std.stheadline.com Open in urlscan Pro
2606:4700:10::ac43:1bf8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF...
Submission: On November 03 via api (November 3rd 2023, 3:25:36 pm UTC) from US — Scanned from DE

Summary HTTP 433 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 88 IPs in 12 countries across 72 domains to perform 433 HTTP transactions. The main IP is 2606:4700:10::ac43:1bf8, located in United States and belongs to CLOUDFLARENET, US. The main domain is std.stheadline.com. The Cisco Umbrella rank of the primary domain is 351819.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 29th 2023. Valid for: a year.

This is the only time std.stheadline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2606:4700:10:... 2606:4700:10::ac43:1bf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:310... 2a02:26f0:3100:787::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
67	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:e4:... 2606:4700:e4::ac40:ad26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	34.250.238.79 34.250.238.79	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.47.152 52.210.47.152	16509 (AMAZON-02) (AMAZON-02)
1	34.253.158.202 34.253.158.202	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
12 37	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:236... 2600:9000:236e:e00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.22 63.140.62.22	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.36.27 108.138.36.27	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:5600:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	54.228.190.197 54.228.190.197	16509 (AMAZON-02) (AMAZON-02)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
5 17	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
3	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
3	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
3	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
3	52.29.125.157 52.29.125.157	16509 (AMAZON-02) (AMAZON-02)
3	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 16	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	52.76.145.253 52.76.145.253	16509 (AMAZON-02) (AMAZON-02)
7 13	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 2	52.208.223.188 52.208.223.188	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	3.127.126.167 3.127.126.167	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.162.209 35.214.162.209	15169 (GOOGLE) (GOOGLE)
6 8	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
6	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2600:9000:223... 2600:9000:223f:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df	14618 (AMAZON-AES) (AMAZON-AES)
1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	13.42.240.154 13.42.240.154	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2 2	18.196.149.165 18.196.149.165	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:7277:7abd:362b:c0c9	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	54.72.250.72 54.72.250.72	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.66.2.109 18.66.2.109	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
4	13.43.78.194 13.43.78.194	() ()
433	88

48 2606:4700:10::ac43:1bf8 (United States)

ASN13335 (CLOUDFLARENET, US)

std.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.stheadline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:787::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.67.52 (United States)

ASN54113 (FASTLY, US)

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:ad26 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.238.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-238-79.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.47.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-47-152.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.158.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-158-202.eu-west-1.compute.amazonaws.com

singtaonewscorp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 172.217.16.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:e00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-22.data.adobedc.net

singtaolimited.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-27.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.190.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-190-197.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbdemand-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.171.85 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.125.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.145.253 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-145-253.ap-southeast-1.compute.amazonaws.com

prebid.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.223.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-223-188.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.126.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-126-167.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.162.209 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 209.162.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.239.193.130 (France) 6 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.240.154 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-240-154.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.198 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.149.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-149-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:7277:7abd:362b:c0c9 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.250.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-250-72.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-109.txl50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.43.78.194 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	705 KB
71	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836	366 KB
48	stheadline.com std.stheadline.com — Cisco Umbrella Rank: 351819 image.stheadline.com — Cisco Umbrella Rank: 383241 static.stheadline.com — Cisco Umbrella Rank: 500940	754 KB
17	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	10 KB
16	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900017.redintelligence.net — Cisco Umbrella Rank: 252096 hal90002.redintelligence.net — Cisco Umbrella Rank: 251539	97 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	254 KB
16	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	311 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	8 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	101 KB
9	aralego.com hb.aralego.com — Cisco Umbrella Rank: 28573 sync.aralego.com — Cisco Umbrella Rank: 3112	2 KB
8	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	6 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	475 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 rtbdemand-d.openx.net — Cisco Umbrella Rank: 56590 rtb.openx.net — Cisco Umbrella Rank: 695	2 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30616 api.webgains.io	38 KB
6	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	2 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 bidder.criteo.com — Cisco Umbrella Rank: 757	8 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	464 KB
6	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 31	129 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	187 KB
4	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1165 x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
4	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 24339	4 KB
4	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 458 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	4 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 singtaonewscorp.demdex.net — Cisco Umbrella Rank: 322945	6 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 746	971 B
3	gstatic.com fonts.gstatic.com	47 KB
3	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	1 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1335	2 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	230 B
3	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9542	7 KB
3	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5236 ghb1.adtelligent.com — Cisco Umbrella Rank: 7260 ghb2.adtelligent.com — Cisco Umbrella Rank: 9094	3 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1638	3 KB
3	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5524	381 B
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502	230 B
3	everesttech.net 3 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275 sync-tm.everesttech.net — Cisco Umbrella Rank: 709	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598	69 KB
3	andbeyond.media rtbcdn.andbeyond.media — Cisco Umbrella Rank: 33163 prebid.andbeyond.media — Cisco Umbrella Rank: 30387	934 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304	4 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 217997	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	905 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523	26 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	41 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	iconfinder.com cdn1.iconfinder.com — Cisco Umbrella Rank: 64337	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	42 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	75 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	574 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	199 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	712 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 940	415 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	612 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	47 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	omtrdc.net singtaolimited.sc.omtrdc.net — Cisco Umbrella Rank: 235734	345 B
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 21126	3 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 28377	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
433	72

	Domain	Requested by
50	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
42	std.stheadline.com	std.stheadline.com static.cloudflareinsights.com
37	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com std.stheadline.com cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com googleads.g.doubleclick.net
33	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
17	securepubads.g.doubleclick.net	std.stheadline.com securepubads.g.doubleclick.net www.googletagservices.com
16	s0.2mdn.net	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com std.stheadline.com s0.2mdn.net
16	ib.adnxs.com	4 redirects rtbcdn.andbeyond.media googleads.g.doubleclick.net
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	www.google.com	1 redirects std.stheadline.com tpc.googlesyndication.com securepubads.g.doubleclick.net cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com std.stheadline.com pagead2.googlesyndication.com
8	pv.medialead.de	6 redirects hal900017.redintelligence.net hal90002.redintelligence.net
8	hal9000.redintelligence.net	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com hal900017.redintelligence.net hal90002.redintelligence.net
8	www.googletagservices.com	securepubads.g.doubleclick.net cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
8	hb.aralego.com	static.stheadline.com
6	pb.media01.eu	hal900017.redintelligence.net cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com hal90002.redintelligence.net
6	www.googletagmanager.com	std.stheadline.com www.googletagmanager.com adv.office-partner.de
5	dt.adsafeprotected.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
5	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	std.stheadline.com securepubads.g.doubleclick.net hal900017.redintelligence.net hal90002.redintelligence.net
5	image.stheadline.com	std.stheadline.com
5	cdnjs.cloudflare.com	std.stheadline.com cdnjs.cloudflare.com s0.2mdn.net
4	api.webgains.io	analytics.webgains.io
4	5994599.fls.doubleclick.net	2 redirects cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
4	hal90002.redintelligence.net	1 redirects cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com hal90002.redintelligence.net
4	hal900017.redintelligence.net	1 redirects cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com hal900017.redintelligence.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net std.stheadline.com
4	p.adlooxtracking.com	rtbcdn.andbeyond.media p.adlooxtracking.com
3	onetag-sys.com	2 redirects cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	a.teads.tv	rtbcdn.andbeyond.media
3	prebid.media.net	rtbcdn.andbeyond.media
3	grid.bidswitch.net	rtbcdn.andbeyond.media
3	prebid.a-mo.net	rtbcdn.andbeyond.media
3	bidder.criteo.com	rtbcdn.andbeyond.media
3	rtb.adxpremium.services	rtbcdn.andbeyond.media
3	ads.betweendigital.com	rtbcdn.andbeyond.media
3	prebid.smilewanted.com	rtbcdn.andbeyond.media
3	hbopenbid.pubmatic.com	rtbcdn.andbeyond.media
3	fastlane.rubiconproject.com	rtbcdn.andbeyond.media
3	rtbdemand-d.openx.net	rtbcdn.andbeyond.media
3	dpm.demdex.net	assets.adobedtm.com std.stheadline.com
2	cdn.track.production.webgains.team	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
2	analytics.webgains.io	track.webgains.com
2	adservice.google.com	5994599.fls.doubleclick.net
2	sync.1rx.io	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pm.w55c.net	2 redirects
2	track.webgains.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
2	static.adsafeprotected.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
2	adv.office-partner.de	hal900017.redintelligence.net hal90002.redintelligence.net
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	fw.adsafeprotected.com	1 redirects std.stheadline.com
2	ad.doubleclick.net	1 redirects
2	i.clean.gg	cadmus.script.ac
2	script.4dex.io	rtbcdn.andbeyond.media script.4dex.io
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net static.stheadline.com
2	static.criteo.net	securepubads.g.doubleclick.net rtbcdn.andbeyond.media
2	sb.scorecardresearch.com	std.stheadline.com
2	www.google.de	std.stheadline.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.amazon-adsystem.com	rtbcdn.andbeyond.media c.amazon-adsystem.com
2	cdn1.iconfinder.com	std.stheadline.com
2	connect.facebook.net	std.stheadline.com connect.facebook.net
2	rtbcdn.andbeyond.media	std.stheadline.com rtbcdn.andbeyond.media
2	assets.adobedtm.com	std.stheadline.com assets.adobedtm.com
1	ssbsync.smartadserver.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	match.360yield.com	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
1	rtb.openx.net	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.aralego.com
1	csync.loopme.me	1 redirects
1	x.bidswitch.net	cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	prebid.andbeyond.media	rtbcdn.andbeyond.media
1	cadmus.script.ac	script.4dex.io
1	ghb2.adtelligent.com	rtbcdn.andbeyond.media
1	ghb1.adtelligent.com	rtbcdn.andbeyond.media
1	ghb.adtelligent.com	rtbcdn.andbeyond.media
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	singtaolimited.sc.omtrdc.net	std.stheadline.com
1	wrappers.geoedge.be	rtbcdn.andbeyond.media
1	token.rubiconproject.com	std.stheadline.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	singtaonewscorp.demdex.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	rtbdemand.apiip.net	rtbcdn.andbeyond.media
1	static.stheadline.com	std.stheadline.com
1	static.cloudflareinsights.com	std.stheadline.com
1	imasdk.googleapis.com	std.stheadline.com
433	108

This site contains links to these domains. Also see Links.

Domain
stepaper.stheadline.com
stedu.stheadline.com
bit.ly
apple.co
www.facebook.com
www.stheadline.com
hd.stheadline.com
search.stheadline.com
eastweek.my-magazine.me
www.thestandard.com.hk
www.singtaoopo.com
www.singtaousa.com
www.singtao.ca
static.stheadline.com

Subject Issuer	Validity	Valid
*.stheadline.com Go Daddy Secure Certificate Authority - G2	`2023-08-29` - `2024-09-29`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
andbeyond.media Certainly Intermediate R1	`2023-10-31` - `2023-11-30`	a month	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-09-15` - `2023-12-14`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-10-02` - `2023-12-31`	3 months	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 42 frames:

Primary Page: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Frame ID: 6315F8702E579ED6B28372FBBAF00EC6
Requests: 167 HTTP requests in this frame

Frame: https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0
Frame ID: FEB45D886D37833F89BA06906DD09492
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=310801532769039&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f64cf6d784a94%26domain%3Dstd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstd.stheadline.com%252Ff11c312ced714c4%26relation%3Dparent.parent&container_width=680&height=100&href=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&locale=zh_HK&numposts=5&sdk=joey&version=v5.0&width=680
Frame ID: D84FE3F843477DCE1068D4FED89062BA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=std.stheadline.com
Frame ID: 5458D41C9BAFBF26A1A6E8E4A820128C
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 981D01ED778181B5558B7B110EC1A525
Requests: 1 HTTP requests in this frame

Frame: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5E9A2F00DED8509596C293C5587C9A20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C752724DAE8B17F8942FB75A9BF99806
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 53C9F5E9AB7FEED07A76274FA1382C2A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv16j8JpFvTGS0ODfOukavq41yws1H3mtIW_0Znd81s3f2wA_Hec4Q--f3CiteCzhrAIffrcnwZlrGtG3I2Vc-sSvSbPJ4SOkuqxpkDotY0OFrRrnfalrG9hB57FKB8_-WjS3jX4bvvlTE9aRxxfQj2sW6ljTlignzXDxcl2ZGolLd48V33VetwNrPil5shfbCZjnVdwVOEXba4ZQ0_1eUR-pq7xNINuChdhNH4AildQP-EQSVpRJRvqXmhs3UtnwVX9fhWXvRlHSFDCj4Ym3tKWns3q5RA6xJsuaoIDDL6ixJgTFwdx6dB8XgZjTYKKMnEw3_oNpQqoPkf0oAd0SbgFftuJQoD7sgGoQfivqqJJkoLJ0Y5p1R7W9NHxrOXbIPzWsA&sai=AMfl-YTnMJEJ-Dm4Pdk7GWWNRh-wFm17QJnrGvix9yBwOEMF8qJCHYehqfW5lAvj_-q0K6ocL7Rzu6i4Ep1wu2dceycbvKNGkQMpx_Dbga0td977sDCUuuD0F_wi0XQKvA&sig=Cg0ArKJSzNH4PFyIJf8IEAE&uach_m=[UACH]&adurl=
Frame ID: B68771CC027846F8BBE5921548C05C7F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: F3501E1EAF4B4B813217113C713EB3F8
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBkTGwPcVyD5TVivweVYtPqW9xqn-oHP0sutALoGjPfH98Hg_RhBfuVoJsEjRCXNM89rcktTpa-6o2nt24NIxYXhcgRjy8SPl3wguqFDeczqRqlgoc9LrlHG7s6JnVAF6E-L3cwqhtFYGUZzL1dQLye71J_x0mKYVJNe0dCUO6VZF-2cgr4RY1ZP5TWldJV0YOwtyhmYxWI4JWR9RagyX6vpyK1lcRc1yt5x5TEuLDoZmGxbQv3Q0ptkUSDBDTWdR82MG1l8wxEaPVXmcakq5wSuv_RpaLQGLzq1YUiVH4fnBLJTrqG5QGbvUOQfa3vFoHUfUXYlbWRSKfno_ZlNFZ26-ncAL31JyhxO1DdnxgAgXIgV3dhuz02pvRskbW_Q&sai=AMfl-YSR_snZwknpsz6v0dTRzPMk13jvYZwNz-Fa_igUz_NJFOtj_HpnzE1bplz9ea0VAyjrIMuxM1pvYAxDFLFGuq4TiV0clKvl9KZC36tjIRsO1hOPymYlZf-XJ8zuew&sig=Cg0ArKJSzIgqfQYfyKLiEAE&uach_m=[UACH]&adurl=
Frame ID: CFF6B54155BD1970E8CBA6AD51701E9F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOucuxeJuMP3bKcnT8apCaBsSm0dZO-f_JBjn4sPn9OlcJeMTO4Y0ayhi-FfopXYmghC_JKoUDvl8BwjfpXcmA8IWVOPD3uxqv1Mv0OngJX0LMaXSvAMTLsqW0DyA3GYp1Z3kHoCwCY_iDKnFvIt-x3AjkhwnrM6FOrUHpz4u6sO7pefvZ4gHlLlAbwZCOY8CYZogor9eT7_bUYOEjD6-jkCd2Do-cF_DbOjNk9mhuMOqu4HrEa7kxOkn5NO_MKgnPgj7y6Int1Xj5NhV4VmKxPJTJYeJr84aknDyH7vUUJv8ijWQWOgatDVjXCQYxd6A8em7oMav0ocP4RUwB_YG830FNh-9ncMLHgXYjQP-hoZQX1sxuOxgYAs0wPmk0Dw&sai=AMfl-YQcqqrj-1o0ZQK7_mGytjnr1IZGRkpko95V9gvGNJoE0BWdm6CoHXof8W9OIQNhIY_dHm34OdQ3m78JFfg7K3o9-QNicpl6iOJ5gv-KDWCfw8yHbP_2IK0npGOlXA&sig=Cg0ArKJSzFKUlEtranRnEAE&uach_m=[UACH]&adurl=
Frame ID: 6E8F1A9807B3C035C204FA5393EC684A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv55Z-acFIdPmNd-egZybQfS1zShAfZ9KB-3gQwhHTuLy_VoPsrXpQq5ec9buIxp93drfIeWwsf5DxJqoss7P6jpOtXGrj-3oxTZt-MDagHdnTRDbNPk2qwopq0w8BxBWJ6N96tFVm1mkfodp7HUkfOviavz8M5BcMvgqLN1o5MAzaM7fTqfeiXETWRKYuHrDEwC4OrMYPDqd244w2RzS6eX79zi_XtCNAnhwVb81xnbzgrHZGHoqUWK0W7UJw2khesQt2f49wMlKJIFo9cTtn0FJDxBsHnbAuBX0DPeLJwr2wPhsPfuPrv8-CuI5mOjz1FNGlppSoQGx9vW5RlyijorRaz7ISOJLx2fQXJ5jyK73EXBrjDvPIqOzDE41b_JQ&sai=AMfl-YTbpq6QvjcExPgDvVO3ziiBwBxN_p5xYxlWDLkLHn4mt893zpfM0SZN6Uu_7QanrvVvg9jlsq3sHtqndEc6Ffff38DjlHkNxk7b4urBnQcxuUZtgv8mFcUG2q6rYQ&sig=Cg0ArKJSzM-UjhsMNEiiEAE&uach_m=[UACH]&adurl=
Frame ID: E7CF63C8AAFB097DD4EA3FBFEC81551C
Requests: 8 HTTP requests in this frame

Frame: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB10E83F3329FDD3C006C4612BB89958
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: D597F0D9201E96C1ECE7153C8E8A1183
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 226B8C4121C741B644AEA3D79C42A75E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGLm5r_sBMAE&v=APEucNUpjrDMjRfCde6kbVKzk9CdcASkZy921hPwBOXAECDhJBHPms1y3vr2gJ8_WFq311CbHkfdyWTrSSyFsknQgmYoO0_zBA
Frame ID: C63365174265C4E8E912C2EFFBA9E0DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1AAE1E43E928D130CC639F1D9339B584
Requests: 3 HTTP requests in this frame

Frame: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35C6D0DEF65C196C4F9961704FB7D29F
Requests: 21 HTTP requests in this frame

Frame: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2969B67E56DE4433D12433D046A2F650
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWvNJJrfezMbdgXltjNqx0tornds4199h8qPUuSW2L-w5E7EleJkESW7mbftBpkFIbz1qBLskOqqAhienddgwWRiik6MgN1ozR9bQ_mm6sZH1L6NDLwclq3Wx9Q8D6oGq9x_As62lx3XUlG-mGPc78dSMqwvFnFhb9enxIYWCTmkg5C_ic
Frame ID: E58F8FEC954514FE8D4E40EBAE4DE6E7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNV7neiE07lukJNBakPngMjBZ3Wm-I4ks1Z8lSQG9TlyubrkEEr95ZPBgdv2uCW_y8iN9ZpKI8_E2rfw2TRfQgTmE2Iv1iyBn7I8qgjZ7Ggi0LbHa-2YWTuu7iSGc8m2opzPdy9YVAndNPUOgXF6JtwNwlNpNuHhzsElb8uxyx2sWrtR1Wo
Frame ID: 2483E00193A5020283121CDB989147C6
Requests: 5 HTTP requests in this frame

Frame: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75736AC0010FD5168E30B3C7B41B9B6D
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUWDK0ofdRyjThqysMDQOgC1GiSW5jQcjzjzfII3u48IpaeLLW1j-frAHm-SfPZTV--R-YZCeLv8Wrup2xS7fc3tHkoU6ozP6Oqqvf1BR8aSvO8NAXsxUMIAUAcVlg0eCKHtaL2HVVmP1b9KEDF2glHOAGyclx5qahWSV0epupnBOZhBMM
Frame ID: F42230723CE1E5F986293BC8D42A737E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6E1C9E20CEE37F3A001968C59FA28F09
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 27A0144D109D0A264367989F5B7DC530
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0BB70889E8787B6685382D0251E0D65
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F09CB27DF274096B0F42DC136FB5BC7D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: D72076AC91868D05349775B151D17B98
Requests: 16 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 52E9A74D5B1358D92B9E7D697A749892
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: D791DA859BA518766F5131CBBC195499
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23ee&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 4AF5F9395CE6DCD270AD797A072C2009
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: EA4FFF0A5B70B91E3328337D30FABA9B
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A35D5B23DFFB547A52E132561C8245D4
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23e6&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 4319D0FBF0F2C8C9AF8927F8DA5C4D7A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5B3751DC9D1BE00090BC080D5BE6D78F
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37
Frame ID: B31908841701FB064823D6D41507F98B
Requests: 2 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Frame ID: 1EC6B8983B75FB52725D71774CF43AF5
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E702494E777B9C50CDCDBFBA097A9AD
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702
Frame ID: 87D7A3424302AF902F65DC1FD1C0AA1E
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Frame ID: 360DF4FD191553FFACEF05D3B8165558
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37C83E0B6AF423BE0030FDF52D347538
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

傳沙特阿美探路來港上市 | 星島日報

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

433
Requests

91 %
HTTPS

42 %
IPv6

72
Domains

108
Subdomains

88
IPs

12
Countries

5344 kB
Transfer

12504 kB
Size

58
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://stepaper.stheadline.com/
Title: 電子報

Search URL Search Domain Scan URL

URL: https://stedu.stheadline.com/
Title: 星島教育

Search URL Search Domain Scan URL

URL: http://stepaper.stheadline.com/
Title: 星島電子報

Search URL Search Domain Scan URL

URL: https://bit.ly/3Jmbo6L
Title: 星島日報APP - Android

Search URL Search Domain Scan URL

URL: https://apple.co/3Y4YrlV
Title: 星島日報APP - IOS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1-178766115480756/

Search URL Search Domain Scan URL

URL: http://www.stheadline.com/
Title: 星島頭條網

Search URL Search Domain Scan URL

URL: http://hd.stheadline.com/
Title: 頭條日報

Search URL Search Domain Scan URL

URL: http://search.stheadline.com/
Title: 新聞搜尋

Search URL Search Domain Scan URL

URL: http://eastweek.my-magazine.me/main/
Title: 東周網

Search URL Search Domain Scan URL

URL: http://www.thestandard.com.hk/
Title: The Standard

Search URL Search Domain Scan URL

URL: https://www.singtaoopo.com/
Title: 星島海外地產

Search URL Search Domain Scan URL

URL: https://www.singtaousa.com/
Title: 美國

Search URL Search Domain Scan URL

URL: https://www.singtao.ca/toronto/
Title: 多倫多

Search URL Search Domain Scan URL

URL: https://www.singtao.ca/vancouver/
Title: 溫哥華

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/%E5%9C%B0%E7%94%A2%E5%88%86%E9%A1%9E%E5%BB%A3%E5%91%8A%E8%A1%A8%E6%A0%BC.pdf
Title: 地產分類

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/%E6%8B%9B%E8%81%98%E5%88%86%E9%A1%9E%E5%B0%8F%E5%BB%A3%E5%91%8A%E8%A1%A8%E6%A0%BC.pdf
Title: 招聘分類

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/SingTaoDailyRateCard.pdf
Title: 星島日報

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/SunnyCampusandSFileRateCard.pdf
Title: 校園版

Search URL Search Domain Scan URL

URL: https://static.stheadline.com/stheadline/pdf/SingTaoSuperPropertyBrowserInvestmentWeeklyRateCard.pdf
Title: 超級睇樓王&投資王

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=18929616725618372521516930529287439875 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUUQ6QAAALK4mQN-

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTg5Mjk2MTY3MjU2MTgzNzI1MjE1MTY5MzA1MjkyODc0Mzk4NzU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTg5Mjk2MTY3MjU2MTgzNzI1MjE1MTY5MzA1MjkyODc0Mzk4NzU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOuf5xX71x7jpmuFPl_0uMU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 102

https://oajs.openx.net/esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&rid=esp&cc=1

Request Chain 106

https://gum.criteo.com/sid/json?origin=publishertagids&domain=stheadline.com&sn=ChromeSyncframe&so=0&topUrl=std.stheadline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hHuDZXwrREpzVWQ5Q3hMUjkvUWNnY255Q2FwTDlFaEZmMms2L1BaRmhMVXhMZDUyVTlKUFNEUVB1bkRDdG9MMW9ZZkpyaEpGQ0hQY3o4bWsySVpmdXVpTEdNbEZ2T0FkSklJVnNiYTJ0YlordlcrY2VpamNaMVA0UWs2VmlPWi9WVHBnU0dGR1V2L21Fcnc0L3pQclZaZlBSb1IwSlh3ME1mRkdiNXRjWGNMS1JhckYvL1BLaDgyd2JRT1g3ZTF5QUN3MlJaZDFrSHhpUzFncEpWM0dyODlZcWgvTmtIcHhkVEpJNzRqSDhNNWVwbEZXZkpFNjZ0Tk5HT2VJaFJGcms2OWdWb2M0UmduQm9VQUhPODcxVTB2TzlCM1JSSUREOWlqWDl4dFFHcDE4QXRlYz18&cppv=2

Request Chain 242

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 248

https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_pre=CPqsm-yRqIIDFXGhgwcdHyEIHw;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1&C=1

Request Chain 287

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Request Chain 289

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

Request Chain 302

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Request Chain 304

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

Request Chain 307

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Request Chain 309

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Request Chain 321

https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 324

https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 335

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmQXhSRHvAv0LYsliK8SzcgMDgAQkgAaQIFP9DeNqjy5dIRh7-PXHqp-CEYwUpwk_sFE02bouECmzAeNLNUT_pfEXN8mdwVf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmQXhSRHvAv0LYsliK8SzcgMDgAQkgAaQIFP9DeNqjy5dIRh7-PXHqp-CEYwUpwk_sFE02bouECmzAeNLNUT_pfEXN8mdwVf

Request Chain 336

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC4hGy7EE9MfSPCG4Fl9Jwc&google_cver=1&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJlwkldzdy5WScRcAj_v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJlwkldzdy5WScRcAj_v&google_hm=GfdOSkP_QpKNBJvwFZnXp4k

Request Chain 337

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBXJjQpknRfK84kYnC8SfTc&google_cver=1&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_vBAp0aVFWiCgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_vBAp0aVFWiCgA

Request Chain 338

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDxdeNJ_ocjPQ-j9w4fQTCs&google_cver=1&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQHcGYVK5X3wKs8D2dBdc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDxdeNJ_ocjPQ-j9w4fQTCs&google_cver=1&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQHcGYVK5X3wKs8D2dBdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDUyMDk1MTM4MTA0ODQ2&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQHcGYVK5X3wKs8D2dBdc

Request Chain 339

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEf2gNK5OAzAvUscTSdl_7I&google_cver=1&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTdijvQaeRimEzGrfdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTdijvQaeRimEzGrfdv

Request Chain 341

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGF4zCCAJQi0Td6b7rw7_d0&google_cver=1&google_push=AXcoOmT85L1o3vij_h6A8qx0pjDcEKsqvMonkSIsMItUZv8yybEs4VBjH0qA0Hl3EUZV5WvdM7tFyO9rycLUu8SNO5EWJrLWszznLA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4d9054ef-eef5-4c48-a092-e2c9447a60ee&google_cver=1&google_gid=CAESEGF4zCCAJQi0Td6b7rw7_d0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT85L1o3vij_h6A8qx0pjDcEKsqvMonkSIsMItUZv8yybEs4VBjH0qA0Hl3EUZV5WvdM7tFyO9rycLUu8SNO5EWJrLWszznLA&gdpr=${GDPR}

Request Chain 362

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 364

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23ee&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 365

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 368

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 370

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23e6&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 371

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 373

https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20496570232&bidurl=https://std.stheadline.com/daily/article/2555061/%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ias_dealId=&xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gWXzD52NMLX4ivVkTrcrE-&adContainerId=brand_safety_7RBFZezPLMbnx_AP9ZawoAw&cbFunctionName=goog_wrapCb_7RBFZezPLMbnx_AP9ZawoAw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fstd.stheadline.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fstd.stheadline.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c7606e46-5d83-be6f-f314-41da4b979fbe,c:sVeX4x,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-454b8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tUyQjwp+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h*.1627455-73523879%7C1h1%7C1h2%7C1h3%7C1h4,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:65,oid:3b35740f-7a5d-11ee-ac2f-c6b499708e27,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adContainerId=brand_safety_7RBFZezPLMbnx_AP9ZawoAw&cbFunctionName=goog_wrapCb_7RBFZezPLMbnx_AP9ZawoAw&true_pb=

Request Chain 388

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37

Request Chain 393

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702

Request Chain 406

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvCleFzC7CXbNnJZgKSJ01xItBoopIOeLBRG3Q3cAmozofTAWHHkVRzm HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvCleFzC7CXbNnJZgKSJ01xItBoopIOeLBRG3Q3cAmozofTAWHHkVRzm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OW94Q01yeFMxUVlXM2M1&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvCleFzC7CXbNnJZgKSJ01xItBoopIOeLBRG3Q3cAmozofTAWHHkVRzm

Request Chain 407

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI6ddV083PLMGuhLQuDrF6w&google_cver=1&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8ARl-S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8ARl-S&google_hm=eS1lTmZ5dTZGRTJwR1A4U2tkVS5nZEEzMEtxTTZWRTBvdX5B

Request Chain 409

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_cver=1&google_push=AXcoOmSx7oW31xuEg6EwkiXAY7Y9X4gvHe0Egf7OlsG-HoHivFUJG_iOWm5lLD7BVXecRN0y4m0-8QXj6O8i-vvLSg2-Tb0Naij7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmSx7oW31xuEg6EwkiXAY7Y9X4gvHe0Egf7OlsG-HoHivFUJG_iOWm5lLD7BVXecRN0y4m0-8QXj6O8i-vvLSg2-Tb0Naij7

Request Chain 411

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK7AhVRy0MJP0xSJ_T7Pxsk&google_cver=1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699025134714 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-761951b0-0817-42cc-9993-de504dee138b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4%26google_hm%3DA3YZUbAIF0LMmZPeUE3uE4s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&google_hm=A3YZUbAIF0LMmZPeUE3uE4s

Request Chain 412

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9woMeipwxNCAg4urDQgk5zo8ekFQMMNZieLfU6dvnnffCzLc59iaSEB5hujVD9EZzXU-nrtcAtfCBmQ_qWWdX49Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9woMeipwxNCAg4urDQgk5zo8ekFQMMNZieLfU6dvnnffCzLc59iaSEB5hujVD9EZzXU-nrtcAtfCBmQ_qWWdX49Q

Request Chain 417

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmRasn6gmJoAvu4OljTG1ccYOx3g4rOlc249OdbkuGTL2pObBRkKfVNTYbuWnGiziNRmOG3GEp4X7EfyuMyJQRN4khIjfPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmRasn6gmJoAvu4OljTG1ccYOx3g4rOlc249OdbkuGTL2pObBRkKfVNTYbuWnGiziNRmOG3GEp4X7EfyuMyJQRN4khIjfPw

Request Chain 418

https://um.simpli.fi/gp_match?google_gid=CAESEELz1bpsAmskqSn_EvLQoro&google_cver=1&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jjRPtYMIKNYlYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20878A7D028E49F988FD00F48FEE02DE&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jjRPtYMIKNYlYY

Request Chain 419

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBXJjQpknRfK84kYnC8SfTc&google_cver=1&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVOXGgkPtfI6cdm HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVOXGgkPtfI6cdm

Request Chain 420

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_cver=1&google_push=AXcoOmT7UltHF5GYJk_161Buf56mJ_Ou8AitmmCZnR9YWKhvuCkNGJNwNX7z6oPQgbeIQdkeuy3sIb6zWV_QreHlMB6z--MuL-C3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmT7UltHF5GYJk_161Buf56mJ_Ou8AitmmCZnR9YWKhvuCkNGJNwNX7z6oPQgbeIQdkeuy3sIb6zWV_QreHlMB6z--MuL-C3

