnJKhhlorIP_UOaBHWNbmqGGIycbM8cKP3DMzbqarkAkamXUage4HPPRI8RqUFj7eJaTxShYF5SqT-ueSRAzC0T9xBlBHlgxlipIwS6RQofXP1TZL_DHpvUL4365-_dKo5DuSDaW_Djrewk3aKxs3eEYCCpWxwc4m_KO9dGd5RUU9VU5T7Y1CdtkaHwANpN0p-u5u6xDQY-JdiiVuh3-B-3Hyo4Yv_ZqFbprUCZzhVeITFzTXeNWG0iY1c0LAMWo4stoaVeCP-nsJVC1jjXLaQcTTVZwjP0-5yUKkMo52dIiwdB7Qb5KA-bB8ys3wbopinQ5zeui0_YfEMX6s-nuFG4ojPfqFt1l-kNjmY62CtjUyqMGGz36R-muPMj9Hk8lE3PAa3QWzbOIMZC8HjDl9Okh2AXQxMVbqVG5TQ6PzqJtxYEsaJ7mNt2t2arpQ0GJwga6oAtXnks_61BcDV6kY0Mi6dfqDuzMvB-EcSSpn9Av-K-a8uviF-4fvVfl1cV1i39gWuWiz3XXuqK2LoZlsYwtb2_oo-HMmWH1Q_VNojIipq4Nhb3dG5YUi2bMMCpY_lj3BPNdOoJkRUF3mXYV6Ahq30gFO__C73OJiMjezGImm0gZ1HWNxvNKAS4YqVLjwsJiJmNfBj2k0v6iK34gFwclW21PUtjb5O7AMuN_hPItj_mcOHTwcXVnmGBhvoHYT1SlLlstc8I3P7jEC2SZpUd62uSJMnYVzVTzwgff8D8wLjJZfzRQ0JnWw4bmhppYbkv67O1vlromsOnFP7emmWFt27ULsC_CGjhwhwCIbxwKOmPN8MCN0aVHWUmzj8AXt2SPQrMQC1RbOO3kfheukE-YJ6hESFpTd-llBX6HbxKGd7g0fXguz9HC69s9YTW1kWH8h5AYHuv9cbbiA&sai=AMfl-YR2Kmo5VgFr1mGdEoH8LiDIO4U1y1FBS8kWeLxEc_tPSsqtY2kkHshInmtbouqnALoERwTIpkUHtRwQt7cXqgbZBY1E4NRhrCld5iUpj5bg6Uemuo5O2ICrwgv67H06zTPihSW5R4hEYduzVcTtbEVJx2zHeAIqa90oa2x8JzXAf9rpX1iOneRAA6Poccri4pSbZVw4TO3t8pePuACx7-NkqefG-q38UwsA5SQcVo5DbRjdPQM5-wUHSsc08uHzDhNTH4Y&sig=Cg0ArKJSzCjZl-x5ep9JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=194&vt=11&dtpt=113&dett=3&cstd=73&cisv=r20230726.45743&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/VLzovb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 01:31:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 76AB 7 KB
5 KB 33ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc0aa49fcad666428472b1c7f1d44fedb2934eb9c7af3d3ba0ad078bf9ea16a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5589
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 76AB 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11952719878557111332/logo.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:57:56 GMT
x-content-type-options: nosniff
age: 156842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8111
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jul 2024 05:57:56 GMT

GET
H3 200 60015186_20230202011701910_award_logo_970x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 76AB 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011701910_award_logo_970x250_default.png

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 21:22:41 GMT
x-content-type-options: nosniff
age: 14957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2309
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:17:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 21:22:41 GMT

GET
DATA 200
OK truncated
/ Frame 76AB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 60015186_20230713060114117_970x250_eGV70_image1.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 76AB 291 KB
291 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230713060114117_970x250_eGV70_image1.jpg