Request Chain 422

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEf2gNK5OAzAvUscTSdl_7I&google_cver=1&google_push=AXcoOmSEfvx1NDgGbvkBvpadyq7MWtJqdHlMsNLPGT71fxU0Y1FMOlyS7W4OneFndaCa2tfLVhS0lwFFOQC0kIZJneY1NPo30a7_yQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEfvx1NDgGbvkBvpadyq7MWtJqdHlMsNLPGT71fxU0Y1FMOlyS7W4OneFndaCa2tfLVhS0lwFFOQC0kIZJneY1NPo30a7_yQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

433 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82 Show response
std.stheadline.com/daily/article/2555061/ 104 KB
23 KB 1067ms
1029ms Document
text/html 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27cc0dfd5b926712a634872775f4d1c560570aa5eb85aeb80ee5d815c5aae8ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
cf-cache-status: EXPIRED
cf-ray: 8205a148df0b30d6-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 Nov 2023 15:25:28 GMT
expires: Fri, 03 Nov 2023 23:30:27 HKT
last-modified: Fri, 03 Nov 2023 14:13:28 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 launch-EN06b9e6123f8f4b7f9be20b4a81a0baa1.min.js Show response
assets.adobedtm.com/422d68363f75/802594c7dbc3/ 93 KB
30 KB 50ms
29ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/422d68363f75/802594c7dbc3/launch-EN06b9e6123f8f4b7f9be20b4a81a0baa1.min.js
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1e8f4b5858271ef1d49092cf4e82842fcd638995985c7a4660b01594bbb9da02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 02:15:11 GMT
server: AkamaiNetStorage
etag: "a0d58f6653a34e117a393d57431be53b:1660270511.800329"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 30090
expires: Fri, 03 Nov 2023 16:25:28 GMT

GET
H2 200 prod-global-628280.js Show response
rtbcdn.andbeyond.media/ 354 KB
355 KB 33ms
9ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-628280.js
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6680854b14d983460a40ecbef6d72786c5dd607d1348c9df0570f808daca6f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
via: 1.1 varnish
x-amz-request-id: C10ZFX129442ZB4A
age: 350
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 362504
x-amz-id-2: N6joE6dMq1HU7qibSo+T3YivF8JlsSHeqvviMda7Up5wGReI0H6Xp9/qp32OAZXp/ksyGlWR/z0=
x-served-by: cache-fra-eddf8230130-FRA
last-modified: Tue, 03 Oct 2023 03:42:43 GMT
server: AmazonS3
x-timer: S1699025129.869094,VS0,VE2
etag: "464c0d660dcd17647bce26b60d9aa4c3"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pbidcall.js Show response
std.stheadline.com/dist/js/ 16 KB
2 KB 47ms
42ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/pbidcall.js

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fcea8de688740d4cfad7e0312c98c02284589f979e7b0ec5edfbd3d2b1f1b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 03:16:30 GMT
server: cloudflare
age: 64
etag: W/"64ec118e-40fe"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e4030d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 165ms
96ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d36f2b9b3a81e30c93085de22aa1adf9ca51559264c51cb067a8b5a842e709b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31284
x-xss-protection: 0
server: cafe
etag: 822 / 19664 / 31079372 / config-hash: 8628985261000830790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:29 GMT

GET
H2 200 vendor.min.css
std.stheadline.com/dist/css/ 153 KB
28 KB 29ms
25ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/css/vendor.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bdc6084d6c146066a1ae285e612ed7797c2a74e8397227513bd09de57249c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 02:32:50 GMT
server: cloudflare
age: 64
etag: W/"60e51252-263aa"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f4e2d30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 custom.min.css
std.stheadline.com/dist/css/ 135 KB
27 KB 27ms
23ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/css/custom.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b5c1d0d7eb977109eeb792f3a30e0c121f583fd4a015ac2611689b5ba7fec71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 06:59:59 GMT
server: cloudflare
age: 64
etag: W/"65000c6f-21c62"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f4e2e30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 68 KB
11 KB 43ms
22ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 208291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10228
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-111e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhcVpjM5qnNZCOPfuoyAZvvHhSmGFwfhBWCr5D4JQFlGer%2BxeiUeANmQ3nIQiVmyBfzLhUkZggiYK%2B4ZotPIGyQ3sxFp%2FYNZ5SM%2B0RUNGRi0n6hlDOaU5buyMinbCAXdFFqin%2BfgTSrP7Kg%2F%2FWvwQM%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8205a14f69f12c1a-FRA
expires: Wed, 23 Oct 2024 15:25:28 GMT

GET
H2 200 daterangepicker.css
std.stheadline.com/plugins/daterangepicker/ 8 KB
2 KB 29ms
25ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/plugins/daterangepicker/daterangepicker.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 09:03:03 GMT
server: cloudflare
age: 64
etag: W/"5ef9ae47-1f85"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e2f30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 photoswipe.min.css
std.stheadline.com/plugins/photoswipe/ 2 KB
974 B 26ms
22ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/plugins/photoswipe/photoswipe.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46544204ec6165023cf7a0085179226301502e0abc5887469d8368aa0406b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 09:22:54 GMT
server: cloudflare
age: 64
etag: W/"5ddceeee-9f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3130d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 default-skin.min.css
std.stheadline.com/plugins/photoswipe/default-skin/ 8 KB
2 KB 28ms
24ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/plugins/photoswipe/default-skin/default-skin.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c9b3aca8bdeaf648fa31a8048c78beae60c2c1383d9b314ac6628a51fe1f3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 09:03:03 GMT
server: cloudflare
age: 64
etag: W/"5ef9ae47-1f01"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3230d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 video-js.min.css
std.stheadline.com/dist/js/video.js/ 40 KB
12 KB 26ms
23ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/video.js/video-js.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:16 GMT
server: cloudflare
age: 64
etag: W/"640e8af4-a03b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3430d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 videojs-contrib-ads.css
std.stheadline.com/dist/js/videojs-contrib-ads/ 975 B
466 B 24ms
21ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/videojs-contrib-ads/videojs-contrib-ads.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:16 GMT
server: cloudflare
age: 64
etag: W/"640e8af4-3cf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3530d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 videojs.ima.css
std.stheadline.com/dist/js/videojs-ima/ 4 KB
1 KB 24ms
22ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/videojs-ima/videojs.ima.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:09 GMT
server: cloudflare
age: 64
etag: W/"640e8aed-eda"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3630d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox.css
std.stheadline.com/dist/js/fancybox/ 5 KB
2 KB 788ms
786ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/fancybox/jquery.fancybox.css?v=2.1.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4db7cea580d713cbf55a968c66266734d5b859e362827aa3c6b3925641f40f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 29 Jun 2020 09:02:56 GMT
server: cloudflare
etag: W/"5ef9ae40-1430"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3730d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox-thumbs.css
std.stheadline.com/dist/js/fancybox/helpers/ 789 B
454 B 784ms
781ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/fancybox/helpers/jquery.fancybox-thumbs.css?v=1.0.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56781372ef7b3ea917d9a672006ed4dda4805689294733a98dc256c679f64adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Mar 2020 08:42:55 GMT
server: cloudflare
etag: W/"5e7b198f-315"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3830d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.3.1.min.js Show response
std.stheadline.com/plugins/jquery/ 85 KB
33 KB 40ms
38ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/plugins/jquery/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 25 Mar 2020 08:42:56 GMT
server: cloudflare
age: 64
etag: W/"5e7b1990-15391"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e4230d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 dfpv.js Show response
std.stheadline.com/dist/js/ 19 KB
5 KB 33ms
31ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/dfpv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9e86db29fc718cb77a85c53347c4cb0c97b0bf629cd826598454a59944e8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:08:49 GMT
server: cloudflare
age: 64
etag: W/"64215d21-4a82"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e4430d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 purecookie.css
std.stheadline.com/js/ 2 KB
928 B 36ms
34ms Stylesheet
text/css 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/js/purecookie.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d76d9ad137244e90910361e73d0c25406d6b864abd7c8ceb578dc92e846ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 25 Jun 2021 11:21:09 GMT
server: cloudflare
age: 64
etag: W/"60d5bc25-915"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a14f5e3d30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 purecookie.js Show response
std.stheadline.com/js/ 3 KB
1 KB 34ms
30ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/js/purecookie.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92829bb31f8492ac8867bc349df3c761915c9b3d7f9ff5b9eeef8516d2f5f112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 07:30:49 GMT
server: cloudflare
age: 63
etag: W/"61161fa9-be3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544b0330d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 logo-v2@2x.png
std.stheadline.com/dist/images/ 9 KB
9 KB 38ms
36ms Image
image/png 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/logo-v2@2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dcf736e34517f8acbc1aef5c66d5006c6978be52dc04882aae659648834e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 08:11:39 GMT
server: cloudflare
age: 64
etag: "60dad5bb-2492"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
cf-ray: 8205a14f5e4530d6-FRA
content-length: 9362
x-xss-protection: 1; mode=block

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 363 KB
125 KB 98ms
51ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59256d68959f1c40218d6a6c7f9dc0a89346c35e6bac1f4c42be4490217b5eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127581
x-xss-protection: 0
expires: Fri, 03 Nov 2023 15:25:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
70 KB 68ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N88VT4C&gtm_auth=k8kVyIhtFuBgzHvdERDq-g&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

171ee46cc8419822d61dae68b7cb2576d5f1a8ed245c2b42df0d3f66db47e5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71304
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i_src_069003860.jpg
image.stheadline.com/f/680p0/0x0/100/none/3b597f1d318c69a672a94f3f9c117654/stheadline/news_res/2023/11/02/88261/ 120 KB
120 KB 1235ms
1205ms Image
image/jpeg 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/680p0/0x0/100/none/3b597f1d318c69a672a94f3f9c117654/stheadline/news_res/2023/11/02/88261/i_src_069003860.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d7763385cad082a9084bfbf1c26418b7c8768229aaa4ee199d4bca314632c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 15:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8205a14fbe8730d6-FRA
content-length: 122841
x-xss-protection: 1; mode=block
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_HK/ 3 KB
2 KB 30ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_HK/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f2de7eb022059d9477ffec847a514a961e70920fb3eb8cfb59363b9071e97b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://std.stheadline.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 15:25:29 GMT
content-md5: W9NOMhs20zh9REDOa0kojw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: ZoIUUqO1KkOChxYWBLCIpyNm1VLMUMAHeD+3ljMOq3sFfQThBu6wXC8cmiAc/D+9nJZwEqy5iLPoMWY0gXV2mA==
x-fb-content-md5: bc8557e8a25d2aea7143333ffad6a4fe
cross-origin-opener-policy: same-origin-allow-popups
etag: "fffdea6db5bbc298b7d66da6cf561d16"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:41:07 GMT

GET
H2 200 i_src_005473880.jpg
image.stheadline.com/f/237r148/0x0/100/none/670fac7fe0cc51e6c56abd3f3e9da3d6/stheadline/news_res/2023/11/01/88043/ 19 KB
19 KB 974ms
974ms Image
image/jpeg 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/237r148/0x0/100/none/670fac7fe0cc51e6c56abd3f3e9da3d6/stheadline/news_res/2023/11/01/88043/i_src_005473880.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da61453bb2e981f85c0b80bee5db943cb0d08ca6b35735ac07bed8c4b0fc6540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Nov 2023 15:25:29 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 15:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8205a1506f7930d6-FRA
content-length: 19335
x-xss-protection: 1; mode=block
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H2 200 i_src_401111204.jpg
image.stheadline.com/f/237r148/0x0/100/none/ab52639cf1fccc7d724255069c67a431/stheadline/news_res/2023/08/28/72431/ 27 KB
27 KB 979ms
973ms Image
image/jpeg 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/237r148/0x0/100/none/ab52639cf1fccc7d724255069c67a431/stheadline/news_res/2023/08/28/72431/i_src_401111204.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdc24643a088ed464e7eec4d15dfe7bc66c0877d9c170a73da83ba6f06d72f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 15:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8205a1544ae930d6-FRA
content-length: 27484
x-xss-protection: 1; mode=block
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H2 200 i_src_207741058.jpg
image.stheadline.com/f/237r148/0x0/100/none/197e36ecc6dd34c0b299b618b60c0810/stheadline/news_res/2023/09/13/76569/ 25 KB
25 KB 982ms
979ms Image
image/jpeg 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/237r148/0x0/100/none/197e36ecc6dd34c0b299b618b60c0810/stheadline/news_res/2023/09/13/76569/i_src_207741058.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddda1b44b917db80a00255e879bcc1b6b91cf7e4a818ba14e54819824f43f4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 15:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8205a1544b0430d6-FRA
content-length: 25433
x-xss-protection: 1; mode=block
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H2 200 i_src_245502300.jpg
image.stheadline.com/f/237r148/0x0/100/none/7518d39948d2fd3edcffd1ca6886dea8/stheadline/news_res/2023/04/15/33371/ 25 KB
26 KB 972ms
970ms Image
image/jpeg 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stheadline.com/f/237r148/0x0/100/none/7518d39948d2fd3edcffd1ca6886dea8/stheadline/news_res/2023/04/15/33371/i_src_245502300.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb15e83f6da2ae1cedfc95aa24c594ebeadd38402220a56edcb0c58e85367249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 15:25:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8205a1544b0530d6-FRA
content-length: 26096
x-xss-protection: 1; mode=block
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H2 200 email-decode.min.js Show response
std.stheadline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
814 B 15ms
10ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
server: cloudflare
etag: W/"653bc982-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8205a1544aea30d6-FRA
expires: Sun, 05 Nov 2023 15:25:29 GMT

GET
H2 200 main.js Show response
std.stheadline.com/dist/js/ 20 KB
7 KB 29ms
23ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

511de991d6e51c7a768f092b7a3aacaee112367e92905574d6c8773e65146ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:09 GMT
server: cloudflare
age: 63
etag: W/"640e8aed-51f6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544aeb30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
std.stheadline.com/dist/plugins/bootstrap/js/ 57 KB
18 KB 30ms
24ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/bootstrap/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 21 Oct 2019 06:13:28 GMT
server: cloudflare
age: 63
etag: W/"5dad4c88-e2de"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544aec30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 popper.min.js Show response
std.stheadline.com/dist/plugins/popper/ 20 KB
8 KB 32ms
27ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/popper/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc84e825f772b3ea9a5d55840482f85216679fcf3d4d7625a34348d052c2608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 21 Oct 2019 06:13:28 GMT
server: cloudflare
age: 63
etag: W/"5dad4c88-51eb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544aed30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 vendor.min.js Show response
std.stheadline.com/dist/js/ 954 B
541 B 31ms
26ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/vendor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

230cc326e13f246d46f7827c2e5f085436f5dad54f70e6313a8393b147c640b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 21 Oct 2019 06:13:28 GMT
server: cloudflare
age: 63
etag: W/"5dad4c88-3ba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544aef30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 moment.min.js Show response
std.stheadline.com/dist/plugins/moment/ 50 KB
19 KB 34ms
29ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/moment/moment.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5251631d756dac0ed74a7892e651437c0f8840e552f9e245c731860ab1a89581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 29 Oct 2019 07:15:16 GMT
server: cloudflare
age: 63
etag: W/"5db7e704-c90f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544af030d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 daterangepicker.min.js Show response
std.stheadline.com/dist/plugins/daterangepicker/ 32 KB
9 KB 28ms
23ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/daterangepicker/daterangepicker.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

445466a88a8307acd93ebcd4b3182110f1ab5a0272ec0fed9dbc956a80f377d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 09:02:57 GMT
server: cloudflare
age: 63
etag: W/"5ef9ae41-7e6d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544af330d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 photoswipe.min.js Show response
std.stheadline.com/dist/plugins/photoswipe/ 31 KB
13 KB 33ms
28ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/photoswipe/photoswipe.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edf934cf81ca088ec72ef362c66090602eee3e583198ec96690978bcd183531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 09:22:52 GMT
server: cloudflare
age: 63
etag: W/"5ddceeec-7ca3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544af430d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 photoswipe-ui-default.min.js Show response
std.stheadline.com/dist/plugins/photoswipe/ 10 KB
4 KB 31ms
26ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/plugins/photoswipe/photoswipe-ui-default.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb61f810902a76a0baf817174c11e94d5b5238748a0513db4a310a15e7e3059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 09:02:57 GMT
server: cloudflare
age: 63
etag: W/"5ef9ae41-2699"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544af530d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 custom.min.js Show response
std.stheadline.com/dist/js/ 5 KB
2 KB 41ms
36ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/custom.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e15cb41033bf33ab52f2a549a4d89fd5361b92f24cb2200d0955601e93de45aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 27 Jan 2021 02:25:10 GMT
server: cloudflare
age: 63
etag: W/"6010cf06-12bd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544afb30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 video.min.js Show response
std.stheadline.com/dist/js/video.js/ 570 KB
184 KB 35ms
31ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/video.js/video.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:19 GMT
server: cloudflare
age: 63
etag: W/"640e8af7-8e83f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544afc30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 videojs-contrib-ads.min.js Show response
std.stheadline.com/dist/js/videojs-contrib-ads/ 28 KB
9 KB 781ms
777ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/videojs-contrib-ads/videojs-contrib-ads.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 13 Mar 2023 02:31:19 GMT
server: cloudflare
etag: W/"640e8af7-6e7b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544afe30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 videojs.ima.min.js Show response
std.stheadline.com/dist/js/videojs-ima/ 47 KB
11 KB 34ms
30ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/videojs-ima/videojs.ima.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8748af9f16076c64db25b50366596818ce0d260548fb243ebfe3bfa63154239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 02:31:16 GMT
server: cloudflare
age: 63
etag: W/"640e8af4-bad2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544aff30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox.pack.js Show response
std.stheadline.com/dist/js/fancybox/ 23 KB
9 KB 787ms
783ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/fancybox/jquery.fancybox.pack.js?v=2.1.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jun 2020 09:02:56 GMT
server: cloudflare
etag: W/"5ef9ae40-5a8c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544b0030d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fancybox-thumbs.js Show response
std.stheadline.com/dist/js/fancybox/helpers/ 4 KB
2 KB 793ms
789ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/dist/js/fancybox/helpers/jquery.fancybox-thumbs.js?v=1.0.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63dec8dd0f6d58e0195860e115826bec46a12d7db222277bef9a4e61daa03a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Mar 2020 08:42:55 GMT
server: cloudflare
etag: W/"5e7b198f-fa3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
cf-ray: 8205a1544b0230d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 cross-512.png
cdn1.iconfinder.com/data/icons/ui-flat-16x16/400/ 8 KB
9 KB 94ms
26ms Image
image/png 2606:4700:e4::ac40:ad26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.iconfinder.com/data/icons/ui-flat-16x16/400/cross-512.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb509754bf3accae8062063fb55b5dcbd4fdf80c13e7629ebe140f86e119096

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1891552
content-disposition: inline; filename="6717904.png"
alt-svc: h3=":443"; ma=86400
content-length: 8607
x-request-id: b35bf737-f090-4a58-bd66-9b6f864927eb
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1696883099&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=adOaByMp6RoSDXKvQIXgut2WIRXW29%2BQl8ODp1rb5XM%3D
last-modified: Mon, 09 Oct 2023 20:24:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1696883099&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=adOaByMp6RoSDXKvQIXgut2WIRXW29%2BQl8ODp1rb5XM%3D"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8205a154b91c0209-CDG
expires: Sat, 02 Nov 2024 15:25:29 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 73ms
45ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://std.stheadline.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8205a1546fff377c-FRA

GET
H2 200 prebid7.18.0.js Show response
static.stheadline.com/stheadline/js/ 271 KB
86 KB 791ms
768ms Script
application/javascript 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.stheadline.com/stheadline/js/prebid7.18.0.js

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/js/pbidcall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc31ee6bafd21b6b905dde786016101e5bfbdb0f75d34299df2f572311a8449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"63351195-43d3c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=300
cf-ray: 8205a1549b4c30d6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-xss-protection: 1; mode=block
expires: Fri, 03 Nov 2023 15:30:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 775 B
797 B 88ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+Fatface

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2b02fb5552816769995428dcf50397647a34d7caddff0e41962090381259a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 15:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 13:51:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 15:25:28 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 787 B
1 KB 174ms
36ms XHR
application/json 34.250.238.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&d_nsid=0&ts=1699025128948

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/422d68363f75/802594c7dbc3/launch-EN06b9e6123f8f4b7f9be20b4a81a0baa1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-238-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

545e49291cb8ae94e35598b299521659fcfb87754f98c04d6477c547f8185ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v053-03bb411ba.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: cO3LdvhKSbI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://std.stheadline.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 486
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb3826f174b534354aaa5a9e9f1dab55d/ 33 KB
13 KB 10ms
8ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb3826f174b534354aaa5a9e9f1dab55d/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/422d68363f75/802594c7dbc3/launch-EN06b9e6123f8f4b7f9be20b4a81a0baa1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1cfb73df05de1b204ad9c2b2d24b83b6d5b4f07c43108d51a60f97f457b9dbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
last-modified: Fri, 09 Nov 2018 18:46:43 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "1f64108eb4f6b120a8edd5b15d3e0a3b:1541789205"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12546
expires: Fri, 03 Nov 2023 16:25:29 GMT

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 1 KB
1 KB 247ms
167ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-628280.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 007ce83d6f8f3f6d6e7bb71df1dacd4efb86bd7c8c7cac59c1ceb564c61e4417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"580-tajoS3hSCkf2gDzO+RQMWUz8tBQ"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8205a1508bdfb79a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 51ms
10ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-628280.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:32:51 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 3159
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: aDFs9s44yWF-mhxCDxxb8r8U54hBTlXqWFcqiw-2FAy3syskJdS_-Q==

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZUUQ6QAAALK4mQN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=18929616725618372521516930529287439875
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUUQ6QAAALK4mQN-

42 B
942 B

38ms
38ms

Image
image/gif

34.250.238.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUUQ6QAAALK4mQN-

Requested by

Protocol

HTTP/1.1

Server

34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-238-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-0e4786335.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J49+zyQvR7E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUUQ6QAAALK4mQN-
Date: Fri, 03 Nov 2023 15:25:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 icon-chevron-down.svg
std.stheadline.com/dist/images/ 343 B
337 B 25ms
25ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-chevron-down.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5be69c7ac1082afc82fc29ac42c59d10be043c84b9e6afb17de11b424cbbbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 05 Dec 2019 01:59:55 GMT
server: cloudflare
age: 63
etag: W/"5de8649b-157"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a1545b0730d6-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html Show response
singtaonewscorp.demdex.net/ Frame FEB4 7 KB
3 KB 152ms
32ms Document
text/html 34.253.158.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/422d68363f75/802594c7dbc3/launch-EN06b9e6123f8f4b7f9be20b4a81a0baa1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.253.158.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-158-202.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcscanary-prod-irl1-1-v066-0e00029ba.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: T2PQwt6VQ2I=
content-encoding: gzip
date: Fri, 3 Nov 2023 15:25:29 GMT
last-modified: Thu, 26 Oct 2023 09:21:31 GMT
vary: accept-encoding

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 74 KB
74 KB 45ms
23ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15252879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75408
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2YqmfP0EfuVgsZeoE%2F%2FPyZvAmqAmdoDQbOHCeRZKMrtGi7Ns3PIX4AgkvUYVtpLUDCql5XtaDIR5iyQDp%2Bd0Q0%2FX2i7wQcnE8MXwdqKmwJZbYxfbsRLn38G2auKvMofQ2PX2ezPb59vmc2ajrJhOOal"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8205a154a9cb8ffa-FRA
expires: Wed, 23 Oct 2024 15:25:29 GMT

GET
H2 200 icon-facebook.svg
std.stheadline.com/dist/images/ 522 B
426 B 212ms
207ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-facebook.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a00984a28d97c6ebf98603e57187441c43bdc85fa9eb9ba03a0d72c15b59a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Jan 2020 07:17:39 GMT
server: cloudflare
etag: W/"5e200e13-20a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab5830d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-weibo.svg
std.stheadline.com/dist/images/ 1 KB
762 B 782ms
777ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-weibo.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700d5450048b2a5b504b1e433569636e8bc0f390eec802ae7f17c325c0146319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Jan 2020 07:17:39 GMT
server: cloudflare
etag: W/"5e200e13-50c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab5930d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-twitter.svg
std.stheadline.com/dist/images/ 943 B
566 B 791ms
786ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-twitter.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0911197e5caed0b3fe8a7916caa1253399349a0d6a4e146fb99d2e221d28eb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 29 Jun 2020 09:02:55 GMT
server: cloudflare
etag: W/"5ef9ae3f-3af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab5b30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-email.svg
std.stheadline.com/dist/images/ 801 B
528 B 805ms
801ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-email.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b028e1457c5ab4e1b91ea05f1ccf182c52c2c3fbaa2a5b4d706701e428776e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Jan 2020 07:17:39 GMT
server: cloudflare
etag: W/"5e200e13-321"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab5c30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-fontsize.svg
std.stheadline.com/dist/images/ 2 KB
904 B 785ms
781ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-fontsize.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43f156b15e150655c27e48135fa8e978f55c232ea2afb037f59b420297eab84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Jan 2020 07:17:39 GMT
server: cloudflare
etag: W/"5e200e13-688"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab5f30d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-print.svg
std.stheadline.com/dist/images/ 877 B
520 B 778ms
775ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-print.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00128aa9fd8f0a918e8153243a8959140f25a670aeb71351786a6821903b4a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 29 Jun 2020 09:02:55 GMT
server: cloudflare
etag: W/"5ef9ae3f-36d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab6330d6-FRA
x-xss-protection: 1; mode=block

GET
H2 200 icon-subscribe-b.svg
std.stheadline.com/dist/images/ 3 KB
2 KB 22ms
19ms Image
image/svg+xml 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://std.stheadline.com/dist/images/icon-subscribe-b.svg

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79315dff47af2d1d75f285b60dfd5bb392f541653e3957be5aea563b363c695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/dist/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 09:02:55 GMT
server: cloudflare
age: 62
etag: W/"5ef9ae3f-d95"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 8205a154ab6430d6-FRA
x-xss-protection: 1; mode=block

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 73 KB
73 KB 15ms
14ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:29 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 165676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74524
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1231c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lyf0yM9c8t2ew%2BfL%2BRJoHfVMlCGoczT3eEfbRhb7KfTQnC8bYk%2FsB5FELq0A1gcKrFC0%2BbIzL4h5%2BPref%2BcT30LemYYnJO28l5jqIw8bysEaxlrWsInvgeD0FHNZ6ZO%2Fd46iF1YQ8CihOgE9ogUB0Tma"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8205a154a9cf8ffa-FRA
expires: Wed, 23 Oct 2024 15:25:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_HK/ 297 KB
86 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_HK/sdk.js?hash=f80fb4e97ef1aff626e503c509236057

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78bf14ac2f34c90520d5c1956c4a37cca0964e63ea019b10b633d60a51c9ce6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://std.stheadline.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 15:25:29 GMT
content-md5: FZT5A17/GemtNTv6PCz6ZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87045
reporting-endpoints
x-fb-debug: 7lXIO6tILb90Ryn0jLMSebGxErKH9aEmTG6NcAgLXyoftkaFxgmUliUF8dUUq1rcA0IXTHI3ZTtU3s7E0FS50g==
x-fb-content-md5: c15b584134d4d4bf9d92b9d25430d7cc
cross-origin-opener-policy: same-origin-allow-popups
etag: "225ded45ad073fc26e095a4e78995606"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:21:07 GMT

GET
H2 200 cd6cddc5-4dca-4d77-9a65-8b894400e772 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
804 B 45ms
11ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:19:29 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 360
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: JcVQElPZ-aYypYZSv7D1e6SU4SwnQ4_m5U8ZlRtqNRzILab6oL0Kkw==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 35ms
15ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 05:28:42 GMT
x-amz-cf-pop: FRA2-C1
age: 35808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 0hCNzX8HOc83uIVkIQ-geWWfHAaalj_x32wq4HCi5r-yUJnk8_XFnQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N88VT4C&gtm_auth=k8kVyIhtFuBgzHvdERDq-g&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 13:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 03 Nov 2023 15:51:32 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/ 425 KB
134 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136527
x-xss-protection: 0
server: cafe
etag: 6152360919581633401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:20:08 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame FEB4 0
214 B 65ms
11ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=18929616725618372521516930529287439875&gdpr=0&gdpr_consent=
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://singtaonewscorp.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 34ms
33ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=578760655&t=pageview&_s=1&dl=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ul=en-us&de=UTF-8&dt=%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF%20%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82%20%7C%20%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=653303223&gjid=667649862&cid=440603065.1699025130&tid=UA-41819048-3&_gid=1605084653.1699025130&_r=1&_slc=1&gtm=45He3b11n81N88VT4Cv79478043&gcd=11l1l1l1l1&z=1473035147

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 77ms
21ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41819048-3&cid=440603065.1699025130&jid=653303223&gjid=667649862&_gid=1605084653.1699025130&_u=YEBAAEAAAAAAACAAI~&z=1475277997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOuf5xX71x7jpmuFPl_0uMU&google_cver=1
dpm.demdex.net/ Frame FEB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTg5Mjk2MTY3MjU2MTgzNzI1MjE1MTY5MzA1MjkyODc0Mzk4NzU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTg5Mjk2MTY3MjU2MTgzNzI1MjE1MTY5MzA1MjkyODc0Mzk4NzU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOuf5xX71x7jpmuFPl_0uMU&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

41ms
41ms

Image
image/gif

34.250.238.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOuf5xX71x7jpmuFPl_0uMU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-238-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://singtaonewscorp.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v053-0f055f6d4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: x2Fz+tpITv0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOuf5xX71x7jpmuFPl_0uMU&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 73ms
38ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41819048-3&cid=440603065.1699025130&jid=653303223&_u=YEBAAEAAAAAAACAAI~&z=523352030

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 82ms
45ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41819048-3&cid=440603065.1699025130&jid=653303223&_u=YEBAAEAAAAAAACAAI~&z=523352030

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prod-custom-prebid.js Show response
rtbcdn.andbeyond.media/ 579 KB
580 KB 12ms
11ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-628280.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
via: 1.1 varnish
x-amz-request-id: W1DVKGSJPD2EA9Z6
age: 726
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 592965
x-amz-id-2: sBUc53fyu0YBTdy2AHq2Fn6vnrw+BJeQi+zR52suyHDLy0XTRB1DIZVfwoGUZK7dJz1/X8mtvpo=
x-served-by: cache-fra-eddf8230130-FRA
last-modified: Wed, 27 Sep 2023 05:53:10 GMT
server: AmazonS3
x-timer: S1699025130.166333,VS0,VE2
etag: "9fb8da6fcf32018d4c93d5df53a0b36d"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 71ms
15ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-628280.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3329
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 64ms
8ms XHR
text/html 2600:9000:236e:e00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:e00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Fri, 03 Nov 2023 13:17:11 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7699
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: yrw_tctBRyzKNjMsdIqTj2ImNjw1hP9Hee_82p9I7vsBHnYKNcJvxA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T9RMKL3N37&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N88VT4C&gtm_auth=k8kVyIhtFuBgzHvdERDq-g&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

274c5d4471d2b79099d1d711b7747757409a6e113f9a8d1ee35a92e97e429678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:30 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 32ms
9ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:03:32 GMT
content-encoding: gzip
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 36647
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Ik0ZLI8qu6QV9Lc_O1IxFVzd34JtmMiQNIllIwZxTKqnD-R0wnqq3w==

GET
H2 200 s75216758302271
singtaolimited.sc.omtrdc.net/b/ss/SINGTAOLIMITEDSTD.Website.Prod/1/JS-2.10.0-LCUM/ 43 B
345 B 68ms
21ms Image
image/gif 63.140.62.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://singtaolimited.sc.omtrdc.net/b/ss/SINGTAOLIMITEDSTD.Website.Prod/1/JS-2.10.0-LCUM/s75216758302271?AQB=1&ndh=1&pf=1&t=3%2F10%2F2023%2016%3A25%3A30%205%20-60&mid=19275070699401529491583014910872516786&aamlh=6&ce=UTF-8&pageName=%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1.%E6%97%A5%E5%A0%B1%E6%96%B0%E8%81%9E&g=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&cc=HKD&ch=%E9%87%91%E8%9E%8D&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1.%E6%97%A5%E5%A0%B1%E6%96%B0%E8%81%9E&c2=D%3Dv2&v2=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&c3=D%3Dv3&v3=%E9%87%91%E8%9E%8D&c5=D%3Dv5&v5=%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF%20%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82&c6=New&c7=New&c8=%2C%2C%2C&v8=19275070699401529491583014910872516786&c9=26&c10=19275070699401529491583014910872516786&c23=D%3Dv23&v23=3287403&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Nov 2023 15:25:30 GMT
server: jag
etag: 3648628684608405504-4617705109669553086
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02 Nov 2023 15:25:30 GMT

GET
H2 200 comments.php
www.facebook.com/v5.0/plugins/ Frame D84F 0
0 125ms
108ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/comments.php?app_id=310801532769039&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f64cf6d784a94%26domain%3Dstd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstd.stheadline.com%252Ff11c312ced714c4%26relation%3Dparent.parent&container_width=680&height=100&href=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&locale=zh_HK&numposts=5&sdk=joey&version=v5.0&width=680

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=f80fb4e97ef1aff626e503c509236057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Nov 2023 15:25:30 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: suBHeFAglJWybhTx6zbTV6ekQEQScmcxh2xnhP6yeKqXLPmvLCBXwYxiIg8Q9162uQpeT7Z0AAJHiNNBEpIBEA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 59ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Nov 2023 15:25:30 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 54ms
15ms Script
text/javascript 108.138.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:49:30 GMT
content-encoding: gzip
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 34561
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: SpXaD3k4iJfj9_Np7XjHVrLFas-bkJ8hDwpYkMB74AXraBiJrrXfXg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 49ms
9ms Script
text/javascript 2600:9000:2250:5600:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 03 Nov 2023 08:28:15 GMT
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 36636
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: X6KbrkI8aMb7ngZWwgGh91NQsZtZlRvb0VIHARjVyGXlctZv1fQmvA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 68ms
17ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 05:48:42 GMT
content-encoding: gzip
age: 898608
x-guploader-uploadid: ADPycdtz9fLOKTSXqAKiOYcWTPT8KVTH8s5_mJSKba0oQIBGwZJvozH-aaWdHMSNJ6WJytzo52Y04PH8hJy0npH3hlrUkw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 23 Oct 2024 05:48:42 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 56ms
23ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: MEVGTKSQ43QXNK5W
age: 1695
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8205a159dcbe91d7-FRA
x-amz-id-2: GVo2t+KCxHBK+B903bp0KH5cKbe1r2w6r5KWaaF5cRSVC7HTxdd5AENeRvXUDCU3+phSQRubKvA=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 36ms
14ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41805
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEkvJuOOcK0QbhtNX9tnlRQFbOP0tQqAmGBCCFNUiNc2ycXwBAan6DqsvMzcqJIiAvlpWZXYw1F2ZeDZSv%2FlbZ9MdfIvXV29oqMd3pzEzpmALiFZO2q34FVk9Yi%2BH%2FxaYf%2BfeeehiRc1ncIx%2Fs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8205a159cdd21953-FRA

GET
H2 200 6 Show response
std.stheadline.com/hitCount/2555061/5/ 4 B
179 B 901ms
900ms XHR
text/html 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/hitCount/2555061/5/6

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/plugins/jquery/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 03 Nov 2023 14:13:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=120
cf-ray: 8205a159bf8f30d6-FRA
x-xss-protection: 1; mode=block
expires: Fri, 03 Nov 2023 23:25:30 HKT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 50ms
40ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231103

Requested by

Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

471550ed7025e2abacc6b0cf8aafb152a479d00674d64561b109bbbd22abc469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41075
x-jsd-version: 1.0.1862
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-3D/jHWfel29mvhLHMtDUyTircVE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgsvIt3WVJcMrCtYurDyMg2CFROBZUusr4IeBnjfU5VguXkj8O51li%2Bx98YvUFDgaF46qUYaVsFzpNPwquV%2F82djIezLguWSdLaqHmL5c7F1p%2Bu763tff9jP48dQ7bNeA8Z4YsKOfNLJGitchl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8205a15a0bbc5d96-FRA

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 393ms
101ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772887469B486DE40297BBA8796949E&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-topbanner&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=728&h=90
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 389ms
96ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772887469B486DE40297BBA8796949E&tdid=&schain=&fp=0.76&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=728&h=90
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 394ms
100ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772887469B486DE40297BBA8796949E&tdid=&schain=&fp=0.76&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=728&h=90
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 392ms
100ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772887469B486DE40297BBA8796949E&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-floatingad&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=728&h=90
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 394ms
99ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B447A96D28EB7EFE749D633293EAD9&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC1&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=300&h=250
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:29 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 395ms
98ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B447A96D28EB7EFE749D633293EAD9&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC2&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=300&h=250
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 731ms
154ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B447A96D28EB7EFE749D633293EAD9&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC3&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=300&h=250
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
180 B 704ms
123ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B447A96D28EB7EFE749D633293EAD9&tdid=&schain=&fp=0.76&gpid=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC4&eids=&u=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&host=std.stheadline.com&w=300&h=250
Requested by: Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://std.stheadline.com
Date: Fri, 03 Nov 2023 15:25:30 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 10ms
8ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9053246&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699025130572&ns_c=UTF-8&c7=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&c8=%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF%20%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82%20%7C%20%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1&c9=
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: DeaKgClPfEFSbu8RR67d8qNfLakDWrPvoZ5R_tOZNh0iBqIxnoAMtQ==
x-cache: Miss from cloudfront

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 51ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T9RMKL3N37&gtm=45je3b11v870307558z879478043&_p=1699025128867&_gaz=1&gcd=11l1l1l1l1&cid=440603065.1699025130&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699025130&sct=1&seg=0&dl=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82&dt=%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF%20%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82%20%7C%20%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1&en=page_view&_fv=1&_ss=1&epn.articleid=3287403&tfd=2838
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9RMKL3N37&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
18ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T9RMKL3N37&cid=440603065.1699025130&gtm=45je3b11v870307558z879478043&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9RMKL3N37&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T9RMKL3N37&cid=440603065.1699025130&gtm=45je3b11v870307558z879478043&aip=1&z=766937098

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%...
https://oajs.openx.net/esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%...

85 B
194 B

118ms
118ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1978f2dc7bd4fa1b92560d0fb0276d2d6d45f91ea7ca0ae4f1a865fc3b11b32d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-6Mm9N0SWG+bPQV68t8UlRNNK/SE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 03 Nov 2023 15:25:30 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://std.stheadline.com
location: /esp?url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5458 15 KB
6 KB 43ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=std.stheadline.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 264164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
234 B 65ms
17ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 105ms
33ms XHR
application/json 54.228.190.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.190.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-190-197.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ce229c593f390900b7efebebb458731676ef1f5b9da2d471312cc3032312025d

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache
x-server: 10.45.25.69
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5458
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=stheadline.com&sn=ChromeSyncframe&so=0&topUrl=std.stheadline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=hHuDZXwrREpzVWQ5Q3hMUjkvUWNnY255Q2FwTDlFaEZmMms2L1BaRmhMVXhMZDUyVTlKUFNEUVB1bkRDdG9MMW9ZZkpyaEpGQ0hQY3o4bWsySVpmdXVpTEdNbEZ2T0FkSklJVnNiYTJ0YlordlcrY2VpamNaMVA0UWs2Vm...

449 B
665 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hHuDZXwrREpzVWQ5Q3hMUjkvUWNnY255Q2FwTDlFaEZmMms2L1BaRmhMVXhMZDUyVTlKUFNEUVB1bkRDdG9MMW9ZZkpyaEpGQ0hQY3o4bWsySVpmdXVpTEdNbEZ2T0FkSklJVnNiYTJ0YlordlcrY2VpamNaMVA0UWs2VmlPWi9WVHBnU0dGR1V2L21Fcnc0L3pQclZaZlBSb1IwSlh3ME1mRkdiNXRjWGNMS1JhckYvL1BLaDgyd2JRT1g3ZTF5QUN3MlJaZDFrSHhpUzFncEpWM0dyODlZcWgvTmtIcHhkVEpJNzRqSDhNNWVwbEZXZkpFNjZ0Tk5HT2VJaFJGcms2OWdWb2M0UmduQm9VQUhPODcxVTB2TzlCM1JSSUREOWlqWDl4dFFHcDE4QXRlYz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a43f53c9124a825815d2c204475a3435bb89c846a12ded6ce9c030fa73c41daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1197645
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hHuDZXwrREpzVWQ5Q3hMUjkvUWNnY255Q2FwTDlFaEZmMms2L1BaRmhMVXhMZDUyVTlKUFNEUVB1bkRDdG9MMW9ZZkpyaEpGQ0hQY3o4bWsySVpmdXVpTEdNbEZ2T0FkSklJVnNiYTJ0YlordlcrY2VpamNaMVA0UWs2VmlPWi9WVHBnU0dGR1V2L21Fcnc0L3pQclZaZlBSb1IwSlh3ME1mRkdiNXRjWGNMS1JhckYvL1BLaDgyd2JRT1g3ZTF5QUN3MlJaZDFrSHhpUzFncEpWM0dyODlZcWgvTmtIcHhkVEpJNzRqSDhNNWVwbEZXZkpFNjZ0Tk5HT2VJaFJGcms2OWdWb2M0UmduQm9VQUhPODcxVTB2TzlCM1JSSUREOWlqWDl4dFFHcDE4QXRlYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 284071
content-length: 0
expires: 0

POST
H2 204 rum Show response
std.stheadline.com/cdn-cgi/ 0
110 B 17ms
16ms XHR
text/plain 2606:4700:10::ac43:1bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://std.stheadline.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1bf8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Nov 2023 15:25:30 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://std.stheadline.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8205a15b08b230d6-FRA

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 981D 0
176 B 69ms
22ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 03 Nov 2023 15:25:30 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 379 KB
52 KB 966ms
966ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86837118274623&correlator=293689777691744&eid=31079304%2C31079372%2C21065724&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&iu_parts=64888526%2CST_Web%2Cdaily_fin_detail-skyscraper1%2Cdaily_fin_detail-topbanner%2Cdaily_fin_detail-skyscraper2%2Cdaily_fin_detail-inarticlebanner1%2Cdaily_fin_detail-inarticlebanner2%2Cdaily_fin_detail-LREC1%2Cdaily_fin_detail-LREC2%2Cdaily_fin_detail-LREC3%2Cdaily_fin_detail-LREC4%2Cdaily_fin_detail-1x1%2Cdaily_fin_detail-popup%2Cdaily_fin_detail-floatingad&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13&prev_iu_szs=120x600%7C160x600%7C1x1%2C320x50%7C728x90%7C970x90%7C970x160%7C970x250%7C1x1%2C120x600%7C160x600%7C1x1%2C320x50%7C300x250%7C1x1%2C320x50%7C300x250%7C1x1%2C320x50%7C300x100%7C300x250%7C300x430%7C300x600%7C1x1%2C320x50%7C300x100%7C300x250%7C1x1%2C320x50%7C300x100%7C300x250%7C1x1%2C320x50%7C300x100%7C300x250%7C1x1%2C1x1%2C900x500%7C640x480%7C800x450%7C1x1%7C300x250%2C320x50%7C728x90%7C970x90%7C300x250%7C1x1&fluid=0%2Cheight%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2Cheight&ifi=1&didk=1753208697~1478465344~1753208696~3934770350~3934770351~3853238659~3853238658~3853238657~3853238656~4011516591~2024970919~924499069&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699025131322&lmt=1699020808&adxs=-12245933%2C176%2C-12245933%2C176%2C176%2C1124%2C1124%2C1124%2C1124%2C800%2C-12245933%2C436&adys=-12245933%2C164%2C-12245933%2C880%2C1933%2C246%2C246%2C246%2C246%2C2977%2C-12245933%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C0%7C1%7C0%7C0%7C0%7C0%7C2%7C-1%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&vis=1&psz=1264x0%7C1264x0%7C1264x0%7C680x0%7C680x0%7C300x0%7C300x0%7C300x0%7C300x0%7C1600x2977%7C0x-1%7C728x-1&msz=0x0%7C1248x0%7C0x0%7C680x0%7C680x0%7C300x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C0x-1%7C728x-1&fws=128%2C0%2C128%2C0%2C0%2C512%2C512%2C512%2C512%2C0%2C640%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=440603065.1699025130&ga_sid=1699025131&ga_hid=578760655&ga_fc=true&dlt=1699025128843&idt=1134&prev_scp=aID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403%7CaID%3D3287403&cust_params=amznbid%3D0%26amznp%3D0&adks=1801507009%2C1960767943%2C1759744683%2C2546912673%2C4104680790%2C2589581063%2C2728472048%2C3014394236%2C484477598%2C3390081512%2C984389925%2C1481798460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f2f4e0624382faaca1442fd0f7d826449c9b25a9debae2891210b9d63544b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53021
x-xss-protection: 0
google-lineitem-id: -2,6406971538,-2,-2,-1,6399014788,6401388472,6406910593,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138452105655,-2,-2,-1,138450459488,138450876867,138452709577,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://std.stheadline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
61ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5f02280945975bbf9d9d9e301865df300b31b6a6c068f05a61ecd015d4cdc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12364
x-xss-protection: 0

GET
H2 200 container.html Show response
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E9A 6 KB
3 KB 80ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Sat, 02 Nov 2024 15:25:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 123ms
89ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 15:25:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C752 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 13:40:00 GMT
expires: Sat, 02 Nov 2024 13:40:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 53C9 829 B
1000 B 24ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb1ee6ee420216236e4c2a73e47754093d268c06817387cc5ddba900551d3670

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8xOygB4WkzUY3CTodujjqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8xOygB4WkzUY3CTodujjqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Fri, 03 Nov 2023 15:25:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame C752 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 14:48:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 53C9 0
0 47ms
46ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311010101&jk=86837118274623&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C752 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XrlNsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311010101&jk=86837118274623&bg=!tLelt_jNAAb4oU7C2KE7ADQBe5WfOCWYE4sY_MAnvxxbONxFishbQOQXDCxh9O9On2faak0BPj8Gv5iO6WxAg-6J9taUAgAAAEJSAAAAB2gBB5kDCnqpRGlf1T6iF39K52TfCfXPHA2LEGUnchRsw5rOthuAopxdL6WCtEx-0TzNaD8t7-ahGKvNRVlR5VKWX6ed0L6n-wmlaW8YCRHSYrT3Qc-IjLoDgUQzRBqE8B2m5q-usoZnfNxXvlwojmcRitpYtaJhhwBZYbieXnvjbbxsJVxCV8MQ6B0wMMeqxiI7etlrftUtI7q4vERYPWcj55_1FtbjRYVHK-HVJBxg-QZDsEzqGQyMkAl5z2eRT16AXBhRPxXpPZQcquxhdHMHG0VTO5_pbQjM7DfwmqeTktBLDhAUT6dsuEnFFz5XN6CyScYKbX10tIB9Ul7d0d5dynBiWh7C61BJxwEL2_ELcvnlXcAtVoU_VUqWfPmOATH9DiaC3DpetiB59XDkG9szzY0ZuRrxqNVy2OYvDnzLJnBW46Ke5VaudtiBiIeo3yoCzC6l2f9biwZgsh2DCSyxjIyRQ-F0cg6xmFH5HN-asM9tzItbgeh8N15HA770DEOYNo3jHW2Tuggbbi8vRlUrZVS5EyR4GiadCfG-_g5_pSUI5lqR_GNjM51kt1nug_Z6nPUDO8f1fL3xIsT6PVLItpz5Vmi5c-8uP-_TYIesxmlPn_V_4DXdaZOXTcJeOd6vX7P0ZakPipXxaY0sosiRhPcwrklVKGgvEKzzWyvXcnGfLFPl_xcaCtDe2fWZmrMj3Riymrly3ux8TsntkPDSJg_k6e8kNvsuj8A9JRstG4PtkeQlo36VuRokdEeEWn98GhiSpFpm1BesLWONoihydO87GRPbE3VXpv1ehMB51kt_gkdSUOMnhUAFkInlvBycXSuzetPOdORNQSuKbVL7uMK_1yypZpeW_Ene0iz02rMxt6ovHvqZlL3ipkHKVOoXKnWkELgE7jXERgzOVvNWNjONj9tSbmb9ytAdPIg8JfrXqJdEJDtzwkgm66V1O_FhTHx25Ifsh1jG_GZjo35OLkgviUsLbkzFS9EFNIzmpbaIk4LC7IeU94TpKBZvrEc4Beqm7_yCN6VHA_G9pq0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 146ms
19ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 23 Oct 2023 08:11:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 101446
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhWf9dv0qyC0EBGIunpGtLEh6PNmEMEZc3eFlz3Vpp7nYkYywXtymAMsh7LqooJQz86NDvl6n38zXW87L%2BrvOsQTrXeKvwv%2FlD6VmEi%2FpvpuT2susfWkqU3w7lXsgTJUk8YfiXCR9dbVRA%2FF"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8205a165cfca1c17-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B687 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv16j8JpFvTGS0ODfOukavq41yws1H3mtIW_0Znd81s3f2wA_Hec4Q--f3CiteCzhrAIffrcnwZlrGtG3I2Vc-sSvSbPJ4SOkuqxpkDotY0OFrRrnfalrG9hB57FKB8_-WjS3jX4bvvlTE9aRxxfQj2sW6ljTlignzXDxcl2ZGolLd48V33VetwNrPil5shfbCZjnVdwVOEXba4ZQ0_1eUR-pq7xNINuChdhNH4AildQP-EQSVpRJRvqXmhs3UtnwVX9fhWXvRlHSFDCj4Ym3tKWns3q5RA6xJsuaoIDDL6ixJgTFwdx6dB8XgZjTYKKMnEw3_oNpQqoPkf0oAd0SbgFftuJQoD7sgGoQfivqqJJkoLJ0Y5p1R7W9NHxrOXbIPzWsA&sai=AMfl-YTnMJEJ-Dm4Pdk7GWWNRh-wFm17QJnrGvix9yBwOEMF8qJCHYehqfW5lAvj_-q0K6ocL7Rzu6i4Ep1wu2dceycbvKNGkQMpx_Dbga0td977sDCUuuD0F_wi0XQKvA&sig=Cg0ArKJSzNH4PFyIJf8IEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame B687 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B687 189 KB
60 KB 189ms
81ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 2665825079606380437
tpc.googlesyndication.com/simgad/ Frame B687 34 KB
34 KB 24ms
24ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2665825079606380437

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c742b0ca2382da3c9fd37dce090413a2b8851ceb16723c73bfc270fbc9a99d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 01:51:12 GMT
x-content-type-options: nosniff
age: 567260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34794
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:28:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Oct 2024 01:51:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B687 0
0 20ms
20ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnnYq5Xmj1TFzOOD0MV0u4YXh0NoC2Sru8kuSbNqlAAu1KmIh5-b7bCg4eBvoQHp5D8hpj
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310201815000/ Frame F350 196 KB
56 KB 114ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56123
x-xss-protection: 0
server: sffe
etag: "ee0c45c0e6d03a96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame F350 15 KB
5 KB 163ms
64ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "56e8153251b9d132"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame F350 95 KB
28 KB 164ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29064
x-xss-protection: 0
server: sffe
etag: "2b86ba6a96452dbe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame F350 5 KB
2 KB 166ms
67ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1923
x-xss-protection: 0
server: sffe
etag: "560b2476df5f84c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame F350 40 KB
13 KB 167ms
68ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12957
x-xss-protection: 0
server: sffe
etag: "143af65c0fcbfced"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F350 6 KB
802 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 14:22:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFF6 0
0 54ms
53ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBkTGwPcVyD5TVivweVYtPqW9xqn-oHP0sutALoGjPfH98Hg_RhBfuVoJsEjRCXNM89rcktTpa-6o2nt24NIxYXhcgRjy8SPl3wguqFDeczqRqlgoc9LrlHG7s6JnVAF6E-L3cwqhtFYGUZzL1dQLye71J_x0mKYVJNe0dCUO6VZF-2cgr4RY1ZP5TWldJV0YOwtyhmYxWI4JWR9RagyX6vpyK1lcRc1yt5x5TEuLDoZmGxbQv3Q0ptkUSDBDTWdR82MG1l8wxEaPVXmcakq5wSuv_RpaLQGLzq1YUiVH4fnBLJTrqG5QGbvUOQfa3vFoHUfUXYlbWRSKfno_ZlNFZ26-ncAL31JyhxO1DdnxgAgXIgV3dhuz02pvRskbW_Q&sai=AMfl-YSR_snZwknpsz6v0dTRzPMk13jvYZwNz-Fa_igUz_NJFOtj_HpnzE1bplz9ea0VAyjrIMuxM1pvYAxDFLFGuq4TiV0clKvl9KZC36tjIRsO1hOPymYlZf-XJ8zuew&sig=Cg0ArKJSzIgqfQYfyKLiEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame CFF6 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFF6 189 KB
59 KB 184ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 2478321137307320065
tpc.googlesyndication.com/simgad/ Frame CFF6 72 KB
72 KB 25ms
25ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2478321137307320065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8295d15439dfa3e3f329cf749c890c7db979e0aa6350159ebbc9a53314de978e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:07:09 GMT
x-content-type-options: nosniff
age: 191903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73741
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 09:01:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 10:07:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CFF6 0
0 21ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWD7Vr0aarkZa3Wnm0S4MCr2lrOOHsOhR09DVNJJyprUG76zXcP6uQQr_-0L3xjQja7kK4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E8F 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOucuxeJuMP3bKcnT8apCaBsSm0dZO-f_JBjn4sPn9OlcJeMTO4Y0ayhi-FfopXYmghC_JKoUDvl8BwjfpXcmA8IWVOPD3uxqv1Mv0OngJX0LMaXSvAMTLsqW0DyA3GYp1Z3kHoCwCY_iDKnFvIt-x3AjkhwnrM6FOrUHpz4u6sO7pefvZ4gHlLlAbwZCOY8CYZogor9eT7_bUYOEjD6-jkCd2Do-cF_DbOjNk9mhuMOqu4HrEa7kxOkn5NO_MKgnPgj7y6Int1Xj5NhV4VmKxPJTJYeJr84aknDyH7vUUJv8ijWQWOgatDVjXCQYxd6A8em7oMav0ocP4RUwB_YG830FNh-9ncMLHgXYjQP-hoZQX1sxuOxgYAs0wPmk0Dw&sai=AMfl-YQcqqrj-1o0ZQK7_mGytjnr1IZGRkpko95V9gvGNJoE0BWdm6CoHXof8W9OIQNhIY_dHm34OdQ3m78JFfg7K3o9-QNicpl6iOJ5gv-KDWCfw8yHbP_2IK0npGOlXA&sig=Cg0ArKJSzFKUlEtranRnEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 6E8F 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E8F 189 KB
59 KB 207ms
126ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 16738899339319551366
tpc.googlesyndication.com/simgad/ Frame 6E8F 26 KB
26 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16738899339319551366

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab8caf25a00a5b1066eda83a89b016b14038afcda0c87f2ceb07e408a02ea9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:07:02 GMT
x-content-type-options: nosniff
age: 8310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26309
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:41:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Nov 2024 13:07:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7CF 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv55Z-acFIdPmNd-egZybQfS1zShAfZ9KB-3gQwhHTuLy_VoPsrXpQq5ec9buIxp93drfIeWwsf5DxJqoss7P6jpOtXGrj-3oxTZt-MDagHdnTRDbNPk2qwopq0w8BxBWJ6N96tFVm1mkfodp7HUkfOviavz8M5BcMvgqLN1o5MAzaM7fTqfeiXETWRKYuHrDEwC4OrMYPDqd244w2RzS6eX79zi_XtCNAnhwVb81xnbzgrHZGHoqUWK0W7UJw2khesQt2f49wMlKJIFo9cTtn0FJDxBsHnbAuBX0DPeLJwr2wPhsPfuPrv8-CuI5mOjz1FNGlppSoQGx9vW5RlyijorRaz7ISOJLx2fQXJ5jyK73EXBrjDvPIqOzDE41b_JQ&sai=AMfl-YTbpq6QvjcExPgDvVO3ziiBwBxN_p5xYxlWDLkLHn4mt893zpfM0SZN6Uu_7QanrvVvg9jlsq3sHtqndEc6Ffff38DjlHkNxk7b4urBnQcxuUZtgv8mFcUG2q6rYQ&sig=Cg0ArKJSzM-UjhsMNEiiEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame E7CF 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7CF 189 KB
59 KB 173ms
101ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 10381189358088505745
tpc.googlesyndication.com/simgad/ Frame E7CF 38 KB
38 KB 33ms
32ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10381189358088505745

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

249e87b95ee48365855a79e62973446c7bd7d6c6f2d9ba4f7134ad524aa6a5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:59:49 GMT
x-content-type-options: nosniff
age: 285943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39364
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 07:46:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 07:59:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7CF 0
0 24ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCcx9siKx1kyZ3TV4VL2BAtXWqEvhBD0SMcc7AJzD6A51-VPUPcaDzf5EkmB-7SD5Ky0ip
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 container.html Show response
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB10 6 KB
3 KB 33ms
12ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Sat, 02 Nov 2024 15:25:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310201815000/ Frame D597 196 KB
55 KB 84ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56123
x-xss-protection: 0
server: sffe
etag: "ee0c45c0e6d03a96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame D597 15 KB
5 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "56e8153251b9d132"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame D597 95 KB
28 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29064
x-xss-protection: 0
server: sffe
etag: "2b86ba6a96452dbe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame D597 5 KB
2 KB 74ms
71ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1923
x-xss-protection: 0
server: sffe
etag: "560b2476df5f84c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame D597 40 KB
13 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12957
x-xss-protection: 0
server: sffe
etag: "143af65c0fcbfced"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310201815000/ Frame 226B 196 KB
55 KB 84ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56123
x-xss-protection: 0
server: sffe
etag: "ee0c45c0e6d03a96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 226B 15 KB
5 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "56e8153251b9d132"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 226B 95 KB
28 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29064
x-xss-protection: 0
server: sffe
etag: "2b86ba6a96452dbe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 226B 5 KB
2 KB 84ms
82ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1923
x-xss-protection: 0
server: sffe
etag: "560b2476df5f84c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 226B 40 KB
13 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 17:11:53 GMT
age: 339219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12957
x-xss-protection: 0
server: sffe
etag: "143af65c0fcbfced"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Oct 2024 17:11:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 226B 2 KB
570 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:21:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F350 3 KB
3 KB 27ms
26ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 28118
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 04 Nov 2023 07:36:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F350 344 B
368 B 26ms
25ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 30431
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 04 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F350 0
0 22ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuvfyL6qyKxf2cx4u05DKgDKPtEKy-86LObLnOzgRt_sOVN349BVHDeJSC1cRdB6ieuo-u
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 2520648857030162835
tpc.googlesyndication.com/simgad/ Frame D597 29 KB
29 KB 36ms
34ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2520648857030162835?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn65yHQhgrq1jQXnAXTfMkK4-n8dg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e327d0099c5a1e80f182574d39f40112a0b86c90209f96683bae0168326453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 07:00:09 GMT
x-content-type-options: nosniff
age: 375923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29714
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 09:16:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Oct 2024 07:00:09 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D597 3 KB
3 KB 34ms
32ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 28118
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 04 Nov 2023 07:36:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D597 344 B
368 B 34ms
33ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 30431
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 04 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D597 0
0 23ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPMDuEDpqEy1_W0nu6O97vvrx7Un30gpJWQrm6SLaVCLHotL-FK9ir4rtMWik3NfphyXK6
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 226B 3 KB
3 KB 34ms
33ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 28118
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 04 Nov 2023 07:36:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 226B 344 B
368 B 34ms
33ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 30431
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 04 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 226B 0
0 25ms
24ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRI2WSRoSsSeYBSfN4uv2qYg8sT94aBSEmr5fkNUKE0zPxjMWcMFyzD0ZK2SI2DogT_9DSc
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 cross-512.png
cdn1.iconfinder.com/data/icons/ui-flat-16x16/400/ 8 KB
9 KB 44ms
41ms Image
image/png 2606:4700:e4::ac40:ad26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.iconfinder.com/data/icons/ui-flat-16x16/400/cross-512.png

Requested by

Host: std.stheadline.com
URL: https://std.stheadline.com/dist/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb509754bf3accae8062063fb55b5dcbd4fdf80c13e7629ebe140f86e119096

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1891555
content-disposition: inline; filename="6717904.png"
alt-svc: h3=":443"; ma=86400
content-length: 8607
x-request-id: b35bf737-f090-4a58-bd66-9b6f864927eb
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1696883099&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=adOaByMp6RoSDXKvQIXgut2WIRXW29%2BQl8ODp1rb5XM%3D
last-modified: Mon, 09 Oct 2023 20:24:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1696883099&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=adOaByMp6RoSDXKvQIXgut2WIRXW29%2BQl8ODp1rb5XM%3D"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8205a165ad120209-CDG
expires: Sat, 02 Nov 2024 15:25:32 GMT

GET
DATA 200
OK truncated
/ Frame B687 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dda9e5e94a3edb823534f5087d7f790d5c76342d9629ca7a3a4aaffcc66c237

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9957171258443192871/ Frame F350 46 KB
46 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9957171258443192871/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c541f6e7a3e287e7a8b3c6ecf413306f3c762a847a4443a8e3ea22bdea957f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 23:01:12 GMT
x-content-type-options: nosniff
age: 318260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47388
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 11:52:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Oct 2024 23:01:12 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9545843590090563790/ Frame F350 2 KB
2 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9545843590090563790/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9acebbba1bfeff45f726c067a80bf642a2d40b11a456d7cc2eee6cf276b50ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 22:19:45 GMT
x-content-type-options: nosniff
age: 61547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1593
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 10:18:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 22:19:45 GMT

GET
DATA 200
OK truncated
/ Frame F350 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe6439572c81ef4ee1f622dc8163e6c74f95259df71db003869ba75572037489

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F350 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05780e564cc28fec43a7b742dbc37507ec540ccb6240f0c9ac5dfa7c89fa9d94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CFF6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c67d333a7165afbb8b8e6fffba898c04cad7f62ba2993c0306da1fda37e8ae40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6E8F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44ba882d037a62abcabddae28ac9b3ef4fd65654e40c4230537fe9d464c82fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E7CF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfedf4879ea6d624d908317d6b8ae052b7f94532b7c3d540c3c39c860b55cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D597 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bcd5c17a254cd4a072a72be3972bf66d7cff97af5e06c3639452857d8e26a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10437194146342556150/ Frame 226B 28 KB
28 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10437194146342556150/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c708f1377f3104c01c8030e66f4ce062153bda7769d74e6b0fc6f2b0f5a3e482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:00:15 GMT
x-content-type-options: nosniff
age: 210317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28285
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 08:59:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:00:15 GMT

GET
DATA 200
OK truncated
/ Frame 226B 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77a7a23b07670a5a31946d32365e59d374ea1a4f9d41261d5471ec0cef4a4217

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 226B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af1625f27e7eaa0e6ef2091feccc30d310754e69fc7c11486b0479bb7e3d8203