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90c252b560f49d50351e7aa6532dc49dfba87f11d443dc1e99c001123956ec91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=0IwoqbBD3g&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:07:08 GMT
x-content-type-options: nosniff
age: 69890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298100
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 13:01:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 06:07:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 76AB 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 01:31:58 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E32 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F5A 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bvko_Dg_HZJ6SDMS1-gaws6DoDwAAAAA4AeAEAg&bg=!RkWlRRHNAAa5zpvfmc47ADkAdvg8Wtf8i1Bdf5rfOD8fupDOY0l7mybNpAxS5lmiUqHa0AJW8Kw3ffEAUyGDKBofyncEEtME9x8CAAAAmFIAAAAKaAEHmQMLtJhv-yhgtuJ32gDWXJ_ZS5Tp_gP4m31dXOODIo89I4-23C7gSygh6AHJeBh-IF6qgD3p4SPLwh0qv5noiOYIwkz3ffZKFtcwdiZTus5kcF9QCw7kTcw4miSWlNQ5u7QlY5daM-uYgSVr0KZqpg5mmafQ0kVRqzHL5vtm_LIc4tvQk4tF0iRyqNqHyrkG2FdJcFtSmO-k3nNLEm6vjvEddANMa1Qw6FiJJ9LtcNRxdgNWqJvDGmZUAzHssdMdCmqh8R6MaYLjTmAzJs8e53PpV1VtPqa6pjaT3FhObOAXOS_-CGTI3hTtuB2PSkiGofY5EKgUBIlptWZgAzVDbKBM0rVXIU_tl8qeo8F9cqUzGlMfNJBIRrMMwuts5XrkLo9exuQu0y-wyKXrGeZ6M4k6_0YHYGFPVEf7b8zgPrEmpr7Kx6UaTxnFjZIM8fNVvbUGA6tIeXYY65TILU9K49o24Y62GvlEEhjnJDejJSu7aMNYbeOUIV5dUwdBQsgku3CcOkNSZu7eB5c4a2kBdeKaF9PSgcy93EQ3zJ5dmesCQKKdg9-BKYXD6xkhtFrBLVp4njFRmBMwIvdvpL9bMjZzSUvEopfCQka9zJt2YtHzOsulOkglR-2mfRRzvyNRqFdw8cln0l06BaM-aR3L2VqQXIqSCg00hKB4qmkGzUePaed564c_Q83PenxYVYVUu8O0EBczgYZw_F1RHI3l1jyFSsvR34UulkrVlsvrqAqxLPnB7XSzLUqvi6OR8f-Hc-C8UA9bvTDbWVxROBk2OXGjOJJOOrWwG3CX9ft0p8lug5yVMlibmvVNCQR3ZEO38NNpE9tucXpO5z_f_TYaO27q_iHxPHsq31fNanT7eVHx4OWXDhk71-AbOuwUfr_UtUVd_HqF8JboJ1dfKAdFjx35ztHY9Xh4KD4FbF_wUXKIOjujMD5ImqTvyyG4b3UFuFdU9JBObGdTqomhh1qobbDPcn9Y3yNH8goJx68ojf4gCroz7wUB6gj0zB8nMYkwyHEvYh1G7y1aft_7B5U

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1CF 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssISmGXCk5gqca-BI9C1W2NIItbbRftJuaD1-q6HWs_SYaD0cLZuOR6BIB-LTQXaA2KW1ew4cdtXHijV4xO-bLG5ZaGr8-X_SL5-A8c_y8hTXH-ebi0hne1O4F8LTJpMVTCx-0GR7JbwGPr&sai=AMfl-YS_WKxcRY_qTlDDmoBFqZMKv3kxeDXcMBdw6Bfm9zZGbejNzAuOA3gVWrkThynpSpGotcLPz_sFXRtNrrAWWOXj5Ph4LXTnPapxQY67jWMABggglyhKVGcbmSeOUuBnBg5dG5Vh-of0JkxXnQ&sig=Cg0ArKJSzIBuCapIfXsAEAE&cid=CAQSTABpAlJWuVvwuXXdEnQ5idLSgIYpspV2VlUwFNeMWleWSQlQS1tFaZwXW3n6bwXYtM0aauFwFL6BlG_OoPpx2_tXsuZwSkrvYBE_KkcYAQ&id=lidar2&mcvt=1000&p=584,1000,684,1320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2211854620&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690767117703&rpt=103&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98P4JR415X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5777RW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e8df00ea9d614888da49dddefa6f784bc63a28e831382a29ac80a52ffe508eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 01:31:59 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98P4JR415X&gtm=45je37q0&_p=210898461&_gaz=1&cid=1681493397.1690767117&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690767119&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntdtv.com%2Fb5%2F2023%2F06%2F23%2Fa103736362.html&dr=https%3A%2F%2Freurl.cc%2F&dt=%E4%B9%BE%E6%B7%A8%E4%B8%96%E7%95%8CMT0%E7%B8%BD%E9%83%A8%E7%B4%90%E7%B4%84%E4%B8%8A%E5%B7%9E%E9%96%8B%E5%B9%95%20%E6%94%BF%E8%A6%81%E6%85%B6%E8%B3%80%E8%A4%92%E7%8D%8E%20%7C%20MT0%E5%A4%A7%E6%A8%93%20%7C%20%E7%B6%B2%E7%B5%A1%E6%95%B8%E5%AD%97%E5%B9%B3%E5%8F%B0%20%7C%20%E6%96%B0%E5%94%90%E4%BA%BA%E4%B8%AD%E6%96%87%E9%9B%BB%E8%A6%96%E5%8F%B0%E5%9C%A8%E7%B7%9A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98P4JR415X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98P4JR415X&cid=1681493397.1690767117&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98P4JR415X&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntdtv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98P4JR415X&cid=1681493397.1690767117&gtm=45je37q0&aip=1&z=19435720