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arj Show response
rtbdemand-d.openx.net/w/1.0/ 73 B
285 B 53ms
29ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=daf20067-107d-42b2-a05b-c93cd3c6eab0&nocache=1699025132486&schain=1.0%2C1!rtbdemand.com%2C22529%2C1%2C%2C%2C&aus=120x600&divids=andbeyond1206&aucs=%252F21751243814%252C64888526%252F628280-120-600-6&auid=559105178&aumfs=10
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f154314ae0c41246999f1e6bd194abba3344102e0500c30b5f6a1e1a2ee9e901

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://std.stheadline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 732 B
1 KB 194ms
92ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=475452&zone_id=2822232&size_id=8&rp_schain=1.0,1!andbeyond.media,11712,1,,,&rf=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.ref=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.page=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.domain=std.stheadline.com&tg_i.pbadslot=%2F21751243814%2C64888526%2F628280-120-600-6&tk_flint=rtbpbjs_lite_v6.24.0&x_source.tid=daf20067-107d-42b2-a05b-c93cd3c6eab0&l_pb_bid_id=4833045dfacbaf&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21751243814%2C64888526%2F628280-120-600-6&slots=1&rand=0.3557447978654569
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 52f9dfd25b8000960e13ea7b51ad646c2bb4ea81664b617e0d9d00e193f11a13

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
585 B 84ms
10ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: c92321ef-6a18-4dee-a20b-ccbb519780f2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 98ms
24ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
310 B 113ms
40ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8205a1668d023a6d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
891 B 579ms
16ms XHR
application/json 188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 505ms
71ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e7e2c9d350ea2c20cdc3a849f809e9d15094ff6fb06555175d5772c57515cd12

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://std.stheadline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 841

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 80ms
11ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 8c4f158c-4073-4854-97c2-5d4f36171d79
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 81ms
21ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b99b0d8abedbc69f8d4ee5a1c17afe5b943e0ef7545964e6757cddfc24e08717

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:32 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1982
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 223ms
139ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=81881719503

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:31 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
171 B 80ms
19ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 03 Nov 2023 15:25:31 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
369 B 370ms
18ms XHR
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0fdb9131fd2f2a1e147a61e2e07e870fb540f1d3ee1a807d7fae0620db974733

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
587 B 65ms
9ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 4906ddcf-495c-4f83-a03d-08b4b51c4cf3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
737 B 103ms
22ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 8ad67548a761a0c1c4601152c23a74620e773648ccac0ea2a51b2dda4b36eaf8

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:32 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
382 B 109ms
41ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H2 200 arj Show response
rtbdemand-d.openx.net/w/1.0/ 73 B
145 B 37ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3cc9875b-2132-49fe-8b9f-2ca3feb82daa&nocache=1699025132530&schain=1.0%2C1!rtbdemand.com%2C22529%2C1%2C%2C%2C&aus=120x600&divids=andbeyond1207&aucs=%252F21751243814%252C64888526%252F628280-120-600-7&auid=559105178&aumfs=10
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d8ec1529c8252274b8fa894f3816672ba99b45464e27f6994c14b438fd22c671

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://std.stheadline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 732 B
1 KB 195ms
139ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=475452&zone_id=2822232&size_id=8&rp_schain=1.0,1!andbeyond.media,11712,1,,,&rf=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.ref=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.page=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.domain=std.stheadline.com&tg_i.pbadslot=%2F21751243814%2C64888526%2F628280-120-600-7&tk_flint=rtbpbjs_lite_v6.24.0&x_source.tid=3cc9875b-2132-49fe-8b9f-2ca3feb82daa&l_pb_bid_id=34b809659acfc03&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21751243814%2C64888526%2F628280-120-600-7&slots=1&rand=0.09022360751284508
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 82769aa1a413334332c0e0d15f35ec7797298124a43c6dce17fe54e173c163be

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 47ms
19ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 213f6a18-c2b1-4ed8-bc9d-7167994a8087
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 69ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 80ms
53ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8205a1669d083a6d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
890 B 534ms
17ms XHR
application/json 188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 219ms
58ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 1c02ec5ce9f353a45ee995a413751c2ad1fcdc9e2bc9cb1435861259784f39d3

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://std.stheadline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 838

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 48ms
22ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: c92b3899-fe7e-4328-8913-c691d07c4d19
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 65ms
23ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 24feb2f978c9bde6be7457c893a81d2e6e127c4349bff7611e153d33aef6aeae

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:32 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1982
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 137ms
89ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=97922124361

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 44ms
19ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 03 Nov 2023 15:25:31 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
369 B 335ms
18ms XHR
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cbae153705044e9bbd76950cf313fe3d0cb3f59223cd4f37cb3aecb22c3e9025

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 42ms
20ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 5823ab8e-3517-4948-87b3-9cc087beda05
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
405 B 73ms
27ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: fa4d45acffd06d885495530995c5a39300aedcddca357066be53468b5c507af6

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:32 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
382 B 88ms
44ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F350 15 KB
16 KB 75ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 524893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F350 15 KB
15 KB 80ms
31ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:22:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 226B 15 KB
16 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://std.stheadline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 40720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 04:06:52 GMT

GET
H2 200 arj Show response
rtbdemand-d.openx.net/w/1.0/ 75 B
150 B 399ms
397ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7922a387-0a04-4ee2-b771-48943f50b766&nocache=1699025132610&schain=1.0%2C1!rtbdemand.com%2C22529%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016&aucs=%252F21751243814%252C64888526%252F628280-300-250-16&auid=559105178&aumfs=10
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 54be3a7e7ef8c06852f510db379fd2c0449a6ecffbaac4151b654bf99e953f73

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://std.stheadline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 734 B
1 KB 198ms
198ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=475452&zone_id=2822218&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11712,1,,,&rf=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.ref=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.page=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&tg_i.domain=std.stheadline.com&tg_i.pbadslot=%2F21751243814%2C64888526%2F628280-300-250-16&tk_flint=rtbpbjs_lite_v6.24.0&x_source.tid=7922a387-0a04-4ee2-b771-48943f50b766&l_pb_bid_id=6478b4dabbb5e46&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21751243814%2C64888526%2F628280-300-250-16&slots=1&rand=0.09920757927477464
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 621ad50a5f51139a98256724d0e10bb1856612de37e24646320c6335a0f4b95c

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 10ms
7ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 14fd6fb8-0574-4c50-9122-7eb3cfa067fb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 25ms
22ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 49ms
46ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8205a166dd553a6d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
890 B 460ms
17ms XHR
application/json 188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 KB
1 KB 200ms
64ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 14425bdb51313ab29d844c4c6f20690508a4c4475d2dc8ee5a0dddf5dd781b31

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://std.stheadline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 853

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 7ms
7ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: ee7026f4-9cf2-439f-827e-5bdbfed24929
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 71ms
70ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9646af07c16149c27678ff0d4001b4e94d680b744f2b1044dc1433ee4d50cf88

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:32 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://std.stheadline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
197 B 61ms
60ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=45992693411

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://std.stheadline.com
date: Fri, 03 Nov 2023 15:25:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 19ms
18ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 03 Nov 2023 15:25:32 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
369 B 371ms
130ms XHR
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 61a18f52ff5eb0fcb2d37118ba350a06c6977e9e7b34ae999f96a4c2c88efebb

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
586 B 24ms
21ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
an-x-request-uuid: 897f7dca-c365-4065-8c3b-3943cbc3913a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
404 B 26ms
24ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dfc1c497167685a60311f00c26a612ff0647a0ca6bcd8f898e00c48a514e9ca3

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:32 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
382 B 47ms
46ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C633 0
341 B 158ms
52ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGLm5r_sBMAE&v=APEucNUpjrDMjRfCde6kbVKzk9CdcASkZy921hPwBOXAECDhJBHPms1y3vr2gJ8_WFq311CbHkfdyWTrSSyFsknQgmYoO0_zBA

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AB10 89 KB
31 KB 108ms
104ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB10 42 B
63 B 67ms
59ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWvw0isQBf4aJc-blecnIqnMcrRANY062IpsS0uNRsF2K1U9e4KEpuwMAtMCVyJ-v33kxydVL1J8B3dlfrKoC-Y3V7eDCHtHSQYe2kJW0bvufv-H0

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB10 0
20 B 67ms
60ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10134606371858721639&x=1&ct=76

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AB10 3 KB
1 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AB10 20 KB
8 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AB10 0
0 60ms
57ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbYLvWMWiSdwNnVwJMeX6qDJ_ueG-3sMl0k4155ZYpjxE0sgyaBNVonP0KQj7beKSvfAQV
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB10 189 KB
59 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 132 KB
47 KB 99ms
23ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d4ca6d68f1b016f9ac04d2338df4d2fe1e66e58c2e81a6c81f982e0ae0ec344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 14:57:27 GMT
server: cloudflare
age: 0
etag: W/"31fbfbdaeb1659abee1b8a26f021a45c0e427659"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8205a167bb7e5d9e-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 57ms
30ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 138184
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Oct 2023 08:11:06 GMT
Server: cloudflare
ETag: W/"42783f4dfb63346ef86cbdd3594314a1"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LhQdKICdB1vK%2FQzT8u7Jfh0lzfKWlhWtMr%2FQoFLAQsB%2BPjQQYmo%2FF3d9psnW%2FYkyKc8DtJ3ImSu7snG6dEzSQEodKY7y7%2BpEDOEHf3BupfjyAa%2FYWMdnReJop036M%2FDOnDbIhWni0r5uCp8"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8205a1676ca09c0d-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E8F 0
0 104ms
54ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf_m6_EissPavZtY62RvYiCZYQwf-sG2drj6ihi9Ujny8RuAh2nmOhaG4Bucz8N5o8oChVg7HUJ47fu8lOzpWNfOdIuDznj9s3UZg__iqysKn0n0wyLr-xXXLbvpVUd1K41kNi8RA9uPVDJ7RcAOtymhzbGqmDmJKYWhDWicZnAG3BSFoymgOyzwf0LRzUivWYjJQzrXOS7jCjS97cXTT9BjepWs_rv9jt3ubKYFl3dFQCQZwDSqVNoBKK-G5LLQZ6kBVVIMN6k0SfrL8Hun4Fak5ijpi-jB_wz1LRdmbhpprF7LZEpNC1M1nI0YviS5ullIkFbbJXPuFTmciMC5KLmL3Zy9FeYK5v0PAGQOBpqnCM35YFzWIsWL8SOaHLx25L&sai=AMfl-YQs3dJfyn9E5WwxU0cm9EbHNABZozu4ptsEyWj9e3F2yuW5xnqYKM5QjXZGXz0bbV_8BRbDpK_jjutdOkWHC7yNwBdvbjUGWi69igOzfzGMrlEKWW3O37DoK9XJCg&sig=Cg0ArKJSzKBmhzpQyTxSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7CF 0
0 61ms
50ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFZkOwlE7eYPevR8TtN8VBU81xvebZMj-9GZ7DQQ6fMYi_iBfjpT0zZ2FuxhchxdBKzJZPKjk6cIu0A22reBl0jV4fqFV8fI6ThhaFeygjnJuUsrFZddVA9a2d_gd_FUMYCGO8hLgzWbwDaLN7K5S8bhBaKHr0NyCiUhgVnsnfxjgzYUKPCTIv2NPi2nlh49HBDoyF-UjSfR4Y1jrJ5mZbus4hnTxG8M67WDGHqZueoCVuzywszZL9okWHrH63L_DA-lTmiDDVUciSdb7wyMOR--TQqOHkW1Zqygez9aLFhPyBvvMx-ZX8C6xA8lp1bDYSS_QKmE9oWECJqUny5X1xR375MoYudZaxvJ70cRxPJi3Ht0F_AbXXxkrM4SOwn1hs&sai=AMfl-YSbmzY9-iwIhMsedlviXm_6gH97V8VCbfT1OGQlY7PaVa843fQ3ygWcoI_lD_oNbViBAqw7lHUScvCLSHY8cnOGjgbJpD8wGUrixLk8RV4vh8K4FQSvgd0VqGd1wg&sig=Cg0ArKJSzDZ5rk1voqQWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFF6 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjjP3ZlX407xnrrIdHHnqsApfqW9kmtHuZcr4Hw2ZxRPLn-uM6AGkHhT2DRBoKe0k2dCDRzZgNxrLEtcxh0lvK5gNmbwfC-XtRhjoiB6Gv1Jmb2N8ACh9BZS3bCe5n7gExIDIPq8AcAWEBW14w_q7-ET0SZuzYayyMTl93KPrZc5fqFywTEUmrK-Bw3N1kyQ_LwpSiyJflX4Bo19G5luDxoc9M7jX-T6FvUHKEE-jw9lU-I5suXVwYZbSFa5CjgcpL1EWa9mcJHNNjgnF3CuqPglXonSvYyniiFgBC5t26LI1FleN7MhtHUYrrLO0UAjIqapiVgKk0xzs6zhAd-SEUiHU8gtTPB3IXYWpaptwt3wnKgC8hbeJBiWyr-9EkWkTR&sai=AMfl-YRpgnTvYA6U2UV-XeFrG0XTyHwExNltmlAHEnpIY0LX-LZan_CTFPeb2vqF23tjMWSyQSz_IVkbKcJLzc7qD39nhJlp1Isu_an_sVGkCzXkIXO5IHLI7vLMZZA18w&sig=Cg0ArKJSzALMHFOguFYyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B687 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRhN_U7JYO_2Y0Pj1zuNzHOkefwD-QXpiX7kAbB3mjhLyX_r_VTrSG3qqzAZZiZXwsDqeQqSOssvESLALASYjerFE7kmtdSjLOXiSPn2iBj6owMoG0vXO76AZ8zeaH3OSD77lSLKkTsUT8CGTe8gkOqm9D0FNGc8LcZvpLVZKxo-D0JjRqliyoR8bDA0DozSFcm3ZzNc2uYwweAete5yTqZKbYcVRTragbpgWd5uLqHIg4icIqKDPVxommgHt80h1xmWj6TRmvXvA6LKGVowimcIh1zgjHBA8gpjBb75XqBd_4wN8XKNDhyN0qJxlUGvnMtzzbeumgVAbAMWapr2bTaNPiog_O1TW5MTPy1xaCsLL59cimWGJtolcCET8sscOWyLg50A&sai=AMfl-YQ_oxfS3Xt8JFRFxV0VqYQnsposWc8OllJcnN_gkWxj6kGPoAVeXUJTfyCJaIVqqKosq78YNhREajTJptHoiTULyCFFSmS0jHCRbJed59qSSeUmzQqWwCGv6F4Evw&sig=Cg0ArKJSzNqrRI6KIDczEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Nov 2023 15:25:32 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D597
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

31ms
30ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

date: Fri, 03 Nov 2023 15:25:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB10 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8947042749768&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB10 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8947042749768&version=m202309260101&ct=76&x=1&cor=10134606371858720000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AB10 82 KB
38 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AizQBr7bF4KxwxcN38dPRcabcFznjkxkmLDEVF6ilrgGCaZtbRB4GVkrRYZ3RiA3-sicqKNS1v2M8uNxU0m1wp0Z5KYw&cry=1&dbm_d=AKAmf-C-1EuKWz-KiA8AHQxgj2S_owPy0IL1SBWDEl8ZUrlCKVtk5pwbGtPkGl6XWVSbF02R7wfWtYFvmEX65sfmNVDnpwdHnM6gHFvVws8dgM-dTRfZfBX9hJiDvnq5exNh_Ca6WoWGA7lqtpzO_DQDJ7pK2mcQCwFc4tZC7kCEgbjgByQjyEcidMA2Bxzl97bj3aLL_d8L_W2b4S0u-2-8ldvrm1uRf_A3oV-p641-UMuKkFP319zdEaplX4Hzd_iycXHOl0jlt5Dvzjqax68U8GCLGk5sfa6yNCbQ3G-oFmA65pwpYNV3R9X2NTvzjeKAQk9uZUObarCf1KT-Af1JpuTZmW7cV4woiQcl1RwjU-K0py2NcN-8StIxsnB8YTOPHbcNJkfXRLE28iRbzfaaX2SaZVu-84CvhjSFv4QeQp3_p6DQApOMt4QeEqyyHCazeaCZ3rfmldxguavDLEbY3GuAB49fUQ515DriCdKtcOpvlE9On4V7f95iJcshKAtv2yk09IXGCXeOFuvi05-toUfpgOXOKmgBpvHlTUIxgtXWl-48eRsoW9M3Ovyil78C_ypU5V6wwEgLgwJ9J9t52-mqmV_FcsFXosf8MNzw71spy8QnqniaZENnJZcWfl-XxHVZNZlVSxJGDaA6kKF4db4iPzcuVywGKRsEFWN6NKTJd9dlQGN7kcAnlE9Mjsp5taEEs_EjGiRQYIsO06ZtiHhpyGGz2hxZ_4I5L1kOb14Fq8H1CJkHGsdBNG15WtnV-6nvGM97Ub1KfZLPGSjRMJf8bAdO-O1Si82FLPoZ6rLRYOmrPsFrEdHpwwpnIqTE1Kbd1mP7o2_sklg8VQTPvdinfdOkrxSm4Pi9wUjDv4f10SGWL_NMeIockjmB573CEICTTIIM-_3gTImQvHov7SzI_9z0LcJCb2p1-D9mGTu-90wWNsggpbQ3y-DXmhxIbC8oSOPumJ6cwW1njh2dt86k9O-TiqNL5lCjns-ZTWgo5Dsz08dbO9eK9epu9uljpICUjQl2z2aRTwcd0dNET6tHC98XDG66r4ss7wlGkSkQQeGnX-y-eZtFqLoqiTJza6trrp953iFgy1nY9VyGScxQtzILab8rsKjRG7zO6g7IsGmfV3jjVr2z5Otz6bzTUgmRUaqyAf8vOqfpOLLC0vG8V36P7Lk2A-IXR6MAPMvfmzEY174wBZqWWyErvjMPIYhwwl_sD36mNlnwAo_uX6dQPhkP_XHh8oqc1ORJ-PZUrOnoIG7fSk_MHdCnH053BTjgANCoO7ap1sqs7gkvwgPWVFmOR8mJFMpCJT39ij61tSrvEba7LpQJSJGAPQlX6mCLcxqeJqjkQM7DSuujWSJmV_cmB7JJlFaQcQDv5PG98er08O0S7j5h3b1r8mkAc5j-W9bwWfWYKxsuZeySTIA63ITpoGPfA9saJ-WVeTKWN1W1xCRVcxzbMMub2IDil211cj0g-chq6QFk1b37ZehlD-ITQsPY7VFRlLHs6nRoquh5Yi2sMr3EGua78Qhi42HeAkq2ZtBYkE732jkDfIdH7jdBr4X6UFOH8AClYTC2suEozKL0VKlZKkhcIGzVOZzf0pwbFsYbNHJ8H4QktgSmygBYkuPNGOlQal809S_N4VI_nAP7Pgwax-H3apSm8i8kgGHYpYNoebqOZ2N23AmG8-_n5sKy246IW1ek5lN4kALK74zOzayyyisB5HtofTU_HHG-qQpX9Ilu4jq-mgC9JG8X9Iw8wJLG4zNNRt07xPjShbshDv0gs6p-gXNpFhl0V1Tab3yADu18KLhFJdr1OtUbe4bxQVSLWTZ_vQMBoR_DW0BGeVXguqZiEmFhmsDTH8TbVYEhGhzJDaDfN44SN-LpUjYfiPQB9_AdMp98g3wt2zb2W4WCqPyPo4ifnLOhbwyHdnlXVuMz1Xf-sBOrwBjREPuNTF-L9Lvuam-5d4EEB7f9NwWQRlw3PyIIMs-Y_P9qMakKea113aGba6Scf8j6pB6aMUURTwL-qzQcID7QwSqIKvbX2qP9Si19KVKBi4oIV1ITyv_QGwSvhQGZA-osV28yRQZsJnR0dBszg9cNhXHf32dgcfSL4G3QGK4Z5ggO7p0DKh1_7apz21vqvXlcqk_MQJr90hmvxKHaqwWE54JkW58YvMxzrpyi7XqV2IlN6dVHGuoGel9L9z2AUzDBeLU6-iuf4_G6F6nJpiVk5K_q-PyNL1fpxs98MXpKeOvz3g2GhtlWykZHPpDkBEy4TbiljnF8chgue8THunHPiQOtv6Xl07et1YzymOADiW-oQEBK2B7A19F0EMLrbl3F8J6COxxeDRrwuq-zkCT7DthpvGBn9WNf19qGa1n8sXsnDEgevK4sMGMISh3GxflHSX5oDGhE02MIbhnmFzMvkMNIPHrLou5XvYvMWQs3elqz9axUJ4HmwynHjULHCdoPAIGkfE8_L9AvIjCez-CO5vmU-0U3pNfkHBi9xn-DKQjO2KDOYb8NjP8eJZHrMa_N3B6o63GVmO0PQ4tSAQOLTnA0xhEZf05i7Tl4T7lG065hsTp5cLXsUZXpDD3C_LR1owN0nGqYe1S1bjWSbsETO0tyY9TO2VOkzg1imid5hJzPQZQ7tuz9-AOeyIIdb-c3qFs4HeBizRMU785tVN5j74q3ahDMbEixt8va_AdvaTmAE_yzxty12ivvBhSJIdWf0Kt9j1bOe5ND8spjVJyP0nCKNwDQgXHbXI_jVDVMtR9-2bTZsVEOHGdBXBQoAYLjpNzJVwPNYdqyqRbisc1rVlBjtTOYYw8emaxqSa2NRMAF2kIHNNy5JEjqwpNMDL-cAe3-Kt8T4rqgG5gEBMVw9b8w-Y5dyzs4DY0YjzCbjBVwII1TvUOpOlo27Hv5485Ct_H7_mYLnh_unNfVQh5D5tcNd0oLP4rGmvnJISk2e0FDe5g5op7AaBGqXFWDROySn65nDLqfqY-vLFOhLfSkQIYadYrev40FZx6VZjTMpYgsVPOmSIrSFVUbkqpAvBpSFWsfzi1NkjxubyzQEzovD5-qp6r4XAMUcSl6mm7BR0O3p4zP6c1REi3mehBtIx86ECkGDXKK3cn853YV95ND4pqvvu5_poKsCSw3_DC1w1JbWWuqdZvFbnO3--CyTd33G8a3JJc3feTwByPaeviRiFl1uw-tqf5q23ctnpkamxTBprI0-oDeWXLnZj-02Po2WmLJ8oiZ0NnFZrphV7sz8nBUVfrcjaew_F8jdbrqdUCZkzeigooS8W-iqKMniYT4_rbvMy1TcNtApmq7yKcT8w0yX2z76jwwhT00fDICgxbEt0YDsEQdhDdRr81Oa4UsM32buxm_szvQT2xOPFDAIOxTYpiuWp83EPkugofq3rV9Cn38-DTR0KVyrQ6zangNQ6nQV0m6lVubLz1ZLqoZrayQHaSS-KtioTCP4LNluZgFeK1cDtkKsMAaqctB4-nJJOkzW1GXmGHjP5d6okjTwEmaTiaFYx1UGiRnayfvOFowXZ7mv_L1A6vpIogtCxMG6Egxt-XTm87rVJrVhITmlzadTr0IOXl3m_1L-cXEdEvemdoAHT3oBq-i2JJFOjz9-iAiO03Piex7SVdU2LRsmwFU2Yo3cWWT-tCTkTgTLmrQE9TPW8VeqanjqVYZd_y-pzieZsEhbGePhi-iY511CuObP96kFdSzi75TAEApZl45RNqO-qX72UJeFsRdpkVGV4qNeuZ0OtBMfmR8Fgvz5LJ8I1w5JOXSqV4uYX6hIf-itPcnXUK4uj-MKZcJ0JkHAvrO3Z3_AQpIARQ11qQm2itCEA_D-h0k7UM2LwLoyOLuWiqQ-lnizqfr4D6TN0hvIFLO_kVm3otsgaq_2lnjrXOISfiOPqUVPiWt4mjptcL7B2tWG8gGrZej_PxZ4A_Mtrs5XB-e3RImUNpzujq6m4wYLmjWjiW7C1jXnmM-zzmIILa9jjO0ZFk-MJ4E9nyiAWEKt6iPIg51Dk4GeXa3RWalB4aqrCsVGOWj0aeNi8idFtAQfmhb2Eu0z9Fes_64K8rQ6JK1RrGEj6AXlvsmu98&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=10134606371858720000&adk=3690638929&idt=112&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0194c2c4443d6cb4e0a2265bfe8ecf70478941f5456d3423d71a2be01c8c08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38780
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 145ms
101ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://std.stheadline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 03 Nov 2023 15:25:33 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 103ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://std.stheadline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

B29249369.375092099;dc_pre=CPqsm-yRqIIDFXGhgwcdHyEIHw;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N5552.Google/ Frame 226B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr...
https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_pre=CPqsm-yRqIIDFXGhgwcdHyEIHw;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_di...

42 B
118 B

39ms
37ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_pre=CPqsm-yRqIIDFXGhgwcdHyEIHw;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5552.Google/B29249369.375092099;dc_pre=CPqsm-yRqIIDFXGhgwcdHyEIHw;dc_trk_aid=566117753;dc_trk_cid=198252207;ord=3412111196;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame AB10 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AizQBr7bF4KxwxcN38dPRcabcFznjkxkmLDEVF6ilrgGCaZtbRB4GVkrRYZ3RiA3-sicqKNS1v2M8uNxU0m1wp0Z5KYw&cry=1&dbm_d=AKAmf-C-1EuKWz-KiA8AHQxgj2S_owPy0IL1SBWDEl8ZUrlCKVtk5pwbGtPkGl6XWVSbF02R7wfWtYFvmEX65sfmNVDnpwdHnM6gHFvVws8dgM-dTRfZfBX9hJiDvnq5exNh_Ca6WoWGA7lqtpzO_DQDJ7pK2mcQCwFc4tZC7kCEgbjgByQjyEcidMA2Bxzl97bj3aLL_d8L_W2b4S0u-2-8ldvrm1uRf_A3oV-p641-UMuKkFP319zdEaplX4Hzd_iycXHOl0jlt5Dvzjqax68U8GCLGk5sfa6yNCbQ3G-oFmA65pwpYNV3R9X2NTvzjeKAQk9uZUObarCf1KT-Af1JpuTZmW7cV4woiQcl1RwjU-K0py2NcN-8StIxsnB8YTOPHbcNJkfXRLE28iRbzfaaX2SaZVu-84CvhjSFv4QeQp3_p6DQApOMt4QeEqyyHCazeaCZ3rfmldxguavDLEbY3GuAB49fUQ515DriCdKtcOpvlE9On4V7f95iJcshKAtv2yk09IXGCXeOFuvi05-toUfpgOXOKmgBpvHlTUIxgtXWl-48eRsoW9M3Ovyil78C_ypU5V6wwEgLgwJ9J9t52-mqmV_FcsFXosf8MNzw71spy8QnqniaZENnJZcWfl-XxHVZNZlVSxJGDaA6kKF4db4iPzcuVywGKRsEFWN6NKTJd9dlQGN7kcAnlE9Mjsp5taEEs_EjGiRQYIsO06ZtiHhpyGGz2hxZ_4I5L1kOb14Fq8H1CJkHGsdBNG15WtnV-6nvGM97Ub1KfZLPGSjRMJf8bAdO-O1Si82FLPoZ6rLRYOmrPsFrEdHpwwpnIqTE1Kbd1mP7o2_sklg8VQTPvdinfdOkrxSm4Pi9wUjDv4f10SGWL_NMeIockjmB573CEICTTIIM-_3gTImQvHov7SzI_9z0LcJCb2p1-D9mGTu-90wWNsggpbQ3y-DXmhxIbC8oSOPumJ6cwW1njh2dt86k9O-TiqNL5lCjns-ZTWgo5Dsz08dbO9eK9epu9uljpICUjQl2z2aRTwcd0dNET6tHC98XDG66r4ss7wlGkSkQQeGnX-y-eZtFqLoqiTJza6trrp953iFgy1nY9VyGScxQtzILab8rsKjRG7zO6g7IsGmfV3jjVr2z5Otz6bzTUgmRUaqyAf8vOqfpOLLC0vG8V36P7Lk2A-IXR6MAPMvfmzEY174wBZqWWyErvjMPIYhwwl_sD36mNlnwAo_uX6dQPhkP_XHh8oqc1ORJ-PZUrOnoIG7fSk_MHdCnH053BTjgANCoO7ap1sqs7gkvwgPWVFmOR8mJFMpCJT39ij61tSrvEba7LpQJSJGAPQlX6mCLcxqeJqjkQM7DSuujWSJmV_cmB7JJlFaQcQDv5PG98er08O0S7j5h3b1r8mkAc5j-W9bwWfWYKxsuZeySTIA63ITpoGPfA9saJ-WVeTKWN1W1xCRVcxzbMMub2IDil211cj0g-chq6QFk1b37ZehlD-ITQsPY7VFRlLHs6nRoquh5Yi2sMr3EGua78Qhi42HeAkq2ZtBYkE732jkDfIdH7jdBr4X6UFOH8AClYTC2suEozKL0VKlZKkhcIGzVOZzf0pwbFsYbNHJ8H4QktgSmygBYkuPNGOlQal809S_N4VI_nAP7Pgwax-H3apSm8i8kgGHYpYNoebqOZ2N23AmG8-_n5sKy246IW1ek5lN4kALK74zOzayyyisB5HtofTU_HHG-qQpX9Ilu4jq-mgC9JG8X9Iw8wJLG4zNNRt07xPjShbshDv0gs6p-gXNpFhl0V1Tab3yADu18KLhFJdr1OtUbe4bxQVSLWTZ_vQMBoR_DW0BGeVXguqZiEmFhmsDTH8TbVYEhGhzJDaDfN44SN-LpUjYfiPQB9_AdMp98g3wt2zb2W4WCqPyPo4ifnLOhbwyHdnlXVuMz1Xf-sBOrwBjREPuNTF-L9Lvuam-5d4EEB7f9NwWQRlw3PyIIMs-Y_P9qMakKea113aGba6Scf8j6pB6aMUURTwL-qzQcID7QwSqIKvbX2qP9Si19KVKBi4oIV1ITyv_QGwSvhQGZA-osV28yRQZsJnR0dBszg9cNhXHf32dgcfSL4G3QGK4Z5ggO7p0DKh1_7apz21vqvXlcqk_MQJr90hmvxKHaqwWE54JkW58YvMxzrpyi7XqV2IlN6dVHGuoGel9L9z2AUzDBeLU6-iuf4_G6F6nJpiVk5K_q-PyNL1fpxs98MXpKeOvz3g2GhtlWykZHPpDkBEy4TbiljnF8chgue8THunHPiQOtv6Xl07et1YzymOADiW-oQEBK2B7A19F0EMLrbl3F8J6COxxeDRrwuq-zkCT7DthpvGBn9WNf19qGa1n8sXsnDEgevK4sMGMISh3GxflHSX5oDGhE02MIbhnmFzMvkMNIPHrLou5XvYvMWQs3elqz9axUJ4HmwynHjULHCdoPAIGkfE8_L9AvIjCez-CO5vmU-0U3pNfkHBi9xn-DKQjO2KDOYb8NjP8eJZHrMa_N3B6o63GVmO0PQ4tSAQOLTnA0xhEZf05i7Tl4T7lG065hsTp5cLXsUZXpDD3C_LR1owN0nGqYe1S1bjWSbsETO0tyY9TO2VOkzg1imid5hJzPQZQ7tuz9-AOeyIIdb-c3qFs4HeBizRMU785tVN5j74q3ahDMbEixt8va_AdvaTmAE_yzxty12ivvBhSJIdWf0Kt9j1bOe5ND8spjVJyP0nCKNwDQgXHbXI_jVDVMtR9-2bTZsVEOHGdBXBQoAYLjpNzJVwPNYdqyqRbisc1rVlBjtTOYYw8emaxqSa2NRMAF2kIHNNy5JEjqwpNMDL-cAe3-Kt8T4rqgG5gEBMVw9b8w-Y5dyzs4DY0YjzCbjBVwII1TvUOpOlo27Hv5485Ct_H7_mYLnh_unNfVQh5D5tcNd0oLP4rGmvnJISk2e0FDe5g5op7AaBGqXFWDROySn65nDLqfqY-vLFOhLfSkQIYadYrev40FZx6VZjTMpYgsVPOmSIrSFVUbkqpAvBpSFWsfzi1NkjxubyzQEzovD5-qp6r4XAMUcSl6mm7BR0O3p4zP6c1REi3mehBtIx86ECkGDXKK3cn853YV95ND4pqvvu5_poKsCSw3_DC1w1JbWWuqdZvFbnO3--CyTd33G8a3JJc3feTwByPaeviRiFl1uw-tqf5q23ctnpkamxTBprI0-oDeWXLnZj-02Po2WmLJ8oiZ0NnFZrphV7sz8nBUVfrcjaew_F8jdbrqdUCZkzeigooS8W-iqKMniYT4_rbvMy1TcNtApmq7yKcT8w0yX2z76jwwhT00fDICgxbEt0YDsEQdhDdRr81Oa4UsM32buxm_szvQT2xOPFDAIOxTYpiuWp83EPkugofq3rV9Cn38-DTR0KVyrQ6zangNQ6nQV0m6lVubLz1ZLqoZrayQHaSS-KtioTCP4LNluZgFeK1cDtkKsMAaqctB4-nJJOkzW1GXmGHjP5d6okjTwEmaTiaFYx1UGiRnayfvOFowXZ7mv_L1A6vpIogtCxMG6Egxt-XTm87rVJrVhITmlzadTr0IOXl3m_1L-cXEdEvemdoAHT3oBq-i2JJFOjz9-iAiO03Piex7SVdU2LRsmwFU2Yo3cWWT-tCTkTgTLmrQE9TPW8VeqanjqVYZd_y-pzieZsEhbGePhi-iY511CuObP96kFdSzi75TAEApZl45RNqO-qX72UJeFsRdpkVGV4qNeuZ0OtBMfmR8Fgvz5LJ8I1w5JOXSqV4uYX6hIf-itPcnXUK4uj-MKZcJ0JkHAvrO3Z3_AQpIARQ11qQm2itCEA_D-h0k7UM2LwLoyOLuWiqQ-lnizqfr4D6TN0hvIFLO_kVm3otsgaq_2lnjrXOISfiOPqUVPiWt4mjptcL7B2tWG8gGrZej_PxZ4A_Mtrs5XB-e3RImUNpzujq6m4wYLmjWjiW7C1jXnmM-zzmIILa9jjO0ZFk-MJ4E9nyiAWEKt6iPIg51Dk4GeXa3RWalB4aqrCsVGOWj0aeNi8idFtAQfmhb2Eu0z9Fes_64K8rQ6JK1RrGEj6AXlvsmu98&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=10134606371858720000&adk=3690638929&idt=112&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11960
x-xss-protection: 0
server: cafe
etag: 17132697034905592634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:28:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame AB10 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:24:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:24:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB10 0
0 72ms
58ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMDj0kGpNhlDvxuG7iJKisocsssObGMgUSuU37QuA9zw8uDycMmBdirRg7h662XLCb1HJglr-aMMqn5GgePUtEYFAMk5hsSOFULQWlXotdKqMXjzNdaPN7EgVWLmlWGmuWmjXhssnSB2q1euB_KIMOhbtauKFJSreuRI7V20dGs8bHNg6VTAFOvOZ-K1b8uyAdvvEq7ZmZh2UEjNYdUh206ghmvTD6HMxaJGhIujEHA5Q3MgdFYAzPD2mtZx4fpu3_7lmVRnNL0erTryHptq6Az8Zb9m9pfnL6C9zz-kxONhIMfq8h55N6zktBU9_cHWiZqkHo4Cz5623o6GlU_gr83g4eb8ZlgCMq64W-Udj02aUi3-iqegsYOWqCT_jSDf5OlbdnmSpsqrfMwk6A4oPtbXr-ufv40UHTn-rymP3CRHpWob5OHtmC-1sSthlIrGtXdqhhodQbDhhXHQx_86svIuOPssxSMHxJqa6EakgFSEJgZcRBWRBVp-bvf2fv6s0dWFpoiU5U29j1A-1OzBw3_9NOuMQgj-Kecb5f-daBJvzcD2rzevHV7TsXOFojZofD-0Kg2pyGaZc9R4ptAMxo_wSTtQr6-zwPfIviLyF1R6_xzF1DVoK3KfbvLfnAWJzst-VaMCvlbOOx10lqFIuplWrEy8m4ucnVkDyH4_U9IZRHn1RTRRw4jTTTlHYxG7ltc8wOVpRumsWKPN84zgy2djCBJbJvc_Y7AsnAuHm50O0qhR0P7M3FSB2mr65L1Abrz8MEUkwwLcTphGBk-DKhklGusliMQ4LdzBhV1BtyuSJJmm4fHIIKkV9R6dVsfvn6Mz4cHu7bHv416SG13f1lrV_f_j7GlU4_Fw-GKAy98PJtxAt-LqfcGuxcMbo5Yjqi_wVuh32yPW8We5KkGibnrS1KV16r7CbSnMN2F6uZH0c15j-sRB2b1JjkAXWYUCFqbZFXqOaN8-c1dteoY_GmrSZ7224pgLw-tkGSNE_1nwK51H52GggYCcnx38Wk8lD8RQgG5zBUGMKBKqJEFxzyBTM5MQEZUOjhhvUMb6eRfq8Lwavex-5UBseqQfGeHO8KqTiXHHowIKZ6WTdqmESbeHt2Dl8nR54zvSKtwZOuqYyq2c15hl3v9k_yM1_bw5YZ_105BV_pRv91nQv3OwMmn-QU1-oV-40zo54O6Z4M4AGoP6vG2SyjBigPXyKJgRHCfkl4n07Py2gYE_7xG92T8iEOEA-J-kLyk_cAl4P9X08hDwTL7RIuRI-08BZqJvT5IliEAaBsdqWPl1BJtR-2uCNY-gI14p6kfM4a-bbi3atWRbVoceCE_0Lo-D25eCJCbE_3Tm9y0K34zFIjEgTKALq74i5h-Eb15k-snq7KUa9Ksgl2HkrgCPayw5eAWjSUA948dtBV0yO7jRuxGRmAiRfiygw6rAcXJD8H6AOG45EuE1CwB5BTUb4&sai=AMfl-YRPvySvT6HvEztQMdfPff7p1_GCXZHlbwIebENiQVl2La7zSceKxkT0wrcQv9Vd5HYplcrXADvN7IQ4nxa0RykxWBtk-BoCgDBK5otBkU3fBCN4Iwp5ss-E8Z6isuozBeDEnHoOVzRxEZDPHqEK8RlNGqaYNjLCqxaMNUmrZ7zpEaAszYT7Rxp7qr68oLJzpVLdGVZOCOFTCMgbECX0IcS7fw_h4Xw3r1_IIENXLVLWb4THMet41TleIe1wTrCIc9U-&sig=Cg0ArKJSzF4yQewAdMI2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231101.50226&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AB10 41 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 14:17:59 GMT

GET
H2 200 12462301870530845068
s0.2mdn.net/simgad/ Frame AB10 76 KB
77 KB 49ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12462301870530845068

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e4521666186dcc9e8af3e52a260384df8c1e7e3b53b4eb0c2a09e6a157189c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:51:53 GMT
x-content-type-options: nosniff
age: 574420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77842
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 23:51:53 GMT

GET
H3 200 q Show response
p.adlooxtracking.com/ 166 B
90 B 58ms
24ms XHR
application/json 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-skyscraper1%09skyscraper1&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-topbanner%09topbanner&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-skyscraper2%09skyscraper2&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-inarticlebanner1%09inarticlebanner1&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-inarticlebanner2%09inarticlebanner2&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC1%09LREC1&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC2%09LREC2&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC3%09LREC3&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-LREC4%09LREC4&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-1x1%091x1&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-popup%09popup&s=%2F64888526%2FST_Web%2Fdaily_fin_detail-floatingad%09floatingad&s=%2F21751243814%2C64888526%2F628280-120-600-6%09andbeyond1206&s=%2F21751243814%2C64888526%2F628280-120-600-7%09andbeyond1207&s=%2F21751243814%2C64888526%2F628280-300-250-16%09andbeyond30016

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5979ca0df8799a0ed2c45b615d4ae50438df2aeaf4550d0f25b573dcd5e98a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adloox-pubint-version: 20231103062916
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-ip: 178.162.209.137
x-adloox-pubint-commit: 80ca8d3
via: 1.1 google
x-adloox-pubint-commit-db: 8e96a62ef-dirty
server-timing: conn;dur=0.006, ua;dur=0.025, segment_pipeline;dur=0.281, segment_ip;dur=0.005, segment_iab-valid;dur=0.010, segment_iab-spider;dur=0.834, segment_bs;dur=0.004, segment;dur=1.315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
vary: Accept-Encoding, origin, user-agent
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
access-control-expose-headers: x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control: private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age: 600
timing-allow-origin: *
access-control-allow-headers: x-cloud-trace-context

GET
H3 200 q Show response
p.adlooxtracking.com/ 25 B
74 B 57ms
25ms XHR
application/json 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

002950561b27dcb01587f5ceed423297218cd1f5710c67022cfcbc11f08191a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adloox-pubint-version: 20231103062916
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-ip: 178.162.209.137
x-adloox-pubint-commit: 80ca8d3
via: 1.1 google
x-adloox-pubint-commit-db: 8e96a62ef-dirty
server-timing: conn;dur=0.010, ua;dur=0.021, segment_pipeline;dur=1.688, segment_ip;dur=0.004, segment_iab-valid;dur=0.009, segment_iab-spider;dur=0.887, segment_bs;dur=0.003, segment;dur=2.712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
vary: Accept-Encoding, origin, user-agent
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
access-control-expose-headers: x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control: private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age: 600
timing-allow-origin: *
access-control-allow-headers: x-cloud-trace-context

GET
H3 200 q Show response
p.adlooxtracking.com/ 25 B
74 B 53ms
23ms XHR
application/json 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

002950561b27dcb01587f5ceed423297218cd1f5710c67022cfcbc11f08191a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adloox-pubint-version: 20231103062916
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-ip: 178.162.209.137
x-adloox-pubint-commit: 80ca8d3
via: 1.1 google
x-adloox-pubint-commit-db: 8e96a62ef-dirty
server-timing: conn;dur=0.005, ua;dur=0.024, segment_pipeline;dur=0.147, segment_ip;dur=0.006, segment_iab-valid;dur=0.011, segment_iab-spider;dur=0.880, segment_bs;dur=0.010, segment;dur=1.203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
vary: Accept-Encoding, origin, user-agent
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://std.stheadline.com
access-control-expose-headers: x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control: private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age: 600
timing-allow-origin: *
access-control-allow-headers: x-cloud-trace-context

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F350 0
0 57ms
57ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsiUC6xBFZdLpGPKWjuwPhemj6AyHlLvmc86SlLyTEdnZHhABIITOmjJglaqggrAHoAG7-8LZA8gBCakCY01OGwTUsT7gAgCoAwHIAwqqBPADT9CFFxHu1bCRnL3SsNCoiVEGWTl1lw2Tz6vWtjFTH1KAkGThA8ruKNSVtjEsbVh80B7J2xGv6cTnwDjWXYZgiuLSBNZnpUOU-b80sBAjDlwnA9rQE_MV4YM3VYnIlete29t3jtMOd0M-p9ghxCMl9xEJ-Sehp1qHR6M8CQ-tp8Rc0PQHAuCCff6B5zaaiYRcLQY9ID54sztZeCqT97JtNC8O1Zvk0DGJrDL1w9s8_gzYtWJeZVxB3C-u8n_BMDmKCn3W1rMqzV9-ZP3vInQJHHTlwyi_dSR9xENGqPqD0RwGcEuSvZFIWri-FR01VNEODl6bAK9RrcD7fjkUYfKtzCGgNi0GMcHT71JG7P0gUJdGCxhwKoD_RkaInC_wMSDQBK9dm2njiCYpa0nQnjoU3UwpQ-BamGJVnxcTHtBAFsIjm_IMy8tBIC-9ooI4M3zooLRLKv2wL-5ia7-0ED3w5iFYbJlxbIXXMBXJwBuJbMcvcbI7oPJ37-qUyc9osQd1wHSt8nljFMlrqIfkivd6B5ue3GyoLrgnhc1jKKkajUFdqsc8hgAcGmMLiwJgb3l2SuSGrm2forPZDTwJZdnm8MouLu7S15Gn2fuPiXWlSaBu9Yw9W8YMpRDzfOhP8g_BsVTymHMBTETXBg8-Xq9hX8AEz-je9aME4AQBiAXIls7RSpIFBAgEGAGSBQQIBRgEoAYugAf53sgjqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQs7EH0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJ-AFodHRwczovL2FpZGEuZGUvY2FyZWVycy9wbGFjZXRvd2U_dXRtX3NvdXJjZT1QYWlkJnV0bV9tZWRpdW09ZGlzcGwmdXRtX2NhbXBhaWduPXBsYWNldG93ZV9iYW5uZXImdXRtX3Rlcm09cmVzdGF1cmFudC0xMjAwdTEyMDAmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPWFpZGFfaHJfZGVfZ19nZG5fcGxhY2V0b3dlJnV0bV9jb250ZW50PTE0NzA4MTExNDcwMyZ1dG1fdGVybT0mZ2Nsc3JjPWF3LmRzJoAKA8gLAaIMDCoKCgjktLEC7rWxAuINEwju6a3rkaiCAxVyi4MHHYX0CM24E-QD2BMNiBQC0BUBgBcBshceChwIABIUcHViLTg5NjEyOTc2Nzc5Nzc0MTMYro0i&sigh=uUyV-ALFspE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D597 0
0 59ms
59ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiP2J6xBFZdfpGPKWjuwPhemj6AzyzuOpc5u-xrPpEa_u9de_MRABIITOmjJglaqggrAHoAHvsIXcKMgBAqkCY01OGwTUsT7gAgCoAwHIAwiqBOQDT9AihEKmZ8x-ZwqHj5VyCdfyRkjy_nuOYNC8ZRM60NMrcuPlDkoW8cs_-E9WAEGCIIqwJPPUpyZXzYPD1VYzpuvrrrW1I8_kUwDYuhv6X7kYslx0M_fxlumiuIxxJjPryKMUW-1Q-oeE1RvQmINJDXEja8sIvIKSPyz2Wb6_H3JzJ9UJKbIVeLLuVsIpB2VtQDJJy-GTc-yL6aiGDNDv2-5-W3t3erO_hT5kxKYZPiQ5jwvDP9AP0n4YKK_eAZwnuzgmJ26Q1IHtlxfIuYPClD2SEWWpwMJBYIuErU8nvtIAdcYpOpfYMbhIxFrRYZA8xa8wCIa6AWpuSRfNnHfB3ICLkFJkIXe1a1Hwxvnb2_14jigZY7xVZKXdwSe9rgz1k42mbb_naCQ2Dq9Azkrl_rQ6Z3WAGzJEQRqoNLGdwOE0FQ_0pZofY0fvkJYQPPmJ_VcFUq_AwcgjnguEyIW5rgXRKsiVk8PLKfwTs7sW7NOdYKY4cAYmCtwNR6I1CcsK7C5n0Jyf6mIGE32Ry_H5T5NA_KCtrk5YCN7zzLh_tdiMtvmvFvCyGD2Hf6l-SecPB9yKax0bpIBkW03fRNtHkd5YgsJcjC6maH9_XWzAkMEgvBxF2sgSqpLCtgAQ4Ip26oGFHsAEy4_G37sE4AQBiAXdorfEQpIFBAgEGAGSBQQIBRgEoAYCgAfv6NW7A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFELqgjwLSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgklaHR0cHM6Ly9tZXZpeS5taXN1bWktZWMuY29tL2VuX2diLWdiL4AKA8gLAaIMDCoKCgjktLEC7rWxAuINEwj06a3rkaiCAxVyi4MHHYX0CM3YEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODk2MTI5NzY3Nzk3NzQxMxiujSI&sigh=Hj7xPiJUXqE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 226B 0
0 59ms
58ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CavY16xBFZdjpGPKWjuwPhemj6AzFi_C7c7mdjobPEfnHmc3oPxABIITOmjJglaqggrAHoAHj2IzPA8gBCeACAKgDAcgDCqoE7ANP0MFvVYwJ-D04oGnQKC-f6Qz6INpIZboluOOGTbbHF2ni1sSxLt8BQQMnFemF1xiymJt1PO6QEJmo_ApghOgQTUlJl-Hw4voHZhj9deIbYdXBEsmEo57QuboY2WcsxLTNjiW7QbeIwUa95FhyCkjpDrrr56nugn8CHKwKx9JGKv-oBQgs6R52KOe5yvT054g-yXlL5rTPsGIXAj7h7Uyyyubsqd9CJKG7cSewbpAfGXV8LRaAOHfKdXhLU5e0sn2dE8Mpkt1M34M-s-f-CqJp-f9gRXm7EccoKlHWxJ17SnX3m61MxmubUyJIx8ligvFw7-sab7pWGncVhDutBe1ZMFCI2uAJDzDoro0kw0JrKxhGZ5SFmGpSoPYQUNRuIzwrq9tpYh84EbdNAzQgM1R9afKxpsLiTa1s8ZbUE-evaBsG01LiIBz18sTHB2hUooXsArBr9FaiVH4IjCB_vIRKIVR4f7JJNJdsKyQ86PvNnDwAtztu9vROJoQnVept5BpMUCvA-Bffd4ZMrHIGRqPOnJGJILuXsnkC3kXTbv2jYGgT_Q3GZm5U6-5YfIvjYiEy5Hf06d-6tRTfi8pgOJMK8G9eQLnGTGQXBArZ2YRGTNO9Dd50PbMoeKYuDkPWY-LWiw97hjqIhFYFnvfABMyC4Ie7BOAEAYgF9uqtukySBQQIBBgBkgUECAUYBKAGLoAHscyd6QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDExW3SCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mglIaHR0cHM6Ly9hc2lhcGFjLmhpbHRvbi5jb20vemhfaGsvY29uc2lkZXIvamFwYW4vZGVzdGluYXRpb24_Y3VycmVuY3k9aGtkgAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCPXpreuRqIIDFXKLgwcdhfQIzbgT5APYEw3QFQGAFwGyFx4KHAgAEhRwdWItODk2MTI5NzY3Nzk3NzQxMxiujSI&sigh=LaYei2VC4vI&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AB10 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11a3bac416c573db70b18bc51e255508b59ef9e0982e5dde663fae6b9f4d01f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1AAE 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 14:18:21 GMT
expires: Sat, 02 Nov 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 69 B
293 B 1047ms
257ms XHR
text/html 52.76.145.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=628280&type=pv
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-628280.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.145.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-145-253.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 8daf641a6211502aaaa89d3199d1a965fb6268aa73b3ee4af5268040303fdcf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Nov 2023 15:25:34 GMT
Server: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection: keep-alive
Content-Length: 69
Content-Type: text/html; charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 203ms
202ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86837118274623&correlator=2602459714762060&eid=31079304%2C31079372%2C21065724&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&iu_parts=21751243814%3A64888526%2C628280-120-600-7&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=13&didk=4118400857&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0173c40f72bcb9d6%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MbV29tfvaH95V73gvOsJdlDkwvloA&gpic=UID%3D00000cb3932a67ed%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MYPvaQ6mpHZBQ8sMfo8tPNUtm2E5w&abxe=1&dt=1699025133189&lmt=1699020808&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=440603065.1699025130&ga_sid=1699025131&ga_hid=578760655&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiKiorrkxSABSAghkEhkKCnB1YmNpZC5vcmcY_aiorrkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIeoqK65MUgAUgIIZBIZCgp1aWRhcGkuY29tGIioqK65MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lPVEpoTVhCaFJtRlNOa3R5VG5sMk5GZHBMMnBzVVQwOUluMD0YpKuorrkxSAASGwoMaWQ1LXN5bmMuY29tGOWpqK65MUgAUgIIag..&dlt=1699025128843&idt=1134&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_atf%3D90%2C80%2C70%2C60%2C50&cust_params=amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=279615920&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf44e6da3d18b6c53eec6f939aaddfaabfb5002e150e315dc02f9bea7a4daba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13081
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 219ms
219ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86837118274623&correlator=154980942139778&eid=31079304%2C31079372%2C21065724&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&iu_parts=21751243814%3A64888526%2C628280-120-600-6&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=14&didk=4118400858&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0173c40f72bcb9d6%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MbV29tfvaH95V73gvOsJdlDkwvloA&gpic=UID%3D00000cb3932a67ed%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MYPvaQ6mpHZBQ8sMfo8tPNUtm2E5w&abxe=1&dt=1699025133198&lmt=1699020808&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=440603065.1699025130&ga_sid=1699025131&ga_hid=578760655&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiKiorrkxSABSAghkEhkKCnB1YmNpZC5vcmcY_aiorrkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIeoqK65MUgAUgIIZBIZCgp1aWRhcGkuY29tGIioqK65MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lPVEpoTVhCaFJtRlNOa3R5VG5sMk5GZHBMMnBzVVQwOUluMD0YpKuorrkxSAASGwoMaWQ1LXN5bmMuY29tGOWpqK65MUgAUgIIag..&dlt=1699025128843&idt=1134&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&cust_params=amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=3078436485&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5be33211d4a643c8b21d3cde4b849240941f458fd73f482504291e8267c15cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13065
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 305ms
305ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86837118274623&correlator=2785584325209301&eid=31079304%2C31079372%2C21065724&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&iu_parts=21751243814%3A64888526%2C628280-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=15&didk=1585714558&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0173c40f72bcb9d6%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MbV29tfvaH95V73gvOsJdlDkwvloA&gpic=UID%3D00000cb3932a67ed%3AT%3D1699025131%3ART%3D1699025131%3AS%3DALNI_MYPvaQ6mpHZBQ8sMfo8tPNUtm2E5w&abxe=1&dt=1699025133205&lmt=1699020808&adxs=366&adys=978&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&vis=1&psz=680x0&msz=300x0&fws=0&ohw=0&ga_vid=440603065.1699025130&ga_sid=1699025131&ga_hid=578760655&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiKiorrkxSABSAghkEhkKCnB1YmNpZC5vcmcY_aiorrkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIeoqK65MUgAUgIIZBIZCgp1aWRhcGkuY29tGIioqK65MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lPVEpoTVhCaFJtRlNOa3R5VG5sMk5GZHBMMnBzVVQwOUluMD0YpKuorrkxSAASGwoMaWQ1LXN5bmMuY29tGOWpqK65MUgAUgIIag..&dlt=1699025128843&idt=1134&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&cust_params=amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=672148664&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5a1f3c4b7f7cf3a46a179fdc5b760b9cf0f408196a5ecc9637ca0c02420e06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12066
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB10 0
0 52ms
52ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMDj0kGpNhlDvxuG7iJKisocsssObGMgUSuU37QuA9zw8uDycMmBdirRg7h662XLCb1HJglr-aMMqn5GgePUtEYFAMk5hsSOFULQWlXotdKqMXjzNdaPN7EgVWLmlWGmuWmjXhssnSB2q1euB_KIMOhbtauKFJSreuRI7V20dGs8bHNg6VTAFOvOZ-K1b8uyAdvvEq7ZmZh2UEjNYdUh206ghmvTD6HMxaJGhIujEHA5Q3MgdFYAzPD2mtZx4fpu3_7lmVRnNL0erTryHptq6Az8Zb9m9pfnL6C9zz-kxONhIMfq8h55N6zktBU9_cHWiZqkHo4Cz5623o6GlU_gr83g4eb8ZlgCMq64W-Udj02aUi3-iqegsYOWqCT_jSDf5OlbdnmSpsqrfMwk6A4oPtbXr-ufv40UHTn-rymP3CRHpWob5OHtmC-1sSthlIrGtXdqhhodQbDhhXHQx_86svIuOPssxSMHxJqa6EakgFSEJgZcRBWRBVp-bvf2fv6s0dWFpoiU5U29j1A-1OzBw3_9NOuMQgj-Kecb5f-daBJvzcD2rzevHV7TsXOFojZofD-0Kg2pyGaZc9R4ptAMxo_wSTtQr6-zwPfIviLyF1R6_xzF1DVoK3KfbvLfnAWJzst-VaMCvlbOOx10lqFIuplWrEy8m4ucnVkDyH4_U9IZRHn1RTRRw4jTTTlHYxG7ltc8wOVpRumsWKPN84zgy2djCBJbJvc_Y7AsnAuHm50O0qhR0P7M3FSB2mr65L1Abrz8MEUkwwLcTphGBk-DKhklGusliMQ4LdzBhV1BtyuSJJmm4fHIIKkV9R6dVsfvn6Mz4cHu7bHv416SG13f1lrV_f_j7GlU4_Fw-GKAy98PJtxAt-LqfcGuxcMbo5Yjqi_wVuh32yPW8We5KkGibnrS1KV16r7CbSnMN2F6uZH0c15j-sRB2b1JjkAXWYUCFqbZFXqOaN8-c1dteoY_GmrSZ7224pgLw-tkGSNE_1nwK51H52GggYCcnx38Wk8lD8RQgG5zBUGMKBKqJEFxzyBTM5MQEZUOjhhvUMb6eRfq8Lwavex-5UBseqQfGeHO8KqTiXHHowIKZ6WTdqmESbeHt2Dl8nR54zvSKtwZOuqYyq2c15hl3v9k_yM1_bw5YZ_105BV_pRv91nQv3OwMmn-QU1-oV-40zo54O6Z4M4AGoP6vG2SyjBigPXyKJgRHCfkl4n07Py2gYE_7xG92T8iEOEA-J-kLyk_cAl4P9X08hDwTL7RIuRI-08BZqJvT5IliEAaBsdqWPl1BJtR-2uCNY-gI14p6kfM4a-bbi3atWRbVoceCE_0Lo-D25eCJCbE_3Tm9y0K34zFIjEgTKALq74i5h-Eb15k-snq7KUa9Ksgl2HkrgCPayw5eAWjSUA948dtBV0yO7jRuxGRmAiRfiygw6rAcXJD8H6AOG45EuE1CwB5BTUb4&sai=AMfl-YRPvySvT6HvEztQMdfPff7p1_GCXZHlbwIebENiQVl2La7zSceKxkT0wrcQv9Vd5HYplcrXADvN7IQ4nxa0RykxWBtk-BoCgDBK5otBkU3fBCN4Iwp5ss-E8Z6isuozBeDEnHoOVzRxEZDPHqEK8RlNGqaYNjLCqxaMNUmrZ7zpEaAszYT7Rxp7qr68oLJzpVLdGVZOCOFTCMgbECX0IcS7fw_h4Xw3r1_IIENXLVLWb4THMet41TleIe1wTrCIc9U-&sig=Cg0ArKJSzF4yQewAdMI2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=100&vt=11&dtpt=99&dett=2&cstd=0&cisv=r20231101.50226&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35C6 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Sat, 02 Nov 2024 15:25:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AAE 38 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 14:48:09 GMT

GET
H3 200 container.html Show response
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2969 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Sat, 02 Nov 2024 15:25:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E58F 624 B
242 B 58ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWvNJJrfezMbdgXltjNqx0tornds4199h8qPUuSW2L-w5E7EleJkESW7mbftBpkFIbz1qBLskOqqAhienddgwWRiik6MgN1ozR9bQ_mm6sZH1L6NDLwclq3Wx9Q8D6oGq9x_As62lx3XUlG-mGPc78dSMqwvFnFhb9enxIYWCTmkg5C_ic

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 35C6 89 KB
31 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C6 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-BfqvsZv_TrRQRqZUDzDvLdw_3WKBEAEzAdyK2w_PPKW-LsjqrIoJVVxL4onFlz98MoJXehwOnZ0_S-z49LmvoDocT9iZdT-mldwI0hzLMwfa1fY

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C6 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3097719138306891128&x=1&ct=77

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 35C6 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 35C6 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 35C6 0
0 22ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtCazN2dzQh4qwKBnewBMOyS8mM80U7DoYUIpkW7gzkgAvIXuW1fZNFgoeTCXa5y-NtGBE0_zWWX-McGDft7CojcUn6A
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35C6 189 KB
59 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2483 624 B
242 B 60ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNV7neiE07lukJNBakPngMjBZ3Wm-I4ks1Z8lSQG9TlyubrkEEr95ZPBgdv2uCW_y8iN9ZpKI8_E2rfw2TRfQgTmE2Iv1iyBn7I8qgjZ7Ggi0LbHa-2YWTuu7iSGc8m2opzPdy9YVAndNPUOgXF6JtwNwlNpNuHhzsElb8uxyx2sWrtR1Wo

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2969 89 KB
31 KB 159ms
157ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2969 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAB5rkEvKS51-MwlZwEtTs2ZEnt_Pkze0HsMh5G0JhTAGxhJE9yvzfOJvgCE_gskYSoIFMbcgZSAXK7Sz_0yNCob3nO7diMBjUhNcDtMxevZOXj2A

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2969 0
20 B 51ms
49ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5385593127535560855&x=1&ct=77

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2969 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2969 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2969 0
0 22ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStjT9RLetDrRAnXaklzot6lT_NqVX7QQsdiWXEAPoJqGjOW6Om_G4SbLQoqnEpM4qX2cXJxShsHm4DgjrpaCyMx9drGg
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2969 189 KB
59 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E58F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1&C=1

43 B
344 B

27ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWvNJJrfezMbdgXltjNqx0tornds4199h8qPUuSW2L-w5E7EleJkESW7mbftBpkFIbz1qBLskOqqAhienddgwWRiik6MgN1ozR9bQ_mm6sZH1L6NDLwclq3Wx9Q8D6oGq9x_As62lx3XUlG-mGPc78dSMqwvFnFhb9enxIYWCTmkg5C_ic
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FsktzkzSlxjXGMEmmVgF1i7I%2BBWTyMKzYViPVu1PLw0XMSvW7H%2FfrsvKjRSWcLNuzQi6lO9QujNpAGmkuthv%2BeetHmtEmupcahtrBObxIINDO3T5VqK%2FQ6Z6gyVISqNwRRkHG3%2Fw%2FLSLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16cef6737e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46rEwIiB57FoQhd7sJXVodNhhWd5A%2B7O1RDjbfyW2qXOaovw4Y4LVXg2gaUsSVuKB5IAj2srAt%2BIB0wP%2BxTFlcV6HU6qOakqLzLkiBOrtXBtu3ul9%2BOB8Nf90OCOKpaHiMUR1AfOaJORVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8205a16caf1d37e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E58F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

43 B
730 B

22ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWvNJJrfezMbdgXltjNqx0tornds4199h8qPUuSW2L-w5E7EleJkESW7mbftBpkFIbz1qBLskOqqAhienddgwWRiik6MgN1ozR9bQ_mm6sZH1L6NDLwclq3Wx9Q8D6oGq9x_As62lx3XUlG-mGPc78dSMqwvFnFhb9enxIYWCTmkg5C_ic
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXX3So3b0XadWBdoYcvLO7VX57Hhc8sqTOwhokYY9djcqbNAhc0Q20ggbxxMnFsljeYd%2FbUthVxj5hfbcfw60sO49WqaSVCwIOYBLIlvLqaEThwzpT9E3%2FJ03wkgRGIIzl5Bw7tyrvI3oA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16d3c641e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E58F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