Requested by

Host: www.ntdtv.com
URL: https://www.ntdtv.com/b5/2023/06/23/a103736362.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntdtv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E511 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpP2jvWZlF8J26KUbleYQlrgjzTDDLD94jUrLAyX_A_HjwK-RvClqE1Y6RtgNt-R-_tCD8cn2Vp5LRhFpYCkZg7-m8Otv_iKDL1y7zFXOe98_5s4W9dnIZk83PUw0gC23BkGDlnjDcNEq9&sai=AMfl-YSZvoND0K4-3AfrwSsGtK0w-qsNxeu86DOsKCXXQbsGvDkW_pqB6wQCumO1Oy10PDdmBKqJ97KSsVvCXgYQWhyb2ZLFyjBFIacd63CCbpq0m_WuEOBMux7nryCI&sig=Cg0ArKJSzGIaPGuT8A16EAE&cid=CAQSPABpAlJWYybVt6ZwYxlbNLijRQimaR0EX0u_BX5MVC017e_ymhq0dNASS7vcDnCeqUSuEG7MB51t73Tp6xgB&id=lidar2&mcvt=1000&p=446,315,696,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=856752424&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690767118112&rpt=194&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E511 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9714425182958&version=m202307240101&ct=76&x=1&cor=15507264865904503000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Domain: analytics.ad.daum.net
URL: https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 23:15:27	Name: _ga Value: GA1.2.1286292767.1690767114
.reurl.cc/	1970-01-20 13:40:53	Name: _gid Value: GA1.2.490372351.1690767114
.reurl.cc/	1970-01-20 13:39:27	Name: _gat Value: 1
.reurl.cc/	1970-01-20 15:49:03	Name: _fbp Value: fb.1.1690767114628.828466352
.ntdtv.com/	1970-01-20 23:15:27	Name: _ga Value: GA1.2.1681493397.1690767117
.ntdtv.com/	1970-01-20 13:40:53	Name: _gid Value: GA1.2.1714298271.1690767117
.ntdtv.com/	1970-01-20 13:39:27	Name: _gat Value: 1
.ntdtv.com/	1970-01-20 23:15:27	Name: _ga_PN3NJZ2HR9 Value: GS1.2.1690767116.1.0.1690767117.0.0.0
.quantserve.com/	1970-01-20 23:09:41	Name: mc Value: 64c70f0d-0a1e2-2511e-57311
.ntdtv.com/	1970-01-20 23:03:55	Name: __qca Value: P0-1841858435-1690767116965
.ntdtv.com/	1970-01-20 13:39:27	Name: lotame_domain_check Value: ntdtv.com
.criteo.com/	1970-01-20 23:01:03	Name: uid Value: 7a3da600-2c62-4ef1-8330-1fbbc0f28286
.doubleclick.net/	1970-01-20 23:01:03	Name: IDE Value: AHWqTUnPaJ1d0G4NZ89ghnQyIgwb03DtD2UCCXU78tvzBsbLdA_LVStUXsJEBnsCdx8
.adnxs.com/	1970-01-20 15:49:03	Name: icu Value: ChgI159BEAoYASABKAEwjZ6cpgY4AUABSAEQjZ6cpgYYAA..
.adnxs.com/	1970-01-20 15:49:03	Name: uuid2 Value: 5359833833821436567
.ntdtv.com/	1970-01-20 23:01:03	Name: cto_bundle Value: 9TSF-19zYndETVgxQzBBb2cxUWo5Rks5bVI3cldjZDlpdyUyRktlSUVxVSUyQk1Ia0p3R1olMkZiZHIzSHZmcEdjdEFuR09WUHVJWnFDck5tWiUyRm1MJTJCVUh0anlpQldMRHNTc3RHd0tNWW54VHdnNDJ4dlFuRjFRcndpbmFQQmo2OEpXenpmSVducHprZjBoVXR2cTclMkJCJTJCeEdiQWYyUWxZUSUzRCUzRA
.ntdtv.com/	1970-01-20 23:01:03	Name: __gads Value: ID=c89f951e677e63a5:T=1690767117:RT=1690767117:S=ALNI_MZj1Fc1RPU74p0-nZ_bGLyZoeeTrQ
.ntdtv.com/	1970-01-20 23:01:03	Name: __gpi Value: UID=00000c4948827a1b:T=1690767117:RT=1690767117:S=ALNI_MbPQXPWIBOd4iYP3xFX4_BLYTBI5A
.adnxs.com/	1970-01-20 15:49:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Qhb3jH!]tbPl1M>e)ZlrFUfJ+tGXxo@QQ^0)cR7`#FnNaIU@Y(kD>6z:YLs>a6Uu($bpRzqF1`*b_9B)xVeA
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s85199\|ZMcPE
.comments.ntdtv.com/	1970-01-20 13:39:30	Name: DJYCOMMENTSESSID Value: 8l8r1h5c6gdj6pmbmi0s9a01d1
.casalemedia.com/	1970-01-20 22:25:03	Name: CMID Value: ZMcPDbsmleLb9f7auyV0MAAA
.casalemedia.com/	1970-01-20 15:49:03	Name: CMPS Value: 1148
.casalemedia.com/	1970-01-20 15:49:03	Name: CMPRO Value: 1148
.dable.io/	1970-01-20 13:58:04	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 13:58:04	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 13:58:04	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 13:58:04	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 13:58:04	Name: _kko_ck_match Value: 1
.www.ntdtv.com/	1970-01-20 23:15:27	Name: dable_uid Value: undefined
.ntdtv.com/	1970-01-20 23:15:27	Name: _ga_962LDZH4HM Value: GS1.1.1690767116.1.0.1690767118.58.0.0
.doubleclick.net/	1970-01-20 17:58:39	Name: APC Value: Aa3gxNq-OVNmqWv9j_ndtuY6wkSqD26R9zGXHQZL9lyjpbokXZFUJQ
.3lift.com/	1970-01-20 15:49:03	Name: tluid Value: 3173928858289642338338
.simpli.fi/	1970-01-20 22:26:29	Name: suid Value: 97C241DE5A634D1CA7C19626E8768A70
.lijit.com/	1970-01-20 22:25:03	Name: ljt_reader Value: HEe7sGZHi1W7x9U1SHG96vUG
.pubmatic.com/	1970-01-20 13:40:53	Name: KTPCACOOKIE Value: YES