0
396 B

8ms
7ms

Image
text/html

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWvNJJrfezMbdgXltjNqx0tornds4199h8qPUuSW2L-w5E7EleJkESW7mbftBpkFIbz1qBLskOqqAhienddgwWRiik6MgN1ozR9bQ_mm6sZH1L6NDLwclq3Wx9Q8D6oGq9x_As62lx3XUlG-mGPc78dSMqwvFnFhb9enxIYWCTmkg5C_ic

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: 1eeef074-7b25-43e6-8543-9e177efbe8f3
server: nginx/1.23.4
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E58F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: 732c10d6-e144-4db7-a97b-1935af00cd06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7573 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://std.stheadline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:31 GMT
expires: Sat, 02 Nov 2024 15:25:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C6 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1392344173304&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C6 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1392344173304&version=m202309260101&ct=77&x=1&cor=3097719138306891300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 35C6 16 KB
12 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMccxNwp-h1I54EIhf6nH8MAbPv4PAnBoX0MBtrKdJ6nCn1cJDAwEPfaxrgx9MTT2GQx9otREs9xvXe3QtIiM2rHvFFwOlnJvivK4FAUuhaoPyshn7NqJC8fI0AbaIp6HOqgLBiyBzPKwHJU9R_6wLHoz803edQ7H790woeHoaWlqwoCY&cry=1&dbm_d=AKAmf-Ch7mTz7sh5bCWBO6yqGmSR0a29VhTJs-uer20iUCfNKVhL27LcDf8Aa1y1f91NoJ6aUjjceT-iYyHEkLlXxzALK0kIEzotllP-OXc6_k97Aap9IGv8511-HLSAcTRAd_dprS_vFrbx5uSRiB0omntc4qekW57cAatozFYNX4C9oNaNcIi5MXoMwHEitTi-gGf7cMVT4HbYBOc-U1VLLUaKSgAIYatmalM7rY-k_pXTXkO457wDOHTzOCIutyYygkCt5owwOW6bEmIrrH_ReKUfVh-CJLvxrkHkxgevJUjxmKcGUkuUoMav4IJj3pjUJzoK0xHJH_wTEdHbZoggRRT0J_kC_IKt9dHvyJhEUkhR3ELbEUyPFq1Jp0aa3PoeQEFW3xtOvCNcXo0piMpQ2QhKp7x3o6XiAbGzVtnts0OSVelHOYL0i0H4HocVtLNlHugNp_7HPSjqHFjEYjEOcSJ6WLE2xujuaKJnch-YbIEnAyeEFTiB9C6807pTBsOehwKEkWyvi5W21eEs-bazor3TFKEktzDD44IIQddQr8D7TwAcuGboIM1sOQ7oCCopqm3Pk5Eu3TjErK6syeqoZRWFa5qU6nCsFa1GVuOBGps3HUh9ht3jJCbS1GT3WaUUbWbDbYJc3V30YM9C6x0FQgLx4-8tnQvMxSBrxagDRsQX5moxxyQ6A6xGWjIst1SOJGktO8RQsrqXdEF7DQSti7oCdGXzUsr_ZIG4LfW3jgKJStHFpivi-bQcty56lHomVzLpAm-Np4ZZlgvLaQenGqNz0TueAboMrsRLD5gTvEKMWLZXdiG87m788VkljeFOXmPa_jRDGtL0eIcY2yMRd_OisI2nU8x4VKlpSSL8aPrLMQCKsnPYZOHGDS4aGxhVGPvXChV8qEkgfLMfYDoIOljL3xm_e1wmE2wMBbrDXhFZpDUYYAagdpAOtp8FtKDBhmaIdeEgEGjHTZRnn57Mb3v9mb3YoV9h4a933GW5kAf9ephUqJk0m59Oj0YOS8-maDIh-0VRuKUbJw67yGzS6WZ7EddfbyVIuRFb89q-0TObqXrhgBv510ZxQR4-9UoRBrU9E25q4eRtOFh5K4QZRfugQgaCwWBXBlXJVDXgSNy4B81kd2z2pqhUQGfDKUoxNSGFTwf6-vYtLKrpQEJTXROdGmonSWy7Nej6w1K9Cuqgdm1ICui81EjB5BOOiMteVakQdKGPz7aGzLgqDDx0-Q248cu5H5cb80ByyXPeODNyNExuywwMfH06vAcZ1jLmemgfwonB9ROAjLgkMcIv2EVH9pBxxOj20UjqSZWRkObfcUog7ZFIwigRZWVEbmpfiSnsSliJcQ786hWdmSQQe2Ri_rVxlewzcPTDQXHzUDgtv6tKNWkSAEj35gckWF7w_h5v278EEYIo7BSDxk4KitjGPwVqf-gf3bzl1-LMpWVGipPJkwUy5Y2rT96wT6v3mDU3EBvadZQjLxpEUWRupw__P6MZQo9iXHaeyVXBFOHuMONfyyN0YFJkR3v5ItJAVcPXBveB2XxFhg3TKiP431J_PyhWSKJX5ZT0sGZT-6JPJDWlOEa1MNzjmuJ7LG-bSmkHKKuf5pArvtT-3REd2AkSVBXm8U7D2Y-Q5CddWX5pXNHEIztoNZ0RCWncsDPWsua3hUVAN0mR0e585GP9gtnvoxduUDEL9PIJ2tHyEuVR_S6p5MuSYlyViU1WrMFbJlZGNhPVk6aqCT9v_fXdV3QcGmACawEl8VEbSHeaGw0XTh99H7eZPBPJyAoGHjXdU4du5RH_Y9i85mEjHUD9bnVqoOwRzML7Xwdr7TcZkYeifrt9kwNkTLEEs0ZseNmvDmYMmC5isiMhQzvCzd8YI43fkhk83np_mHH3Kul9GdXG1a0b-HRBwi00z7eoSA9-nw9NOSNZZwjT3bGZN6WrSkfi5w7kRV8X80Q-CuCW_MUNbbY_xp1Jzq82Bk12kVPlWUFhK2nlVONndaSPK1TxhAa49KzCkykOSi58UyU7bGJLJOhGHGWcN08i7a6K9tXdpEC0oPTIwxNy-MMUD-9_LgJFkYs1qIxuzxLA2R1a7BvWLfOvGiqCmL-H9Ej2BZer92Ni0yTC0ym1UKt6OHbxUivUVJwT7_iQarNnFUDPeYheywTvyvzVcbDBG7LrMCIqWqSzZSNhBdhQoB0sQMrKSU7XBUyaCBHGHkPdZFahzPjtMW8F8TBnQWz5-6Uhnjsp8U0yu5XdFplyzudQ-LTaSueKeunto0CxC87q0X-OiyJDR1en9XqylIbF8vw_97f56HGgHXpDwA4ZMfWLrB4aK0XyPAzf4NFkcWBnK81hIiWgF9nKoDyrM20GZ0l_AtNt2fcka2t6Emmm0clvoaXyY8yG9k1HRmYzMXpLoLgnxZekdgtAI9b78hREEtU76toLsMeSXYF9L3XegVFiG54wd9IKvEzjfUQY90nHFndsLboBNLEE37lRPfNFxbt7ksECnnd3_XbV2v4b52RsDXny3bwvrR6kFVNYKmSrsHtzYAklDvfneB-CucXcDdfQqfR9na7xRLE2OLoDHLlUol5PyFD76o4ehik8qO9n62aKIK1HN8361RiOiR4wfO8PvCeJ7WLYJD4J-mX42I3qKWd1pdGC16z16PqLSBsPaCFjuw-s-mT5jnv6efX9nUTzQOCWLctJ3vhZLW-EqxhDu2rm65LYpv1CocXi2F9vfVNK7lz9jd8aGfKV1pB_VZYCxa_Rm4nk9mzi3KH9S-NiJwAlB5YHu7Y9706vbwut_fplYa5QhUaxoqZlZkFs014USK2ThNrv8AeYYe8lgj5K0K1219NHRO77guJJ9SmCTH68WP5rf_MMs_sq1NwOZCkDuuvf7c2X9YFdjwk5qb8_uPN0RFARD6q8zVreu9vlZRwwg7bvriJOQV6-x1gmuJ3fiQ87gnssSEp3CHR24jHiYjgE2HumAzWXnpT-CMzG4FgE7y9hLsV5VYubPWgObyLwHn4g8vQ2xIQ3q51I1CWUKuM7OTF07kKout4HUa1kkjqXuVz7xwCBLdd0B1ztQPorlYfaAK494sD4SBvBw0Q4tD9xoTJgrsk_Jr_Ohgm7tylnknz_L80iVsJwBoeeeMNVPIZIouEK0t6I33eAModhkX-B948kA2XqM1fDoXyTe1vIdepGauI6frneCvvJAqzcp2VTmymYsD8DvRVkzWqsnz-Ch9TY8mf8oRd-DvbT_Apbfu2Bd97NrOlK8kzwRSJjRNQ9fU4-lc8NZlomULgUP2eRfV-lpCmimZzymhaSdMpR-PilT0ErXg5-dAf3tggB20v9CnBkYAFtMkh5_0P4CN6wMQMUmYMGBOISGi15d2RbaUm0s3T4vIKSprM-o1jBXPiLy5CIRIC8ckUsmj4zXqBeaQj7p5olow9hT85a5zA97zYVPOpN9LlzpurQfSjrCM8DulfwJaWx0rZ3jyxurVicW4yRiK7uYMd7KEy1freIKV85e3sZ_e6_nVgLwzMpaeI3m3nBv2q5y7cS80alvu5yCjg0318qqbsy8fjMUZf1L-JgNaoaTwbEZz_HVWrknyfn4VqYGnuPsW6i3A7Q4DDBH5W9Wnfnn_lCrSFG61_B-l_Pdiry3Ndd1AJ1CrjW-QqmpXstStGstbwk952MyweaMkDbbUpx2D6BvAIkM7Mbo6VVoJGECoFicQs-6J0PsGnMdWzVMoNc1Rsoj2D-_bTwLq2oecR34C_ZTDCF_A9EOQSGm5P5i_EXWiIbf0SVgyLmpptXqNAvMyCj1rsbmT0GStgROHtb8Qk706rOUM-cBcY2Hfu5xYaE5WdGOzQ_JwtngFk0aO-TDg1twpv2Rl6HUXqM-JXLD0RvpicJ0paisJhQL-cLw14n3H3cO2fHumloSpJ1wp4BUQ4-BusAR6eOEReft15qOnTc6Eob4JjTAzBR2-r2WV4aIplwAmWYrEzTS2avBpGv0WmpjrcxP4tvBtk280zSx3mcU4ineNu9oESrfvIHmYjKKf55L_pB9PvqI5sqTBWG0GBMlRviVPpVmnsP4-hXCA7MYonYeDgOMc8-xDflzJ2T1HkaS4UzmbHo2UaCC45ld8Es5WrK4HWL1Y9vBQQvloov5_xq_yC4ivuGj4ID-EMVVRyD3-oA1zvb-TKup_3m4NW7gxtY5drjhkIg0a7cQE5yTs7uT1_sCxsLDPtLg29HsuSOH6refGLjw2wVz34JLh2KH6C-Usf65HFMhsthZhXoyhka4dpCQRlJA6JAnluh_W5ZqvHtpIPstYZVBiWW&cid=CAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=3097719138306891300&adk=3037181500&idt=92&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da04c6340e406f050a4dfc06019bc384189b2d0f555d186b189c026562105660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F422 624 B
242 B 56ms
55ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUWDK0ofdRyjThqysMDQOgC1GiSW5jQcjzjzfII3u48IpaeLLW1j-frAHm-SfPZTV--R-YZCeLv8Wrup2xS7fc3tHkoU6ozP6Oqqvf1BR8aSvO8NAXsxUMIAUAcVlg0eCKHtaL2HVVmP1b9KEDF2glHOAGyclx5qahWSV0epupnBOZhBMM

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7573 89 KB
31 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D38IyeoshVd-jUT-YCsgDt24gE-SK7LkFSMh-aLWOzzR1cuIMqNjjzGTh1bpdbYWWGED7M5IdwxJrMynVrNxGSqiwc5HelFTH0ROqk-RZTblaWyi0

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6817873491663655637&x=1&ct=76

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7573 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:05:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7573 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:20:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7573 189 KB
59 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 15:25:33 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2483
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

43 B
768 B

20ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNV7neiE07lukJNBakPngMjBZ3Wm-I4ks1Z8lSQG9TlyubrkEEr95ZPBgdv2uCW_y8iN9ZpKI8_E2rfw2TRfQgTmE2Iv1iyBn7I8qgjZ7Ggi0LbHa-2YWTuu7iSGc8m2opzPdy9YVAndNPUOgXF6JtwNwlNpNuHhzsElb8uxyx2sWrtR1Wo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENro5YQLGLUHr2mrFSUsB73fd8j%2BG9la4m66B8eXagkN7fbInr%2F0DQrk%2F8W5fqRlrqFVo%2BFU9NCXKxQ54lirZcmnnbwJNK9tfCUUQpDkNi4WWXK14p39Z4Ke7bNKor746gnxQXsxvyWZFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16d1c2b1e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2483
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

43 B
733 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNV7neiE07lukJNBakPngMjBZ3Wm-I4ks1Z8lSQG9TlyubrkEEr95ZPBgdv2uCW_y8iN9ZpKI8_E2rfw2TRfQgTmE2Iv1iyBn7I8qgjZ7Ggi0LbHa-2YWTuu7iSGc8m2opzPdy9YVAndNPUOgXF6JtwNwlNpNuHhzsElb8uxyx2sWrtR1Wo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo9%2BLkpy09W%2FpVtnNK%2FjtTKGsoQfPos02AV63PKjujqycbKFOYmtXACG2VFjDbsCZQpz5B7NK9gxS5wjDEGVkAkFbB94UZkleSKJUH9jomsu8VeWjiAZf73JcYJU8YJx43LVNRvTGYRFUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16d3c631e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2483
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

0
396 B

8ms
7ms

Image
text/html

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNV7neiE07lukJNBakPngMjBZ3Wm-I4ks1Z8lSQG9TlyubrkEEr95ZPBgdv2uCW_y8iN9ZpKI8_E2rfw2TRfQgTmE2Iv1iyBn7I8qgjZ7Ggi0LbHa-2YWTuu7iSGc8m2opzPdy9YVAndNPUOgXF6JtwNwlNpNuHhzsElb8uxyx2sWrtR1Wo

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: 313d43e5-2d00-414a-b1d1-bcfab86141ec
server: nginx/1.23.4
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2483
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: 2e2a301a-c2c2-41c4-b877-8a5b176fc2b7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AAE 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQsZc7RBFZf6MAcbnx_AP9ZawoAwAAAAAOAHgBAI&bg=!5uWl5arNAAb4oU7C2KE7ADQBe5WfOFfNUzj8U9tsMVUXelNA91Aed4uhiKAioI_1Aj_tbtClxCVPqzG8BgnN6YM5Y2M1AgAAAIJSAAAABmgBB5kDMg3Ui2Gh0z29BaK17_4DQMDZtXPu1nuUJlj1Ax167VJx2_zAYnvJabYvYAoXu0rz6bo-QRzk2HVrwqUlyXy8QxRypvqvReoWq1mdzjhBb7CWqA7T088V76_vLn8fw6cl_SH7L77yFvi6uBTBENU9dhEC4GdVcAAg83ype-uXCV2TaZH8z3LVM7gXfTC_ie8TK63Nv2Nz-0BUNR2R5GIVfR-SGLvy37vd74kRUMY_zrlPeXo7zu55CD4MEkGAsLbfP9BASmRevR7wDFB7ANirKlrvo_-b6FXuhYj-jIdP3GBVqqpgkZzfNF_8XRryztEqXRboBqsiEFQL3u3T2Kl_lQ2icnLVISaUYpOC3RJxFMSGMpdq-1Wo0vFlfHzlq4GalC1SbqBlEcgxkaYyNB5c4Q8Sla1_fOVVMhXOeQXf5obpUSyxN3S0HeESODsHm3G60UV5UJGL2kHHbV5MIEHludZRInkAtv5bLCMIo5WEAjB5C8yMLhXgfu0TagjhENa44PBlfhw2oCKCiiTvryP2A_rqE1BPRDfd6GBkKfjytNQdpJmt4B9MXli-E_P7qyFIAj9cpmtThYF9MLK9_4Kb16pCQbVq-cAwuuXSiBfLZN8QTQJ4SiUWsLO_Zukq1oYRgbcVJgzdFCv0dkC-xRoZ7Jh0X84UdM1sSNxpgCW46hZGL1cRwCzjcHneRm_fQb5N5k6T8jolXUmCCRmA9iZIi2KKMFUx4rBaymW5kT7_FUcuYIlZQiUjESu3lBwjD__WRLSCryo6-44VsNp5wbxmQG80XxNYRUHpHbWCxm_4P7INwzqx2wajwkNPm4CRi09yonC12Xdcqdpr3T0TUPYuDk-3H73OySXafUK-mULL-uilhJtzt0fls8slM96zm3lFKt0X9uWOS7ALfKxInUNFrZP9JKxHJ4RzX1qsvoYcQyCK3UALm34mlpyiP82UxPtYTthKHhD_y4CErQ9RBN_lQb_iNKmQIVV9wBT0iSUx3l-LpXynnHgHTKtOUy34CWvYHz_y2vaad8kwZ9vOGqSyvcQinh5pd-QC7CHsLlR9loTxLuS90bJk8LwJBNSbPmPpRNpO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F422
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

43 B
729 B

22ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUWDK0ofdRyjThqysMDQOgC1GiSW5jQcjzjzfII3u48IpaeLLW1j-frAHm-SfPZTV--R-YZCeLv8Wrup2xS7fc3tHkoU6ozP6Oqqvf1BR8aSvO8NAXsxUMIAUAcVlg0eCKHtaL2HVVmP1b9KEDF2glHOAGyclx5qahWSV0epupnBOZhBMM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daI9TbAD2bqk82INkPR5crlNcHDoyRznBePS0DB6b8roxbkYs9AXsv13W0HSWz%2BKqbqGeJyfwmfwIorUmWpTILykfDjYhu4fGJG8ESzxH49iXQGP3GMgaTv4uAyTsRJri9SOYfXQg7MiXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16d6c8f1e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F422
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUUQ7eV5ERniz2bieDazDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1

43 B
731 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUWDK0ofdRyjThqysMDQOgC1GiSW5jQcjzjzfII3u48IpaeLLW1j-frAHm-SfPZTV--R-YZCeLv8Wrup2xS7fc3tHkoU6ozP6Oqqvf1BR8aSvO8NAXsxUMIAUAcVlg0eCKHtaL2HVVmP1b9KEDF2glHOAGyclx5qahWSV0epupnBOZhBMM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJXqe9SyBWlknsIjI1jAROHO2NGlytgr4Vjx6hctha%2B%2Bw0HVVYFDDEgUtQB1TkbUF05fxFmxzY070CyPMu%2FZTJc6kwWqoyGdlHshqxleCzidK1sYe324evm3nhWwFqFhldYJswM45cA6fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8205a16d9cc31e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlgxP0Aq8EufCfo2JiJfCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F422
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

0
396 B

8ms
7ms

Image
text/html

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUWDK0ofdRyjThqysMDQOgC1GiSW5jQcjzjzfII3u48IpaeLLW1j-frAHm-SfPZTV--R-YZCeLv8Wrup2xS7fc3tHkoU6ozP6Oqqvf1BR8aSvO8NAXsxUMIAUAcVlg0eCKHtaL2HVVmP1b9KEDF2glHOAGyclx5qahWSV0epupnBOZhBMM

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: a4af2200-14f7-4776-b241-7ba7b34cf159
server: nginx/1.23.4
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMCc_QV5PZdJGZ8qArpeKao&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F422
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