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.ad.daum.net
ap.lijit.com
apex.go.sonobi.com
api.dable.io
bcp.crwdcntrl.net
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm-exchange.toast.com
cm.g.doubleclick.net
comments.ntdtv.com
connect.facebook.net
cs.gssprt.jp
d31qbv1cthcecs.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
ec7ec8d2feb8bb138572568855fcf065.safeframe.googlesyndication.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbx.media.net
i.ntdtv.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dable.io
imasdk.googleapis.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.quantserve.com
r-log.dable.io
region1.analytics.google.com
region1.google-analytics.com
reurl.cc
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
static.dable.io
stats.g.doubleclick.net
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
vs.youmaker.com
vs1.youmaker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ntdtv.com
www.youmaker.com
analytics.ad.daum.net
d31qbv1cthcecs.cloudfront.net
103.243.202.190
13.125.41.255
13.248.245.213
13.32.99.90
130.211.15.150
133.186.12.15
142.250.185.226
151.139.128.10
162.19.138.116
172.217.18.2
178.250.7.13
184.30.24.22
184.31.93.220
185.64.190.78
185.80.39.216
185.89.211.116
2.19.126.197
2.19.126.209
2001:4860:4802:32::36
216.52.2.86
23.192.153.28
23.212.88.20
23.32.238.33
2600:9000:223c:3000:6:44e3:f8c0:93a1
2600:9000:2250:fe00:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700::6810:5814
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9c
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.35.121.183
34.251.163.198
35.185.130.121
35.201.68.206
35.204.74.118
35.244.159.8
37.157.2.229
37.252.171.52
52.223.40.198
65.9.66.97
69.166.1.14
09b82d32c0de32ba6968314e839854186ecc65c49fffbaaa6363914c8e8f966e
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
0b6c3e202b612b28961a26934f17381fe082f2ce5560d0db8868298186df6d8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0cb508d558cc7b6be7d0b20728e15d3cbaac7478d5c7e38b6a235a09c039b618
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1503b9a3d86e2727c8679f41d4857684712f4f2efd63b9b2cdee0670f0c417a5
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d4af10fa91fc14c6e5e6c338ab4fc39f4171f076425aee50af12fc91d980739
1e893d9d08e299066d456411275512ae990cdf931dcd417c4d547865db8e5434
1ef293e035fecf8e3d222cb1787b3c179cb83beef535c09aedfeffeff3ee9f51
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20a55197fb455b9141c43ffabb08b2907ed811a27beffc1e893e1b430b727038
220219f0c86902611683b2edbeef619e7e74879cd0339e96859ced2f8f254630
25d8b81f13a628989817a00625bf8e79f7390de1805045e32e675df74f314c40
289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba
2f29739f378036171a5ef28efa038a205f3298d7e81a5e8ad51968fb34d04640
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
30971a1ca4cc5310a4f53c814620c9bb0d08f98e937994dccb2626aa1e24144b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e9c29bfc3c6b3f65788b70ff315d7dc05a619b79ef4ef0f93b105c3261e213
35635de9b4a952c6658473ba73f5212941f9b91c1e8fc3a5e6849970001d868b
38cbe66f94798e6d75a449709d7d8fe96d6ebf31af68cb95540b9d6da91b1a2d
3b157f13dd06e1b5262a60d36a868d52274f16b87099cf3482d0a35dda23fa31
3e2fe26bdf82fde60747b968ff3a414de605b01613b97f0a44d46162cdaca916
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
406881bf31e90bf703368e1f00ee94ef002963f120457802f98529e21d5c78a1
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
488827c62b3d0d9238fe43e92dba59b602e110fb511d9dbb995f48254c80f25b
489582e266a3b5486e998e8bb66c1c129b6458e52eaff33dbca92660185a5728
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8d3e1de3c4191a4427bb12e6562dfb4c150402b8515e18a0fc6ece6bf182a5
4b9e1c635ab05b1b0b8561156459ab7b7f05a5ad6d1134831632b11c77b8f9ae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe7dd0baea47aad045c280b140ab72f66fa411c2f5c06562e85e136c0d82b38
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54c1d7c25465d1a468bd5f4a1355e546cd22d37c4e4a0fb3130c915b389dc9e8
561c87d5e8e3dc398e400ffa7a179f2d2b380570ed2867045160abb061cfbb0c
5915830010bc69041cc577895687433e098a3b138f0dfff42844ad844602639d
59506d5c3f15e0d9a46f47d18516d66b30936854eaee426a47821f32e2cb73cc
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a367918bc6af3e550b8e0087a04a9f788df03a085fca8cf6263678597cfd44a
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806
5e8df00ea9d614888da49dddefa6f784bc63a28e831382a29ac80a52ffe508eb