170 B
188 B

27ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
an-x-request-uuid: fa14529f-d175-4744-956b-5e26247a96a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2969 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8235379365303&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2969 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8235379365303&version=m202309260101&ct=77&x=1&cor=5385593127535561000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2969 16 KB
12 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEvWuAnX7Ts3IIHz7ZRa4GVraG711G1_jPY1MsQQhDIVi1_qz3s8B5FASKktE8s71PUPLPWcPR7Pj-QjA6SZO-OAlSF8W6ST9CDy1CCcUrvGEDrBaGaJ6vICfmxq4e_QeSaaYU4uIrKK9Y-pDcu8svdSEC4dnk4AiExxq7esYzv0U_izg&cry=1&dbm_d=AKAmf-CYlQx4-UWGSdbnYeacPNdjtMZpBtBwjsbyft6KPfDannd1SSMG_neXbaGCmHRvDklsPo7J6lr0Uaw9ZHtp8fEgN7f8RhaXzSAPnJojgJb2lMGgeYJI8HhcxjGldRoCN-pVHaJRva9dwyAdx7NeLssjAjjrcgzLtk27vBHVhEf7hldzEQ6XNXLyISpARhw5I6dvoA-pumO-tU61OhjQ__dKfhn_X6WAhAkgFfXvooPlcsFsb31o0scUVmNG5jnAo-21lw1HDhKx6MZlu0dHv2kaSGf6zXLxsOEWg8idr97ahI1UDgJB0Jn0S5Zi27jG6AjxcDZRkNLA5bb0C-0QDXd-aGRK11KmLKQge47r-0lcSUM7RO9jNO0pCi8lIXWXJE88GVNk_dHR-vG0LkzbA1RrxnNGNwA-v-Gk_CbEOM7UF2oxUEqJX3ZmSAR6nZCUuli_OWqATHXOH_CwGns-el1apVgsCKNEefGhKgvdXzhXryywZ4cV4SzuZBJ1Kox6h6P8akxRG2GRymFHyQgUUC8CZ9pdVv-Kc4TyFgbVvd2MdBQcg2i-cM_XZI8HfAJpojLQ5wmQQaOW_cCKgwXlWZ-Gj2yPzSsScQdiskzAH1qhGG9hAO0v9mL5M52lS3CcoyBUE_-EevscvxO8kbmEOU06fJ8sXeQ1p6Dd3mvG9x2U7P0yFAuebfQYF7nkTvxetEK3o8hGqAOdSbjQfwYgsRGZwZe603hvxJtYOzLFm3j7np4vmvZis6US89mT8VKUEUROeicNbL3pjs9TZ5mwkJj73TCjgAE6dYOIYel10SPXwjlA_2CVGdQZskLO110L2FmcczOF1p0yKYGw9H2X7Cdbrb8DTP8gDWuOSa7Lupj78sUefazZ8ZNG8tQD28cDMkCKCQybUmlan66CGiCcmjtp4SSAFYQ2PZPaYxRZUMXpyUGhgTxrwgu7jd7TqOLvahj3jRr_UvkQ_07GiCFMam95YDN1sLlIKE_EAyBE15jpPeAyJtjoFWj85xgrBgiLn2Dq-kVGGAvSLI3-srrIF2xIZY9Qg6hK7GffxT1_HgSHMBPTWem1bY1iMT-zWErxP8gqLhFWoklEeJBOxsZL2LRAGK5ztVT8beG1guFYxB4FMWCwOdwI4BWDpGIeHddof_nuEjVQDXpmR274PM1aIkoiY2K1e2hilDHl_buZ3KEUbCa7izEW26KGgGVOIfy_mIx6yy9-4SZaXv-mn-mexSfKCu_61nIX9k7kvwFqqsXqxiOgBaaVtY2UHAPfqrOfShIoB93wx4HXpFBLUa4HgPAdXyhPbJjD9qtcJkzKwR1XhU_yhuzN_Ooijkf7ahTnxYMC8xHzZV-2UNIYqC_Emp3e50YJLH6AG2pn9INyUeGNvHy3HKPoFicffBE6x4ytp3nMezImoSxOXaeeqSozddhf14d2tFuWXSlYkFXcu8fiHRU5b2VaWrF6Xy6zw58nui5lrV-npARvBofeuIMV-cJWYWkgV-oVTCMoOQPoXraaD0r3pujkJzVAyNsJ9RnHsiPc6SH5TwLTXOf02STiddCfwH8UR8F8qATI9Udj5ynvzRvOWwQy4AliYsBTaa14Rv6DvdFFMIfYvANfzPPo8T5zjp9V4yWSboKq9XMDi7_5bZkAa9qM5Rgx1kY5tigmhFLmPZ1tsxyKN7tw5h04s0-cxxU-mEv1Qk0xvUh6mJePO_V9hyJPV_qeLk0KlCf6w3aRvNgm_JgsdrHi7rNOC-Z4BDZ7ojh5izX1tQ2tQF6ZMlizG5a1_pveXIcimVonKzmpC93kZShvVHHVvHilR4SyXjCfLgrnapLk8n3Pb8t71h1ItsYJnDAvVGtaSuEXzFbQ0mqN6jdbjulTDCFWBAoKX1Y4Q8jW7xehomuJsHmjnC2Ps-jZ20MhoD6VJlww00VaDZ0P1hl-6beg822nNZwGHSEBZQvB4ldNq2OxVJjTOR8YYkaJgm_tC_eUrWtZuhd8uI2X-e9xUFJUMTuwi2pVLOpgyP98Tv4PteuczA0SUy2vQMdBH1NmGB5HaDrSN6HfNCyV0G7ka5-h4UovOv-Ca0X8X_nd0tOLRDiassNbxS8pQKAb4x8Sw1ACv0H83gclXFsLYG3frz6NfCe3x4ezv-o81FlEaI-AnVX0YY_nW1eAJglzVx6ZSq6tUjClVxAFOiRkX-sGNVBMmlHRDf2yavllRoJNpmrofZs23Zn9mCtSpfyi8bcjvl9JO1roO_Df7fwVt2dR4tIk5UhEGP8Ao4hmR6HDhiKuvhfGQzCvrjVrQI2-REulY1WSVHjM9K99Im1ELp3wn4SWTSzHxHOS25uDhMenvh1cWZun5_ZVdYU8d7c1hmp5ddhReZLEEl4Bbnm6v6NGWYoMBiUVG7ftRr5B9WyKhFfLh7dG_1Y3mPmUUYvMnqbnJpri6daxS7FFgeVUmXI-6-uguwL1fTMRpn_0Yy4tCHAJ1zqWgluExlTMzjJwp6cQNQ-6gfBf2AcX4vVsQyc7-hJIgm-zW9Q1acWifOFTuq41qZ030weytD7W2-MmC2Nn22tpAUQcTSZe7xFultvK8U_Pe3n1NXGIO-wBHRvevf0X0NG8Kw79qIMlLoRrdzifVTVL52uaHjozvliL7eV8zyRgMQrAZn5gfVINto6JpybSNmawp2Hxe2SmJISCCcU2vMG6xOO3Mwr3s7LxPFJrqyPlk3hi6a_KdwoQiJCLUnNj-Z-IStqzJ7unLE5aDS-fqbDViV2nMhhEH8QMdTCsH3qwfeARXDq60xZAwulCzxDgHolmM3umqG1s2ma-y1P0KD1oLe6Tenv-qgHaTrW7CEn4nNByy6PMiC16LQyxPtsd4Yl9iOl4AM3U_N7Yzgg5pXNHDYtGCh9EqclaZakjIySegwNQS-c-uAK1r_dfFaF56bVTHs-70V7HJeMg0QSZb9g_Ajjh-i0d_qKUYcvamhQ4svTovWxWem5yD0LKkR8DQ6xSH1pVnCXQyhal-CZkDhA0bJYTPjORZe1xSZKn0eFNLEgd5UBf7WzWXkRDaNXDRVUUWUqi1lXQhWVfEu8A21zY5-NF3CV1XhnSbwZalyU22DHam7ElUcJfwTF6Wm52OiGb-6mvpx3_Zy3SOCsbtRNPwUPop8oRfsBUq7XL9OAigp1Docm3ki7RmgcOdKS7OOMRcPDGgWUAjtFaYkaB2nanRt9vSWtgLlQJo6lr8zIdGiQEWRVMdhkC_4kBFzEA9Mda_5WgpvnLAXDLkpDqKKHBHCaM3paTpsvV7M511oVW9Y8n87g9Z5kzQhGcPLy9FXA90VWV1JAbKjNhkwcF7mdHaSzyNEkXxdnLKpqjmLnyz1GAoORABXC5BkTc4XlNnPgMwQBxkKXaLAl7LAFTOtXDXGvFpB47TH2VRMwxzcqs9l-N-FRSoLFZmCBJbwOluqG3OsJ-8s9mdhvjjn7L3KybUPN96gzhg2UC8frP6iRfl4KNNnJL2pycKX-t33EJBZqzTy8Tjx_bI9ybKnH-cSFTiZX3x9y_tLvGmTUAlaDNMb_x10lAxCgoCZ3-zhgyUkUIZLbKQjtWM5xBlvIE6pOkYBFgQ2pkKBFCrdiHM9Gv_Du-zhtZqNK_TqaiUG9hJyj4vwztbNXS4zWAVYCVIpAq1X3x-qtrsZ3-pl_Oh6qm1npRTbaa35jEgFxHAuRjLL04-2suceHYXE9afd7dd8v0yfhSkNzSiYFJ9B9wfGsFifywtW7w6rjIBhwaBxBK6lRxyaxt-PAXuWnBSRc8z4Cw9_v6m46eSe1ls_L7ndqwNcuYQJ1sQ3-vLjDd0wQCi7Eb0puHnRL0HJlI6u9iEKX_clZJ_4qWDIOiJgOhHhD-bZUSHGdmZUbipDZPiGmsaxgKb_Fj0qL4T0tvrOwsJ4DeFfO5cCtBCXGKeHLV3aiMYBPlK3m3sdRldYmOjqlfzdUDqbamaSehefgl_6ics5oZoR2pKyi_47zEH_N8w5-96-b9dupUM02NvpcNIDOvPm9mFgSL4dczVnsGlcDJibHrKo1PcZweQxYlQCnb8C2YEmUNIma7PiAI1Pn67VAwPEuFTKHcSFtye-PKKAQ7quLx25pl77AUKpzIIMXqGklpj8LG3-Jd6dVv2N8INF4B-5bcxPe73GeMgey1NhmYk8i00lmpAR6cv2AsjOS-eaNRe6Kfem_dHRS3dCTY8g-JLaAUExAnGBgbmFM1rV10JCywk_iQ3TKFR64is3Eny1GSm48fyWhxOIXlzPFgCJYu8YG0YLJNl89XidkVD3GQynLVE6OQLxrGtSZ9fQxdfIG-bP-R_XyLBsIKhQ&cid=CAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=5385593127535561000&adk=2004672170&idt=166&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1238902b73e1d18704723d7f9021868af51c722ed28680ade1c4e66d00c18810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 35C6 41 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMccxNwp-h1I54EIhf6nH8MAbPv4PAnBoX0MBtrKdJ6nCn1cJDAwEPfaxrgx9MTT2GQx9otREs9xvXe3QtIiM2rHvFFwOlnJvivK4FAUuhaoPyshn7NqJC8fI0AbaIp6HOqgLBiyBzPKwHJU9R_6wLHoz803edQ7H790woeHoaWlqwoCY&cry=1&dbm_d=AKAmf-Ch7mTz7sh5bCWBO6yqGmSR0a29VhTJs-uer20iUCfNKVhL27LcDf8Aa1y1f91NoJ6aUjjceT-iYyHEkLlXxzALK0kIEzotllP-OXc6_k97Aap9IGv8511-HLSAcTRAd_dprS_vFrbx5uSRiB0omntc4qekW57cAatozFYNX4C9oNaNcIi5MXoMwHEitTi-gGf7cMVT4HbYBOc-U1VLLUaKSgAIYatmalM7rY-k_pXTXkO457wDOHTzOCIutyYygkCt5owwOW6bEmIrrH_ReKUfVh-CJLvxrkHkxgevJUjxmKcGUkuUoMav4IJj3pjUJzoK0xHJH_wTEdHbZoggRRT0J_kC_IKt9dHvyJhEUkhR3ELbEUyPFq1Jp0aa3PoeQEFW3xtOvCNcXo0piMpQ2QhKp7x3o6XiAbGzVtnts0OSVelHOYL0i0H4HocVtLNlHugNp_7HPSjqHFjEYjEOcSJ6WLE2xujuaKJnch-YbIEnAyeEFTiB9C6807pTBsOehwKEkWyvi5W21eEs-bazor3TFKEktzDD44IIQddQr8D7TwAcuGboIM1sOQ7oCCopqm3Pk5Eu3TjErK6syeqoZRWFa5qU6nCsFa1GVuOBGps3HUh9ht3jJCbS1GT3WaUUbWbDbYJc3V30YM9C6x0FQgLx4-8tnQvMxSBrxagDRsQX5moxxyQ6A6xGWjIst1SOJGktO8RQsrqXdEF7DQSti7oCdGXzUsr_ZIG4LfW3jgKJStHFpivi-bQcty56lHomVzLpAm-Np4ZZlgvLaQenGqNz0TueAboMrsRLD5gTvEKMWLZXdiG87m788VkljeFOXmPa_jRDGtL0eIcY2yMRd_OisI2nU8x4VKlpSSL8aPrLMQCKsnPYZOHGDS4aGxhVGPvXChV8qEkgfLMfYDoIOljL3xm_e1wmE2wMBbrDXhFZpDUYYAagdpAOtp8FtKDBhmaIdeEgEGjHTZRnn57Mb3v9mb3YoV9h4a933GW5kAf9ephUqJk0m59Oj0YOS8-maDIh-0VRuKUbJw67yGzS6WZ7EddfbyVIuRFb89q-0TObqXrhgBv510ZxQR4-9UoRBrU9E25q4eRtOFh5K4QZRfugQgaCwWBXBlXJVDXgSNy4B81kd2z2pqhUQGfDKUoxNSGFTwf6-vYtLKrpQEJTXROdGmonSWy7Nej6w1K9Cuqgdm1ICui81EjB5BOOiMteVakQdKGPz7aGzLgqDDx0-Q248cu5H5cb80ByyXPeODNyNExuywwMfH06vAcZ1jLmemgfwonB9ROAjLgkMcIv2EVH9pBxxOj20UjqSZWRkObfcUog7ZFIwigRZWVEbmpfiSnsSliJcQ786hWdmSQQe2Ri_rVxlewzcPTDQXHzUDgtv6tKNWkSAEj35gckWF7w_h5v278EEYIo7BSDxk4KitjGPwVqf-gf3bzl1-LMpWVGipPJkwUy5Y2rT96wT6v3mDU3EBvadZQjLxpEUWRupw__P6MZQo9iXHaeyVXBFOHuMONfyyN0YFJkR3v5ItJAVcPXBveB2XxFhg3TKiP431J_PyhWSKJX5ZT0sGZT-6JPJDWlOEa1MNzjmuJ7LG-bSmkHKKuf5pArvtT-3REd2AkSVBXm8U7D2Y-Q5CddWX5pXNHEIztoNZ0RCWncsDPWsua3hUVAN0mR0e585GP9gtnvoxduUDEL9PIJ2tHyEuVR_S6p5MuSYlyViU1WrMFbJlZGNhPVk6aqCT9v_fXdV3QcGmACawEl8VEbSHeaGw0XTh99H7eZPBPJyAoGHjXdU4du5RH_Y9i85mEjHUD9bnVqoOwRzML7Xwdr7TcZkYeifrt9kwNkTLEEs0ZseNmvDmYMmC5isiMhQzvCzd8YI43fkhk83np_mHH3Kul9GdXG1a0b-HRBwi00z7eoSA9-nw9NOSNZZwjT3bGZN6WrSkfi5w7kRV8X80Q-CuCW_MUNbbY_xp1Jzq82Bk12kVPlWUFhK2nlVONndaSPK1TxhAa49KzCkykOSi58UyU7bGJLJOhGHGWcN08i7a6K9tXdpEC0oPTIwxNy-MMUD-9_LgJFkYs1qIxuzxLA2R1a7BvWLfOvGiqCmL-H9Ej2BZer92Ni0yTC0ym1UKt6OHbxUivUVJwT7_iQarNnFUDPeYheywTvyvzVcbDBG7LrMCIqWqSzZSNhBdhQoB0sQMrKSU7XBUyaCBHGHkPdZFahzPjtMW8F8TBnQWz5-6Uhnjsp8U0yu5XdFplyzudQ-LTaSueKeunto0CxC87q0X-OiyJDR1en9XqylIbF8vw_97f56HGgHXpDwA4ZMfWLrB4aK0XyPAzf4NFkcWBnK81hIiWgF9nKoDyrM20GZ0l_AtNt2fcka2t6Emmm0clvoaXyY8yG9k1HRmYzMXpLoLgnxZekdgtAI9b78hREEtU76toLsMeSXYF9L3XegVFiG54wd9IKvEzjfUQY90nHFndsLboBNLEE37lRPfNFxbt7ksECnnd3_XbV2v4b52RsDXny3bwvrR6kFVNYKmSrsHtzYAklDvfneB-CucXcDdfQqfR9na7xRLE2OLoDHLlUol5PyFD76o4ehik8qO9n62aKIK1HN8361RiOiR4wfO8PvCeJ7WLYJD4J-mX42I3qKWd1pdGC16z16PqLSBsPaCFjuw-s-mT5jnv6efX9nUTzQOCWLctJ3vhZLW-EqxhDu2rm65LYpv1CocXi2F9vfVNK7lz9jd8aGfKV1pB_VZYCxa_Rm4nk9mzi3KH9S-NiJwAlB5YHu7Y9706vbwut_fplYa5QhUaxoqZlZkFs014USK2ThNrv8AeYYe8lgj5K0K1219NHRO77guJJ9SmCTH68WP5rf_MMs_sq1NwOZCkDuuvf7c2X9YFdjwk5qb8_uPN0RFARD6q8zVreu9vlZRwwg7bvriJOQV6-x1gmuJ3fiQ87gnssSEp3CHR24jHiYjgE2HumAzWXnpT-CMzG4FgE7y9hLsV5VYubPWgObyLwHn4g8vQ2xIQ3q51I1CWUKuM7OTF07kKout4HUa1kkjqXuVz7xwCBLdd0B1ztQPorlYfaAK494sD4SBvBw0Q4tD9xoTJgrsk_Jr_Ohgm7tylnknz_L80iVsJwBoeeeMNVPIZIouEK0t6I33eAModhkX-B948kA2XqM1fDoXyTe1vIdepGauI6frneCvvJAqzcp2VTmymYsD8DvRVkzWqsnz-Ch9TY8mf8oRd-DvbT_Apbfu2Bd97NrOlK8kzwRSJjRNQ9fU4-lc8NZlomULgUP2eRfV-lpCmimZzymhaSdMpR-PilT0ErXg5-dAf3tggB20v9CnBkYAFtMkh5_0P4CN6wMQMUmYMGBOISGi15d2RbaUm0s3T4vIKSprM-o1jBXPiLy5CIRIC8ckUsmj4zXqBeaQj7p5olow9hT85a5zA97zYVPOpN9LlzpurQfSjrCM8DulfwJaWx0rZ3jyxurVicW4yRiK7uYMd7KEy1freIKV85e3sZ_e6_nVgLwzMpaeI3m3nBv2q5y7cS80alvu5yCjg0318qqbsy8fjMUZf1L-JgNaoaTwbEZz_HVWrknyfn4VqYGnuPsW6i3A7Q4DDBH5W9Wnfnn_lCrSFG61_B-l_Pdiry3Ndd1AJ1CrjW-QqmpXstStGstbwk952MyweaMkDbbUpx2D6BvAIkM7Mbo6VVoJGECoFicQs-6J0PsGnMdWzVMoNc1Rsoj2D-_bTwLq2oecR34C_ZTDCF_A9EOQSGm5P5i_EXWiIbf0SVgyLmpptXqNAvMyCj1rsbmT0GStgROHtb8Qk706rOUM-cBcY2Hfu5xYaE5WdGOzQ_JwtngFk0aO-TDg1twpv2Rl6HUXqM-JXLD0RvpicJ0paisJhQL-cLw14n3H3cO2fHumloSpJ1wp4BUQ4-BusAR6eOEReft15qOnTc6Eob4JjTAzBR2-r2WV4aIplwAmWYrEzTS2avBpGv0WmpjrcxP4tvBtk280zSx3mcU4ineNu9oESrfvIHmYjKKf55L_pB9PvqI5sqTBWG0GBMlRviVPpVmnsP4-hXCA7MYonYeDgOMc8-xDflzJ2T1HkaS4UzmbHo2UaCC45ld8Es5WrK4HWL1Y9vBQQvloov5_xq_yC4ivuGj4ID-EMVVRyD3-oA1zvb-TKup_3m4NW7gxtY5drjhkIg0a7cQE5yTs7uT1_sCxsLDPtLg29HsuSOH6refGLjw2wVz34JLh2KH6C-Usf65HFMhsthZhXoyhka4dpCQRlJA6JAnluh_W5ZqvHtpIPstYZVBiWW&cid=CAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=3097719138306891300&adk=3037181500&idt=92&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 14:17:59 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame 35C6 12 KB
5 KB 54ms
12ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1699025133235446&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5f7919c35fa7282144d5380cf3e9536ba9c4743dea6d7b50174f9496392d4c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4421
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6E1C 38 KB
13 KB 31ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 14:18:21 GMT
expires: Sat, 02 Nov 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6491056608689&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6491056608689&version=m202309260101&ct=76&x=1&cor=6817873491663656000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7573 112 KB
42 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbEUS1yAq0SkSPUgtL0KR6GCJ899aysmeRgcSzahsDFsUvEP9WksIH9PWCTAdb7K9xQ7vcRv6Dh8GPMNaf9ij9AC86u-3ms1mqAJbchBkpsJRnJWcPdvGfLa7xd5ixtcLhDOiJqtBHFjE9Zi53nIwoHoBzEdTCGY8fJbLC0DWHBM7VZs8&dbm_d=AKAmf-BLA93AMs6UZvJYqcaITQnzkiNvMqmyU8EnpAmfv6gtOUul8h6TTdB5IKyCfLOsJ5e_W2jecJsbNivpjBafQyVQOfyb2OEdWK_6j_qYIiy1nJQvccr9D_uno7Dmuqrs01R7Jz8qzzRsFSEbv1G3Gwi97ql-XhhmqC024hFbaqxrOrjHBqvPfyjcORuUbzGXyvdi5QbvRr7WkM_KDdM6ZcBjJNGzk3RBt8AdCvJAeo9D3PrnKH4fC5PbwhBi3_tx0KqickqXSmwSPuF97WyoOEIOHTyaDnRK5-RwJIEx3paIbB-1eFKKNW8gIvgPqG3ZpTs80-szw2zhqQ_wUy4o1raDIbmGu8yzXfro3OYNUw9ZG3g4HBKcZzQ8Qz5YsSK2__84UMjJuD9m8Y2rFR92j2wjnQIKsp109QcsOpxe_3zjQVI9iqFElGVxfKUiJ2-Ww2gWh2NM_SpQcoG-yh-LHPxRdc3qo_XLQcGZfSJu039Npj1rVhItOmjUTz4XynaG2lgfk2o6PhHN0VpU2T76ObTICivpJKzpvGdb37IyziLi6Grd7K848CltFMqtMjj2mqKzzpICO2l47W-80JMatTV18JWvOoItr2aFnX-ZD-vEoRQAQu1QSmK3ySaKzhoDspNVB3dCcsUshpJWtvjfGGANoIMjy9d_uXZ4Zq5-1Pob4_MK7PzatNqeBzhv8Ed7OaIzGd6jNiMjTjTC3jUwfuzSIznaqVkOUFvZ6XL_ocHa5X_TKNMKyLMqmPQUKWHaU2eAc3aNM_YTOQxg6RO80Pzx_0TBUfQS6hEBrlNPNunWo559fX41JwQ4APJLD2Epbozh0AJBEJ-pl2mu4MfIm75xgomzVvboO2J4OJ7PR3wncodBadD0yOEKszK1CFqYYdmnM4pSs7OfmbNee1QiMfB-v8stvUTif06cIdb38IiXXX0-i8PdgDn7k62WBYsVKgntwh0nX3_FBwf7vyNKLYaor-SAU2jI11XbtwJdfLNEFeyz-pFpyfjR_tphhPntKSvc5MZhX0JYjQMhgJ26lTGtbV2RaJAkxsIb0bu0j0HKjxKxqWJfZxGPE9kTEywR7whZqbg1oEZ8J-wOjz9sTU-SMjBvf7VqBKxrZeduwetqeRB8-Cc5mv-0hSNKTlsqAqN0NcgDqHaJApp2xcaLMaHStccVTZOb86P6qAPG_HzCCwS2OET4vb4sAkrqRBApgtoUdfrP4qfPUV6s7QKL2OMbZao6zA7SeKLRr9_ClDa_MqcC3z5vavPZNkhECfM7CULFGcr3m2IZlB4SHq8S1lhIFGvaeI-70uRwqSR3ytc1u0gfxeFUnUp0dHICdnztNlNAXOgEddIp0tb8Ouq2iC95REwTpO0J-EcixrH_e1NOdcWeWBkmWdayqG-ql5CBDNHK76eKlYC-YUeKTOoNPDGBgXQqCkQ0ynPQseArbeqLxMYkLS6_FASfo7QYh9INbmxr9fk3KCfIkzZUKg2zZ8QXs0vFRM9FIDa5VUfRrtd7QrABRUT2KG4itJSH2ILhhvpGE9mIRRtFZMVGzh_gG7NxGpWyxRiIpp4U_HIdr49GdRTORounfveU04NS9PbSPF9oFzgkLLnu_j4LJBoGTZHNsxxES_pootiT9tgAc-V3qZCRv6s_ozr3QJycimjtlBSps6TiUMI16z6sn3FuCyeJKVOM_2XMXwbdLkA-SU6Wz6iihT6FYM7erAMMvn2umfjJuMtM0uRG6BUG9l35vU4x7eXNBL5qlgBfqR_iNByahEdcNGPRtbzrlv32n534XaIG9KEkpqSAkFZQZ7sdNabP16UMGwmaQp4pOo19a1klI0T8PeC2_EB5ajxpL9UaVOGWs-wuaSRiXPeaE7l5jB4z8V4nLoBRUl14A71qoZgTP-JFV1yROrONOsjqrJxxbBc7mK2i36mHS21OMOkeTFlw2Ke4on-sIT8TBMwXxYH0EUGZrF2OyQQ7hYEp0FOVISvejspRd1jCRhkwzhFIBwszI9esec5RIJuCVwhNREIjX5Ay-eJZHdU35vDbu9GOspDpYYrywoS6t42nE2qN-JjExOzM-O1-bu0Boq-uz-Pb3dUlbrXrOrlxE-f2SI5sVe7idQO33lzVgZK9XfLvoksUdvRFs49VuhhzI_jqk4wWpS-Umc3_mPOuospvfINYLByU8WNU3ub0zDP7v682FwjHuDwJVThvLrf7KrttYo_VNHgnD8wiyc5sS3c3mo2LnVFKaTfwRu0x9TOxJYYl1vc1wa8LhdJCwRbULjz9TH4o057dlkOK2JhjSsMl2We56Yh3EsRW9MdW3E09fl3vj04OeIQ4I_OIryxXhOK8szyDSZqCoQPoN9Vtp6RySBRgsfRolgKJbIveneNCyk4lSl7kmV6Ar4L9hqt5ro64aKD2nY9qmOJg-bv63MLNAwuh5VADNpi6qaCPRAnGXAhtIFzkSYmMO1eX6BUDXwcLCOdqC5tGFIiMzQBcN-FMGRGJ6-ZLy-bzICqePSDzKRn3IN95A_533y40vZLISpiBd8CMOSWskZbzZIZH2MJpXY9ahQY6Nq_Zwmfo7tv665VEGoW4TTGA_Py6BNkfbvijS_JZ9zpuQms2tuRpfGzmQLnbPNymF9fEJk8MSQzbPfZp_o3Q1Y88WtxGa_1x8hDpkCI2XIohC6mp-ydsHSdkcXTRB90rbl3vYuUJzlsnGDifHBpft9-5Pj7FEOK3QWqKlNTreuqTEt8aiW-SOoVwBxYBOg6Y5ndh2q1yDAA-F2iXiaCMO6zHnm5ru9lEyhFzbwWNah_VWL35_mzAWAhy_qTHoTP2FyLkl2sEggWbglaH1gKcaziUPSDBmvIi3Au9xzmzLtyJ-LKxknDtTG45pO8nHlibO6GdrRUHKy13qZ_Inm4JNlx1HEyijjEriM24IOH4UYwroVr6RGw-GogtZ57vFlDAczETMj5T0ujQzBGwcJnyCzPutJNAXQEOeHjOTx6umEJAfJIwGpPh10q2Wc0K-H36SbsIufUYeRlzZC9eO2dTTPhbwKiFoEZcVchVR07nDPWmyVj7x6ep7kT-2LnfMi3jun-Es3Wuj9t8R8mKpcUne767sdk5KbAtbvf9zMKC3C4DE7vxmmjY8vtTn2yEWUW_TVtKMQsgVXVy8IBpCLqB1hzsVA6gMZDI2o4_gMoHFPnVFAY4jP4m0mDLaVCW3rhH4HYLVUKs3Ao5VHXChWKsWeqQOdutjCTSlkElpKIKM-S9nNEjisfn7RRKuFY5jynp1GuDKJFItsCaEhYukbhVMHZ1nB3_CweDYTcF-zk_N_AxSDFPW8smKtmBthV3arWmN-IfbvFkB74mSfWZ7xcx9cCA-Vz_Lxohop2N_FW_BUUI3X-wS3h_wqyS3cVDybmel0TdnZCjTTUQCRrpSMjKGzOyE6Z18YaG8-vxDC5UCXqBX_e4tJ_IlKdpur5K6W41_o44OAVBLJXCatuX1nH3QrGuECp0pnVqZHfqHVgwbTlXn3dWFrX8OkRGzAZ402Ik0VoEURjooFwMGlUDHOIAANRi3TDr-GGw5HqCvm7SU5QN1nWfRNysH-CGHpJdLlPemizufccxqL9KO1slG1LqpA7yU3PrMX9QZLSJVZXgfSWLbsRHpEthinGEX8qLGuurAYiiLFF07TaLTO4bFg7wsZrrD3iiPlZ2ibAjbiW9dYaGO0A2Hv2kkCcto1XkI-hiBijiv6enMP4Z822LVIynU4UA8lRU2cpgjC_r1erzyEc8CccnU_IJu-SG8GZQ8OEaZGYq0HveRFrLXHA4wbuYMbnsA1LCCy7niMGCFG18np56xQ0ffufbMAFsq0zyq40QEu6cy9o3z946QW2rE5FRD9Kyjq-FhseU00k9A7oDkk1xHSfmiLBHBxxdXa6NyZZD0vlkrL5NLu8A1xgqW1zM6b5dR2yIhHQrHzmaN3VD84R36vCyxOzollfmFCj1l2SZ2ZXRzRLThIqnxWGggF1m-sr7Dct4w94tgt44gPsgPgarWDK2zwJ_vCzkkbJMNAEMjXybn6aMMSkJWstIZzOBvDECboQhYCi0j3dp67POcMoks8Nelqdm4voOFIPcHk8FaYCU6r9LmiafKwbPwAlOuHnwQEWRWkowjwBrSuk7lBSe8dyrZk0L-KS4RxfpLn8VE4UwbZa3RFEBN5l4U6Azt7FhghE8HL9ZkOXqA6AWQBGrLdTbOJF4yOOsCzUXU8n-5hJBQPS3a9Djvm6I9wP6SMFoY7fCWi32rI2Sl8tXSI7HE4Glc33Z21UYsycyd1Zknc42&cid=CAQSOwDICaaNtWgrt4M7RCQaVnI8eI5PjqTf2CZyaHRV-aTFS6Mi_Yu-lNo26fWarIjruncDxpppOdvxNaoLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=6817873491663656000&adk=792902355&idt=129&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cecf401f631441db76cf007bda00b878c398a4c9d226e2250f05bb8e578f5560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2969 41 KB
14 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEvWuAnX7Ts3IIHz7ZRa4GVraG711G1_jPY1MsQQhDIVi1_qz3s8B5FASKktE8s71PUPLPWcPR7Pj-QjA6SZO-OAlSF8W6ST9CDy1CCcUrvGEDrBaGaJ6vICfmxq4e_QeSaaYU4uIrKK9Y-pDcu8svdSEC4dnk4AiExxq7esYzv0U_izg&cry=1&dbm_d=AKAmf-CYlQx4-UWGSdbnYeacPNdjtMZpBtBwjsbyft6KPfDannd1SSMG_neXbaGCmHRvDklsPo7J6lr0Uaw9ZHtp8fEgN7f8RhaXzSAPnJojgJb2lMGgeYJI8HhcxjGldRoCN-pVHaJRva9dwyAdx7NeLssjAjjrcgzLtk27vBHVhEf7hldzEQ6XNXLyISpARhw5I6dvoA-pumO-tU61OhjQ__dKfhn_X6WAhAkgFfXvooPlcsFsb31o0scUVmNG5jnAo-21lw1HDhKx6MZlu0dHv2kaSGf6zXLxsOEWg8idr97ahI1UDgJB0Jn0S5Zi27jG6AjxcDZRkNLA5bb0C-0QDXd-aGRK11KmLKQge47r-0lcSUM7RO9jNO0pCi8lIXWXJE88GVNk_dHR-vG0LkzbA1RrxnNGNwA-v-Gk_CbEOM7UF2oxUEqJX3ZmSAR6nZCUuli_OWqATHXOH_CwGns-el1apVgsCKNEefGhKgvdXzhXryywZ4cV4SzuZBJ1Kox6h6P8akxRG2GRymFHyQgUUC8CZ9pdVv-Kc4TyFgbVvd2MdBQcg2i-cM_XZI8HfAJpojLQ5wmQQaOW_cCKgwXlWZ-Gj2yPzSsScQdiskzAH1qhGG9hAO0v9mL5M52lS3CcoyBUE_-EevscvxO8kbmEOU06fJ8sXeQ1p6Dd3mvG9x2U7P0yFAuebfQYF7nkTvxetEK3o8hGqAOdSbjQfwYgsRGZwZe603hvxJtYOzLFm3j7np4vmvZis6US89mT8VKUEUROeicNbL3pjs9TZ5mwkJj73TCjgAE6dYOIYel10SPXwjlA_2CVGdQZskLO110L2FmcczOF1p0yKYGw9H2X7Cdbrb8DTP8gDWuOSa7Lupj78sUefazZ8ZNG8tQD28cDMkCKCQybUmlan66CGiCcmjtp4SSAFYQ2PZPaYxRZUMXpyUGhgTxrwgu7jd7TqOLvahj3jRr_UvkQ_07GiCFMam95YDN1sLlIKE_EAyBE15jpPeAyJtjoFWj85xgrBgiLn2Dq-kVGGAvSLI3-srrIF2xIZY9Qg6hK7GffxT1_HgSHMBPTWem1bY1iMT-zWErxP8gqLhFWoklEeJBOxsZL2LRAGK5ztVT8beG1guFYxB4FMWCwOdwI4BWDpGIeHddof_nuEjVQDXpmR274PM1aIkoiY2K1e2hilDHl_buZ3KEUbCa7izEW26KGgGVOIfy_mIx6yy9-4SZaXv-mn-mexSfKCu_61nIX9k7kvwFqqsXqxiOgBaaVtY2UHAPfqrOfShIoB93wx4HXpFBLUa4HgPAdXyhPbJjD9qtcJkzKwR1XhU_yhuzN_Ooijkf7ahTnxYMC8xHzZV-2UNIYqC_Emp3e50YJLH6AG2pn9INyUeGNvHy3HKPoFicffBE6x4ytp3nMezImoSxOXaeeqSozddhf14d2tFuWXSlYkFXcu8fiHRU5b2VaWrF6Xy6zw58nui5lrV-npARvBofeuIMV-cJWYWkgV-oVTCMoOQPoXraaD0r3pujkJzVAyNsJ9RnHsiPc6SH5TwLTXOf02STiddCfwH8UR8F8qATI9Udj5ynvzRvOWwQy4AliYsBTaa14Rv6DvdFFMIfYvANfzPPo8T5zjp9V4yWSboKq9XMDi7_5bZkAa9qM5Rgx1kY5tigmhFLmPZ1tsxyKN7tw5h04s0-cxxU-mEv1Qk0xvUh6mJePO_V9hyJPV_qeLk0KlCf6w3aRvNgm_JgsdrHi7rNOC-Z4BDZ7ojh5izX1tQ2tQF6ZMlizG5a1_pveXIcimVonKzmpC93kZShvVHHVvHilR4SyXjCfLgrnapLk8n3Pb8t71h1ItsYJnDAvVGtaSuEXzFbQ0mqN6jdbjulTDCFWBAoKX1Y4Q8jW7xehomuJsHmjnC2Ps-jZ20MhoD6VJlww00VaDZ0P1hl-6beg822nNZwGHSEBZQvB4ldNq2OxVJjTOR8YYkaJgm_tC_eUrWtZuhd8uI2X-e9xUFJUMTuwi2pVLOpgyP98Tv4PteuczA0SUy2vQMdBH1NmGB5HaDrSN6HfNCyV0G7ka5-h4UovOv-Ca0X8X_nd0tOLRDiassNbxS8pQKAb4x8Sw1ACv0H83gclXFsLYG3frz6NfCe3x4ezv-o81FlEaI-AnVX0YY_nW1eAJglzVx6ZSq6tUjClVxAFOiRkX-sGNVBMmlHRDf2yavllRoJNpmrofZs23Zn9mCtSpfyi8bcjvl9JO1roO_Df7fwVt2dR4tIk5UhEGP8Ao4hmR6HDhiKuvhfGQzCvrjVrQI2-REulY1WSVHjM9K99Im1ELp3wn4SWTSzHxHOS25uDhMenvh1cWZun5_ZVdYU8d7c1hmp5ddhReZLEEl4Bbnm6v6NGWYoMBiUVG7ftRr5B9WyKhFfLh7dG_1Y3mPmUUYvMnqbnJpri6daxS7FFgeVUmXI-6-uguwL1fTMRpn_0Yy4tCHAJ1zqWgluExlTMzjJwp6cQNQ-6gfBf2AcX4vVsQyc7-hJIgm-zW9Q1acWifOFTuq41qZ030weytD7W2-MmC2Nn22tpAUQcTSZe7xFultvK8U_Pe3n1NXGIO-wBHRvevf0X0NG8Kw79qIMlLoRrdzifVTVL52uaHjozvliL7eV8zyRgMQrAZn5gfVINto6JpybSNmawp2Hxe2SmJISCCcU2vMG6xOO3Mwr3s7LxPFJrqyPlk3hi6a_KdwoQiJCLUnNj-Z-IStqzJ7unLE5aDS-fqbDViV2nMhhEH8QMdTCsH3qwfeARXDq60xZAwulCzxDgHolmM3umqG1s2ma-y1P0KD1oLe6Tenv-qgHaTrW7CEn4nNByy6PMiC16LQyxPtsd4Yl9iOl4AM3U_N7Yzgg5pXNHDYtGCh9EqclaZakjIySegwNQS-c-uAK1r_dfFaF56bVTHs-70V7HJeMg0QSZb9g_Ajjh-i0d_qKUYcvamhQ4svTovWxWem5yD0LKkR8DQ6xSH1pVnCXQyhal-CZkDhA0bJYTPjORZe1xSZKn0eFNLEgd5UBf7WzWXkRDaNXDRVUUWUqi1lXQhWVfEu8A21zY5-NF3CV1XhnSbwZalyU22DHam7ElUcJfwTF6Wm52OiGb-6mvpx3_Zy3SOCsbtRNPwUPop8oRfsBUq7XL9OAigp1Docm3ki7RmgcOdKS7OOMRcPDGgWUAjtFaYkaB2nanRt9vSWtgLlQJo6lr8zIdGiQEWRVMdhkC_4kBFzEA9Mda_5WgpvnLAXDLkpDqKKHBHCaM3paTpsvV7M511oVW9Y8n87g9Z5kzQhGcPLy9FXA90VWV1JAbKjNhkwcF7mdHaSzyNEkXxdnLKpqjmLnyz1GAoORABXC5BkTc4XlNnPgMwQBxkKXaLAl7LAFTOtXDXGvFpB47TH2VRMwxzcqs9l-N-FRSoLFZmCBJbwOluqG3OsJ-8s9mdhvjjn7L3KybUPN96gzhg2UC8frP6iRfl4KNNnJL2pycKX-t33EJBZqzTy8Tjx_bI9ybKnH-cSFTiZX3x9y_tLvGmTUAlaDNMb_x10lAxCgoCZ3-zhgyUkUIZLbKQjtWM5xBlvIE6pOkYBFgQ2pkKBFCrdiHM9Gv_Du-zhtZqNK_TqaiUG9hJyj4vwztbNXS4zWAVYCVIpAq1X3x-qtrsZ3-pl_Oh6qm1npRTbaa35jEgFxHAuRjLL04-2suceHYXE9afd7dd8v0yfhSkNzSiYFJ9B9wfGsFifywtW7w6rjIBhwaBxBK6lRxyaxt-PAXuWnBSRc8z4Cw9_v6m46eSe1ls_L7ndqwNcuYQJ1sQ3-vLjDd0wQCi7Eb0puHnRL0HJlI6u9iEKX_clZJ_4qWDIOiJgOhHhD-bZUSHGdmZUbipDZPiGmsaxgKb_Fj0qL4T0tvrOwsJ4DeFfO5cCtBCXGKeHLV3aiMYBPlK3m3sdRldYmOjqlfzdUDqbamaSehefgl_6ics5oZoR2pKyi_47zEH_N8w5-96-b9dupUM02NvpcNIDOvPm9mFgSL4dczVnsGlcDJibHrKo1PcZweQxYlQCnb8C2YEmUNIma7PiAI1Pn67VAwPEuFTKHcSFtye-PKKAQ7quLx25pl77AUKpzIIMXqGklpj8LG3-Jd6dVv2N8INF4B-5bcxPe73GeMgey1NhmYk8i00lmpAR6cv2AsjOS-eaNRe6Kfem_dHRS3dCTY8g-JLaAUExAnGBgbmFM1rV10JCywk_iQ3TKFR64is3Eny1GSm48fyWhxOIXlzPFgCJYu8YG0YLJNl89XidkVD3GQynLVE6OQLxrGtSZ9fQxdfIG-bP-R_XyLBsIKhQ&cid=CAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=5385593127535561000&adk=2004672170&idt=166&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 14:17:59 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame 2969 12 KB
5 KB 36ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1699025133246191&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3ff6b6d4a3018c2955ebcba77327e323f89de2510f4e2d512cd87a3491fec89b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4428
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 35C6
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

106ms
84ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e2925d7e324d859d4b1c66bc41bf4418ffccbcb9d82337b2b25a11c0a43102da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:33 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 90737500104271904444552012497017
Connection: close
Content-Length: 1338
Expires: Fri, 03 Nov 2023 15:25:33 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:33 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 03 Nov 2023 15:25:33 +0100

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E1C 38 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 14:48:09 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 27A0 38 KB
13 KB 27ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 14:18:21 GMT
expires: Sat, 02 Nov 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame 2969
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