5f05a25d3c11fb288c27e8ca9ff84e4810a9d434fb1b57aa0b0c1f186dbb7a8c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d6c03167654afe11c674165eb9712318181b11714e8d6159cc1cd6184a1d5d
61e1a452830067eaedc7dda12c8a923635c8bc64f53cdfa169bcaca4edf1495b
62a68515473d6907d530ab3f499f64563e5e3aeecef913ef94898f5779517bfa
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65906555c0e97445b1f91f6ce64badb800f5070e2f7f1cc749d089d14672fbc4
6a44edbad6613d6160ac8ff42598afd84726d84043ce8d8d0f3f759dbe3a0c52
6f2b088aa8e31f6aa69a20959b7e031811a1409944d13cf713969ccf42d4c1e4
6fec69095b49e1b304b0223c14cf36e6a4cef6cbf78b9f95c786bdfa8b6f0fc4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
758404fbe7e8bcefea4afca02c918d61efc49b9071a7e703ac54b1343f01bcde
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
8293680d98f41e221b3e344fee477d8951fde8a92c24dd4c7229266a97b8299c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863f4058ba26c543181a5228413ef39472ad234963dff121497a5fcb1833eec7
8a2758409b7d225ffc38895f6048b8110500b6bbdca4f34fc0e8856480cdf275
8c49d453f88f6c88c8d4518e3ce3d575764c46d27be613c29c0409d0956769aa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
90c252b560f49d50351e7aa6532dc49dfba87f11d443dc1e99c001123956ec91
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
94b54caed3eaaaaa5dc03a996662f4d44a98712bb729e5dda6f44f1e5849093c
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b139bd5626a7338b220477f7436ba773ae4f7c9292c31b16f5416026b081092
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
9f4e3469e4f1d2610135ce7b5e4b384fbd6364d61795b5388156e12e3246e6fc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a127eef0775c11e5bd208b991599eaffae399647b2b080a4dd2a565f838d1133
a1b3698cebaff99d011c1ec18557706e479d4812553ee3a6517d8204383dfe23
a2995e079dafc5e698f2cc58381b26bacfe19e6ccb036737bf4e513e58abe9b1
a484754a857b3ea7105fcb2d7b2a35eda49bf86c1e22973c48d75bfca67d503b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ec5ffb7c7817b73608c16ff03fe83151bdb3377405aaa8a8f86edf28b9436c
abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591
b2f4ad02d26db12fbbb727d60ad2c908a0bf40c7ce506c194469ffc5ce02acd8
b33dabc45ed56acdbaea6b9dc6ad05e7a886def4adf52ec0854f04f4bf593f1c
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5
bfc9a6e2d7ec01165c867b7615653bd042333f684b57fa468b9d99863dbb6a31
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1af8482107a39b623534fdda8cf6cf5f68987d4276a4798e5eb1af94a11d5c2
c30b65144045c8117696fac943345ac7170b607d199c4d278bde2566ff7b685f
c4932b55a0a0078c3a2beb5b089571d86414f0a1ea466e9b723b2a951a86b99e
c5c9925cbd947e52bb8f403143c9e962fb4897be59e486f2db0c75dcd70fd74e
c68776948dd802d074f7bde7316d970db42bad3342bb43b907f5d05f5ae35a74
c90166bdf9fe6cfb6eb88a22b02c0146d4f0486290940acf52ac4f8bffd1692a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce323aa953ae069b9da58d3a6d9f9e132a21abfc4c90930f15ece4938a76bdc3
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3271d8526d35e55c39bef7a16c78d55b1f6410b22bc84e83aeae8a8de199488
d54a0efb531889c852c5ed1466e5f5dfaeaef2f3cdfb34ba8312d95d6b12ab3f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dbdd0a2db07ea319da0a8650670d12b3220336ecf83e8c17175917fa77bda767
dc0aa49fcad666428472b1c7f1d44fedb2934eb9c7af3d3ba0ad078bf9ea16a6
de2ede331d57ca0c304073e340507607b71033826495bfb743bb9fcb2e456d17
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cad8f4ce788667b681e878fd52f5a63c2465e7f1c6a11666bf81de9a4b8ecd
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119
ee1f7b4dcefe3c544dd06bd87084742d9a1e7469750ef876561bcdee63bd2261
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268760d8d33de5e13fd73e5682667ac6eba4365a60676bf49e6a7c2e4b16a06
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a
f5fa1444ddc4e15efcdcb8a1f37b1ae257c4f8a701dc737aad3b545df1288280
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185
ff4e8fbee7c62563e701d2f055cbe59354ec56d7ba999f2b33ae63d3ed72ec6a

www.ntdtv.com Open in urlscan Pro 2.19.126.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

90 %HTTPS

42 %IPv6

40 Domains

62 Subdomains

52 IPs

9 Countries

3749 kBTransfer

11597 kBSize

36 Cookies

25 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ntdtv.com Open in urlscan Pro
2.19.126.197 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

90 %
HTTPS

42 %
IPv6

40
Domains

62
Subdomains

52
IPs

9
Countries

3749 kB
Transfer

11597 kB
Size

36
Cookies

188 HTTP transactions
13 data transactions