108ms
84ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: eaa2ab342817f20198327bb3bf58c0c46b2012701abd9ccd67a8ea942a4464a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:33 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 85871400096651404444552012497002
Connection: close
Content-Length: 1333
Expires: Fri, 03 Nov 2023 15:25:33 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:33 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 03 Nov 2023 15:25:33 +0100

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523879/ Frame 7573 252 KB
76 KB 129ms
34ms Script
application/javascript 52.208.223.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523879/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20496570232&bidurl=https://std.stheadline.com/daily/article/2555061/%25E6%2597%25A5%25E5%25A0%25B1-%25E9%2587%2591%25E8%259E%258D-%25E5%2582%25B3%25E6%25B2%2599%25E7%2589%25B9%25E9%2598%25BF%25E7%25BE%258E%25E6%258E%25A2%25E8%25B7%25AF-%25E4%25BE%2586%25E6%25B8%25AF%25E4%25B8%258A%25E5%25B8%2582&ias_dealId=&xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gWXzD52NMLX4ivVkTrcrE-
Requested by: Host: std.stheadline.com
URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.223.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-223-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 007608d4b9c0ace879bf0975020ffada24cfd4e4ab54a24737f380899f304010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7573 111 KB
39 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Origin: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 7573 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbEUS1yAq0SkSPUgtL0KR6GCJ899aysmeRgcSzahsDFsUvEP9WksIH9PWCTAdb7K9xQ7vcRv6Dh8GPMNaf9ij9AC86u-3ms1mqAJbchBkpsJRnJWcPdvGfLa7xd5ixtcLhDOiJqtBHFjE9Zi53nIwoHoBzEdTCGY8fJbLC0DWHBM7VZs8&dbm_d=AKAmf-BLA93AMs6UZvJYqcaITQnzkiNvMqmyU8EnpAmfv6gtOUul8h6TTdB5IKyCfLOsJ5e_W2jecJsbNivpjBafQyVQOfyb2OEdWK_6j_qYIiy1nJQvccr9D_uno7Dmuqrs01R7Jz8qzzRsFSEbv1G3Gwi97ql-XhhmqC024hFbaqxrOrjHBqvPfyjcORuUbzGXyvdi5QbvRr7WkM_KDdM6ZcBjJNGzk3RBt8AdCvJAeo9D3PrnKH4fC5PbwhBi3_tx0KqickqXSmwSPuF97WyoOEIOHTyaDnRK5-RwJIEx3paIbB-1eFKKNW8gIvgPqG3ZpTs80-szw2zhqQ_wUy4o1raDIbmGu8yzXfro3OYNUw9ZG3g4HBKcZzQ8Qz5YsSK2__84UMjJuD9m8Y2rFR92j2wjnQIKsp109QcsOpxe_3zjQVI9iqFElGVxfKUiJ2-Ww2gWh2NM_SpQcoG-yh-LHPxRdc3qo_XLQcGZfSJu039Npj1rVhItOmjUTz4XynaG2lgfk2o6PhHN0VpU2T76ObTICivpJKzpvGdb37IyziLi6Grd7K848CltFMqtMjj2mqKzzpICO2l47W-80JMatTV18JWvOoItr2aFnX-ZD-vEoRQAQu1QSmK3ySaKzhoDspNVB3dCcsUshpJWtvjfGGANoIMjy9d_uXZ4Zq5-1Pob4_MK7PzatNqeBzhv8Ed7OaIzGd6jNiMjTjTC3jUwfuzSIznaqVkOUFvZ6XL_ocHa5X_TKNMKyLMqmPQUKWHaU2eAc3aNM_YTOQxg6RO80Pzx_0TBUfQS6hEBrlNPNunWo559fX41JwQ4APJLD2Epbozh0AJBEJ-pl2mu4MfIm75xgomzVvboO2J4OJ7PR3wncodBadD0yOEKszK1CFqYYdmnM4pSs7OfmbNee1QiMfB-v8stvUTif06cIdb38IiXXX0-i8PdgDn7k62WBYsVKgntwh0nX3_FBwf7vyNKLYaor-SAU2jI11XbtwJdfLNEFeyz-pFpyfjR_tphhPntKSvc5MZhX0JYjQMhgJ26lTGtbV2RaJAkxsIb0bu0j0HKjxKxqWJfZxGPE9kTEywR7whZqbg1oEZ8J-wOjz9sTU-SMjBvf7VqBKxrZeduwetqeRB8-Cc5mv-0hSNKTlsqAqN0NcgDqHaJApp2xcaLMaHStccVTZOb86P6qAPG_HzCCwS2OET4vb4sAkrqRBApgtoUdfrP4qfPUV6s7QKL2OMbZao6zA7SeKLRr9_ClDa_MqcC3z5vavPZNkhECfM7CULFGcr3m2IZlB4SHq8S1lhIFGvaeI-70uRwqSR3ytc1u0gfxeFUnUp0dHICdnztNlNAXOgEddIp0tb8Ouq2iC95REwTpO0J-EcixrH_e1NOdcWeWBkmWdayqG-ql5CBDNHK76eKlYC-YUeKTOoNPDGBgXQqCkQ0ynPQseArbeqLxMYkLS6_FASfo7QYh9INbmxr9fk3KCfIkzZUKg2zZ8QXs0vFRM9FIDa5VUfRrtd7QrABRUT2KG4itJSH2ILhhvpGE9mIRRtFZMVGzh_gG7NxGpWyxRiIpp4U_HIdr49GdRTORounfveU04NS9PbSPF9oFzgkLLnu_j4LJBoGTZHNsxxES_pootiT9tgAc-V3qZCRv6s_ozr3QJycimjtlBSps6TiUMI16z6sn3FuCyeJKVOM_2XMXwbdLkA-SU6Wz6iihT6FYM7erAMMvn2umfjJuMtM0uRG6BUG9l35vU4x7eXNBL5qlgBfqR_iNByahEdcNGPRtbzrlv32n534XaIG9KEkpqSAkFZQZ7sdNabP16UMGwmaQp4pOo19a1klI0T8PeC2_EB5ajxpL9UaVOGWs-wuaSRiXPeaE7l5jB4z8V4nLoBRUl14A71qoZgTP-JFV1yROrONOsjqrJxxbBc7mK2i36mHS21OMOkeTFlw2Ke4on-sIT8TBMwXxYH0EUGZrF2OyQQ7hYEp0FOVISvejspRd1jCRhkwzhFIBwszI9esec5RIJuCVwhNREIjX5Ay-eJZHdU35vDbu9GOspDpYYrywoS6t42nE2qN-JjExOzM-O1-bu0Boq-uz-Pb3dUlbrXrOrlxE-f2SI5sVe7idQO33lzVgZK9XfLvoksUdvRFs49VuhhzI_jqk4wWpS-Umc3_mPOuospvfINYLByU8WNU3ub0zDP7v682FwjHuDwJVThvLrf7KrttYo_VNHgnD8wiyc5sS3c3mo2LnVFKaTfwRu0x9TOxJYYl1vc1wa8LhdJCwRbULjz9TH4o057dlkOK2JhjSsMl2We56Yh3EsRW9MdW3E09fl3vj04OeIQ4I_OIryxXhOK8szyDSZqCoQPoN9Vtp6RySBRgsfRolgKJbIveneNCyk4lSl7kmV6Ar4L9hqt5ro64aKD2nY9qmOJg-bv63MLNAwuh5VADNpi6qaCPRAnGXAhtIFzkSYmMO1eX6BUDXwcLCOdqC5tGFIiMzQBcN-FMGRGJ6-ZLy-bzICqePSDzKRn3IN95A_533y40vZLISpiBd8CMOSWskZbzZIZH2MJpXY9ahQY6Nq_Zwmfo7tv665VEGoW4TTGA_Py6BNkfbvijS_JZ9zpuQms2tuRpfGzmQLnbPNymF9fEJk8MSQzbPfZp_o3Q1Y88WtxGa_1x8hDpkCI2XIohC6mp-ydsHSdkcXTRB90rbl3vYuUJzlsnGDifHBpft9-5Pj7FEOK3QWqKlNTreuqTEt8aiW-SOoVwBxYBOg6Y5ndh2q1yDAA-F2iXiaCMO6zHnm5ru9lEyhFzbwWNah_VWL35_mzAWAhy_qTHoTP2FyLkl2sEggWbglaH1gKcaziUPSDBmvIi3Au9xzmzLtyJ-LKxknDtTG45pO8nHlibO6GdrRUHKy13qZ_Inm4JNlx1HEyijjEriM24IOH4UYwroVr6RGw-GogtZ57vFlDAczETMj5T0ujQzBGwcJnyCzPutJNAXQEOeHjOTx6umEJAfJIwGpPh10q2Wc0K-H36SbsIufUYeRlzZC9eO2dTTPhbwKiFoEZcVchVR07nDPWmyVj7x6ep7kT-2LnfMi3jun-Es3Wuj9t8R8mKpcUne767sdk5KbAtbvf9zMKC3C4DE7vxmmjY8vtTn2yEWUW_TVtKMQsgVXVy8IBpCLqB1hzsVA6gMZDI2o4_gMoHFPnVFAY4jP4m0mDLaVCW3rhH4HYLVUKs3Ao5VHXChWKsWeqQOdutjCTSlkElpKIKM-S9nNEjisfn7RRKuFY5jynp1GuDKJFItsCaEhYukbhVMHZ1nB3_CweDYTcF-zk_N_AxSDFPW8smKtmBthV3arWmN-IfbvFkB74mSfWZ7xcx9cCA-Vz_Lxohop2N_FW_BUUI3X-wS3h_wqyS3cVDybmel0TdnZCjTTUQCRrpSMjKGzOyE6Z18YaG8-vxDC5UCXqBX_e4tJ_IlKdpur5K6W41_o44OAVBLJXCatuX1nH3QrGuECp0pnVqZHfqHVgwbTlXn3dWFrX8OkRGzAZ402Ik0VoEURjooFwMGlUDHOIAANRi3TDr-GGw5HqCvm7SU5QN1nWfRNysH-CGHpJdLlPemizufccxqL9KO1slG1LqpA7yU3PrMX9QZLSJVZXgfSWLbsRHpEthinGEX8qLGuurAYiiLFF07TaLTO4bFg7wsZrrD3iiPlZ2ibAjbiW9dYaGO0A2Hv2kkCcto1XkI-hiBijiv6enMP4Z822LVIynU4UA8lRU2cpgjC_r1erzyEc8CccnU_IJu-SG8GZQ8OEaZGYq0HveRFrLXHA4wbuYMbnsA1LCCy7niMGCFG18np56xQ0ffufbMAFsq0zyq40QEu6cy9o3z946QW2rE5FRD9Kyjq-FhseU00k9A7oDkk1xHSfmiLBHBxxdXa6NyZZD0vlkrL5NLu8A1xgqW1zM6b5dR2yIhHQrHzmaN3VD84R36vCyxOzollfmFCj1l2SZ2ZXRzRLThIqnxWGggF1m-sr7Dct4w94tgt44gPsgPgarWDK2zwJ_vCzkkbJMNAEMjXybn6aMMSkJWstIZzOBvDECboQhYCi0j3dp67POcMoks8Nelqdm4voOFIPcHk8FaYCU6r9LmiafKwbPwAlOuHnwQEWRWkowjwBrSuk7lBSe8dyrZk0L-KS4RxfpLn8VE4UwbZa3RFEBN5l4U6Azt7FhghE8HL9ZkOXqA6AWQBGrLdTbOJF4yOOsCzUXU8n-5hJBQPS3a9Djvm6I9wP6SMFoY7fCWi32rI2Sl8tXSI7HE4Glc33Z21UYsycyd1Zknc42&cid=CAQSOwDICaaNtWgrt4M7RCQaVnI8eI5PjqTf2CZyaHRV-aTFS6Mi_Yu-lNo26fWarIjruncDxpppOdvxNaoLGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fstd.stheadline.com%2F&ds=l&xdt=1&iif=1&cor=6817873491663656000&adk=792902355&idt=129&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:24:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:24:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 7573 31 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11960
x-xss-protection: 0
server: cafe
etag: 17132697034905592634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:28:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7573 41 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D0BB 1 KB
646 B 17ms
17ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 04 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7573 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22ad7191a0426fa373b1512f7fc0da5d2b96c8fe03b4e160015cab08faa3f2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E8F 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOhbF_7VdLWc96KAj4nMLiPC6fPutBVd5WAuXkhEapXV4YEfsPqrZnRoZnY-vyo_pCTIkIfqL9advht7vMRXgd6F-w4FIs2ZLaG_qt9aF0P13UkBw3ntQ8xEzAWWfHP5Hrj1MxwuSXXA&sig=Cg0ArKJSzPJ3ldk3EQJ8EAE&id=lidar2&mcvt=1042&p=594,1124,844,1424&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2728472048&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699025132366&rpt=421&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 27A0 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 14:48:09 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F09C 38 KB
13 KB 29ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 14:18:21 GMT
expires: Sat, 02 Nov 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmQXhSRHvAv0LYsliK8SzcgMDgAQkg...

170 B
188 B

28ms
27ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmQXhSRHvAv0LYsliK8SzcgMDgAQkgAaQIFP9DeNqjy5dIRh7-PXHqp-CEYwUpwk_sFE02bouECmzAeNLNUT_pfEXN8mdwVf

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220055-FRA
pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699025134.928497,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmQXhSRHvAv0LYsliK8SzcgMDgAQkgAaQIFP9DeNqjy5dIRh7-PXHqp-CEYwUpwk_sFE02bouECmzAeNLNUT_pfEXN8mdwVf
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC4hGy7EE9MfSPCG4Fl9Jwc&google_cver=1&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJl...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJlwkldzdy5WScRcAj_v&google_hm=GfdOSkP_QpKNBJvwFZnXp4k

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJlwkldzdy5WScRcAj_v&google_hm=GfdOSkP_QpKNBJvwFZnXp4k

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTK_11HhS8bAt8OFKOeX6y6vcxXmeyvhwMqEmFMhZ8Z_QNglBV5EljzLJFJ5kHN055hPkygmwkwFJlwkldzdy5WScRcAj_v&google_hm=GfdOSkP_QpKNBJvwFZnXp4k
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBXJjQpknRfK84kYnC8SfTc&google_cver=1&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_v...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_vBAp0aVFWiCgA

170 B
188 B

30ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_vBAp0aVFWiCgA

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:33 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmS2qgAuThN8ZtU0WvQk0f2rJk7dllM9vWcPAJwZeDS37cRh8s5QFu9gp9Wo1RMrvOsj8xCmxq1WxZx1Y9_vBAp0aVFWiCgA
x-host: tde-deliveryengine-production-bb588bf9-bhmr8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDxdeNJ_ocjPQ-j9w4fQTCs&google_cver=1&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDxdeNJ_ocjPQ-j9w4fQTCs&google_cver=1&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuC...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDUyMDk1MTM4MTA0ODQ2&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQ...

170 B
188 B

27ms
27ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDUyMDk1MTM4MTA0ODQ2&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQHcGYVK5X3wKs8D2dBdc

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDUyMDk1MTM4MTA0ODQ2&google_push=AXcoOmTjbe1oEnXcA0w_Jfv5t3_rpSN9x8CpdsnurnsBpu_o3HbaSCkTQan75cMkOjw2x2svwuCu4GEQHcGYVK5X3wKs8D2dBdc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEf2gNK5OAzAvUscTSdl_7I&google_cver=1&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTd...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTdijvQaeRimEzGrfdv

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTdijvQaeRimEzGrfdv

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ujup-5HuTcoTY5ej42Hjb2k2Gt8UeIgrGxsXPpzop85F-78rRoc2wCU5VQVw5PiSiI_gFrXZVRTdijvQaeRimEzGrfdv
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame D0BB 43 B
146 B 112ms
11ms Image
image/gif 3.127.126.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIl9uNbLgW73u-20u47Gcxk&google_cver=1&google_push=AXcoOmStZOVgXb8cHJVh2snnZA4oDfCB5oJaEQRw48vNs8O1v5nPCpRuXFhbuEtIgDCTUK7RfhwuiUdoSHCjlyOUMzRUGtMSPbPkIw
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0BB
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4d9054ef-eef5-4c48-a092-e2c9447a60ee&google_cver=1&google_gid=CAESEGF4zCCAJQi0Td6b7rw7_d0&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

28ms
27ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4d9054ef-eef5-4c48-a092-e2c9447a60ee&google_cver=1&google_gid=CAESEGF4zCCAJQi0Td6b7rw7_d0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT85L1o3vij_h6A8qx0pjDcEKsqvMonkSIsMItUZv8yybEs4VBjH0qA0Hl3EUZV5WvdM7tFyO9rycLUu8SNO5EWJrLWszznLA&gdpr=${GDPR}

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4d9054ef-eef5-4c48-a092-e2c9447a60ee&google_cver=1&google_gid=CAESEGF4zCCAJQi0Td6b7rw7_d0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT85L1o3vij_h6A8qx0pjDcEKsqvMonkSIsMItUZv8yybEs4VBjH0qA0Hl3EUZV5WvdM7tFyO9rycLUu8SNO5EWJrLWszznLA&gdpr=${GDPR}
date: Fri, 03 Nov 2023 15:25:33 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D0BB 0
12 B 28ms
28ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IfMY9NOXm8dkLTex--t4A_9bkG9EJiaVE1b-GCdSZeYtBXQdw4AfUWtjCtf_cWKdPO3jumoRs

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12786977581332354964/ Frame D720 6 KB
2 KB 16ms
16ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 346555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1918
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 15:09:38 GMT
expires: Tue, 29 Oct 2024 15:09:38 GMT
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7573 0
0 67ms
67ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGlGgK3xZmj1KY9ZOAQrusGQ10QDryq9FaOAsNWPImjAVI53pfl37P3didF6jE7lBkLq8Wf4ki3g4TgtUmpHSCJEdDq-aWLjcsOIvqpoyQD5Q8t7K2U2y3g-TpI3BnQfzb8cRVaPwABVmZMWKgmJW_vauQhyzloqW20nn5thR3sjWkd5u9eAZnbE0MiQKGM-BAUdIIN_5ME1hA7iVxxDAW77_A3ZzCTU6HTeqDy8ITgEtuL0gGc_Zir8dCV3t5gS9Gmih2NPqNK6bT8anWf8zJp5Gzt_krABmu3gADlgMCSXbr65tLWNJHU3Z4oItNZtOS6eaVF2g1x-PknbHaNUI8LgUgX9qsqdFdRAJLC-MbkQNjvY-DxXuRp1dm0bHF4IKe5eIG-o8mlWOTBv_Loq1AQpASP_Avo44PnePyRnMr5NTWQ6Kual4RvNfFfU6IlxjPxyyD3yI5cG9fJIuYMbTCi9iiDOkjeuH1mQnCVaLzfv9OUtxBQ1RyV0PpMpS4Qs_xvxg1mHSP5bVhuVJfDtIgtOmSYpt-X-zAxH4TwWHurGyx4iOxeHXKav7cG-_G9UKq1v1LNZfh-aVK3kjc4jo3aMTuxwN6_mjPmjMbUDOje4ZMw-bDYwjWLQOe9pXUDuC70exKf_Fcabc5mF4U0wadmqktmOIv4Qxfos7b7zGXBnlT5B5z9HCNvajHNxDKC9IbmVeBVYlcHscvSofYwZXcV4vkYr-6rLqZVb8rJqejGDfCCzlnXbJY-7ge1bXEcPvBLECwjcmsf7VQT5L7iSJFs9FSS9EZTVPlc6AmddPZyAE83A1ckbbsfGIF8TKOp_EKAbm7hmE8pez6fz0BgL5kB2Wpgs-XDNgcak3CvkTBm3_vODSvB9glyzfwhJZTMO6-U7-NvgpVyM9q-Bmo0xFSvENOc2uDTUJ7uyvWMAYFFHjXEXFHqU_jcj91uJ9j7DDgE9Yk_lEX01VZ1N9yEFbVPTmsEPWYh86ltiaAo2OxvL4gv836ezjJdXNPVlvczprRJwvSMaFyr2UYVdlUbFVvhk_sZU-AkqITMBp79Lej-SGWDlyW26mViw8eq-7XIr18FvWdIXP3eBWHxz56rufeHnSV_sqi000nADxfVQzppHwE2ULlA-gkDPeG1M0J2TrvprsID_6X34cBH6X0qVtM7216a2hTqY3NaQVLilrTvxbSd5xbTQPiFWSmIe97J9uS1yW1FdJAnnUwlsIZ4tuBuHdTVBcyrnE1DMJigJX_cJ4lCzHVf8FXzP2VokQ5cjhqHIQrlyCirR-0T-E6eeCwme7w72X8LiC4tsl_CHpUNZyAyQ9No_IxgtLZ5pIuFex_hOCgddSEGpMI-T65RBYRITgOGMDRca_F7xtKctne0WLtHXMiRLzwGRCm7opsVNW752nEj-71XC14sKgIK_2Z9-rrzRo2kiE6D-0M0l-uDh38nQd45Tlp_FpfztiEC-ns5HhMGKz_SQ4R83UoT2huoQpxX3WHo8BXDT_PJPcP4iI&sai=AMfl-YQI8_yezHQfHLyuD26hcp6xLErHnL_IeMDySqIOH37w_0ogmcBkn2CezwKzFTxNIDzoFEpEAUaX0UoIBVp33oZmOc9GdP84Ptb3TULrrd0EjJDx-ld88VfNJlpWPzPYZxKr07OgUO8bx-iXbPs5q1bXPYLCPL_pLxvEaSYIxY2WR0c7EjXN8rQK0Oh182GZSXAcsqK1PaLn6MkgFE3cAqYYONzlIey1DhI8ZPF49A6dtgt77BI2_FnM0hpSTVJwUXgd&sig=Cg0ArKJSzBhJmnleSo_mEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&cbvp=1&cstd=100&cisv=r20231101.35553&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CFF6 42 B
64 B 63ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_Dpe2lzL2U-OLkWlBB10DXPlLPkX45syTDITdaWURlAov5uoz0W_maM7ZNvEM7x798i35qUckqykSLgGtskWarQd2CJlQ7FjqMFpJXSdFb2x2HrLXJmVNDEzpUY6v-5CkXgu5HOc4vQ&sig=Cg0ArKJSzGWxi4gMBB8OEAE&id=lidar2&mcvt=1008&p=328,1124,578,1424&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2589581063&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699025132357&rpt=491&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B687 42 B
64 B 62ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjgNV3us1pMJnVhK3kIknCce4VHKzXWU91W9jP-MZ4PC0TuGhq7d8iC8ZiaNzwkFOapL0LZ67sMh2G4FSo07ROlywzfDB3uFsRZEd9OB4diaAgHJIPMEWeAZOK_rMGzdoAVU4E4v_ylw&sig=Cg0ArKJSzIod_-EnOs58EAE&id=lidar2&mcvt=1010&p=164,436,254,1164&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1960767943&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699025132336&rpt=543&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E7CF 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHxHflNDfRzEmmofAIxnZASWXl7BGQmNSZbG3v_oQ3-Ld9aivOW4j8oJFW_UdUfch-SbWhmN0b51kdPejwSGUq94YPpd_B6lH1GEQFZmCMfYkM1_GFkOsEwSOexHmBwMg9TysJipkuWA&sig=Cg0ArKJSzHLNjduBt_RUEAE&id=lidar2&mcvt=1012&p=860,1124,1110,1424&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3014394236&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699025132374&rpt=452&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame D720 6 KB
2 KB 22ms
21ms Stylesheet
text/css 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2009
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame D720 70 KB
25 KB 16ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 136427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlizg6mQKQz3NNsVFCjUwxGI98ttOcEgk7GpjgocV0Ufoljq%2F0Pc931vBsIeP3E7J1sQ%2BQ1pammZTrkIPu%2BKaLWKwL4pnyQsNhIaJUBXiHPjsfUqUnKf6W09SqMu4Tss%2FxB9Dh1kyOGyS6s%2B6hnfyg51"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8205a16f3ecb2c1a-FRA
expires: Wed, 23 Oct 2024 15:25:33 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame D720 7 KB
4 KB 22ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 165815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLOoQ%2FbPKxgFKbuXmuZN06EsYCNUegNt3S6Mku%2FQLfdwoAcDxxYQ2RmsFtj2TyyY2D0eN%2FB68G0gf7FBHyxeSZJfc%2Bxk9x3Yr3JlDoiozHOESq9KoZWUc6fgYWK7%2Bn36fxRlNYz9Xn03buefsR7G46R1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8205a16f3ecd2c1a-FRA
expires: Wed, 23 Oct 2024 15:25:33 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 2 KB
1 KB 22ms
21ms Image
image/svg+xml 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 20:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Oct 2024 20:29:51 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 2 KB
800 B 21ms
20ms Image
image/svg+xml 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 20:26:23 GMT

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 9 KB
3 KB 23ms
21ms Image
image/svg+xml 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 05:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2891
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 05:05:28 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 26 KB
26 KB 18ms
17ms Image
image/jpeg 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26291
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 25 KB
25 KB 19ms
18ms Image
image/jpeg 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25258
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 20 KB
20 KB 16ms
15ms Image
image/jpeg 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20858
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 4 KB
4 KB 21ms
20ms Image
image/png 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4218
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 32 KB
32 KB 23ms
22ms Image
image/jpeg 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32615
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 14 KB
14 KB 19ms
18ms Image
image/png 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:09:33 GMT
x-content-type-options: nosniff
age: 346561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14477
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:09:33 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 192 B
190 B 21ms
21ms Image
image/svg+xml 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:10:07 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame D720 4 KB
1011 B 27ms
26ms Script
application/x-javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 982
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:10:07 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 52E9
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

61ms
29ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Fri, 03 Nov 2023 15:25:34 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D189:83B8_91EFC182:01BB_654510EE_B62C47:1A429

GET
H2 200 / Show response
adv.office-partner.de/ Frame D791 930 B
922 B 75ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e08202ea19&subid=&uid=a86c9d3a1b8b0866&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWi3Q7RBFZbavDtOWjuwPxaKV4ASm5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAmNNThsE1LE-qAMByAObBKoErQJP0Jw4Pru2mmMNUv-5IgTndbJ5Hu5sIOVlbLSupw-rT8Z02WPAuFFPxfx2JWEv_a8DrF5Ycq29wuRkOTuwEEpwYMMWi3OR3rkYSJ5xqq95bZpnEEdFIyPutxedktYhMa5FofoBrI8AEeVujbmLO9GkYMyFj4A3HCujPRdIY8QKUEl2uBuAHd_PVROBaFWQsxo3tD25g6CS-1P3z8pGmFBy05tlfyafXS5hJSX43ktjOzXXVUSmtklsaa2aMPzUWSBpkjpDUSVdUiRHul_aepxejaMZhkU8qNllzfM_4Ed-KNqDiigql148KrIlPxuHyRq7dE9_m8ffDhr0l5VjvWLpSIjhMbZY_2_rn853n3dAsz1Tt358-vcz7fz1EFT6K_zY7faaH6l9EgWehAc-wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03NDY1MzI0ODM4NzQ2Njk0gAoDmAsByAsBgAwBqg0CREXiDRMIoL6e7JGoggMVU4uDBx1FUQVMsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSOwDICaaN8o_YR1H6nfRPtFbmB-CmTxi2Ve9NzHkNCWZXuSXB0OmT6iiSUcV31VyqCh6itXJkKbPNpauJGAE%26sig%3DAOD64_009uVU5VQxw6XxIXSpieeXaJsb_Q%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-D9ekKUlWLGtUBeVFknjondbeb-oOARYb3ROhShqcgoq4RfjEUaZz0yZbOQjQMPLPOLbMR0O6fMFQii3eGXH4RIPlFaoecAMK9XWm9T00iYEU4gdwid4YXd1AEPnTUFqJG60P1LxlDr_avElehMSx6M5SZFOa3diTYMBpBKGlj9fO7FiTc%26cry%3D1%26dbm_d%3DAKAmf-AX7W97jHTZMjMjMWFX4piIvkWDTiP8zwK8iYIr27Nf36T5gzNd-oCii2baRWOaC2Jai8n8_BfiGR52tbOrlueHEKKLWRL3BB8fs6-4rYkXbaR7loE3WjlV33OIFHjGZp3g0dH9-XPbu0dEY-wK8wh3E6mbeO832ffu1iWMy3jfG8lZC2xd5QgUhypKmSq0m3kC-sZENOhzp-GlOrkF3v9_dcTt4hBTR39x9NvE0SHTiYM6PsI_w8Sfv5JW9Yh90WynHNlrBVvR0GUFWamYCImTkz7jLBtgx2NJSaYMJsfg5giq3DQKTQYVfyBL9fhZHXLtv8GXq0kCN4NAPcC698bSt4BOP4r17iaJtDwejwSTxufK2chYPYYlorCrwRDXqAr6D6Siv_mbEv1jOj2iQ-vj1wQW15akThBstIegZgCldC3x1KvyGYhilNLPrF6DXLauswpipkLfQzUN52QhBv102tRByFiF1g5k98Ii3OQ552dgDRAeufRb-mmJQGLyvhmvwgCQm2VwusLrkCb_CBUpW8NX7cQO7HQgeNQguWNH4FdLkgAVRjKnP7WIuKftB4wK_F2pXho_5xBIPCA3tT0NnfA6GNU0Gc4N1JY-eLxmQD6Wx3bdHeN-ew4rC8bYAbr3DQ_rUwgpESNmp8tP7AflDVJHrWkOfLq_rg6tcIc78mmC1FjtOFRWCS-l_fprDYfS7Hm5ZIQlYNmc3x2jAa_SDtk4c0vdafX1YaJ__PkVsI3rhf5Ti-FN1Ywb1eXIU4LCeT5b%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=9710500231979&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 03 Nov 2023 15:25:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 10 Nov 2023 15:25:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4AF5
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23ee&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
201 B

75ms
32ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23ee&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Fri, 03 Nov 2023 15:25:34 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23ee&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D189:83BE_91EFC182:01BB_654510EE_B62C46:1A429

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 35C6
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

45ms
40ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D189:83BA_91EFC182:01BB_654510EE_B63F9A:1A428
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90737500104271904444552012497017&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 35C6 43 B
665 B 239ms
71ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=90737500104271904444552012497017&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D189:83BA_91EFC182:01BB_654510EE_B63FA4:1A428
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame F09C 38 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 14:48:09 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame EA4F
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

56ms
39ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Fri, 03 Nov 2023 15:25:34 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: B2A2D189:83B6_91EFC182:01BB_654510EE_B57827:1E879

GET
H2 200 / Show response
adv.office-partner.de/ Frame A35D 930 B
923 B 66ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=6eaba14d2c&subid=&uid=483995e1dea8c794&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAk3W7RBFZa-DD8aYjuwPnded0Aim5b2gae2NnKfJD_AuEAEg593gbmCVqqCCsAfIAQmpAtfMc5xG3LE-qAMByAObBKoErgJP0Nc_h_kW6fY7sl7AjYpn-rG689F5nWNLiPqk-FFgaj-7JuBo4AjNPrU49egRWDumOd8SkMCBvbR8FcqheHvMpDNi-zLrFECy2VzOZBSuUxflzYjylWaieJGhFMdibsY2Grsc1oKxEPoEgqZ3e0iNVOTCR5lPwgYAblEiMun0YAwj95AskYzL5YtzkAp2oCe5i4z7qiH7eb44ktKYueqP12a1kUN1NMgb84Oh9p_qfxDzIwfsw5vLHR8aFZFF4IOG1jtLTFLNON0rFi_yC7O8o1WDauQoXtjzaw2WuK5UcJpkaSdmRwjRav-Y6HG5hvCzbdPotgAWXVKKTHBfSyHsUWNfSm2ibnX0B4PZYdh9I9MBHNKzkS7t1rjQbh8FzF_KxUhiBgqar1ut9EAuMMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzQ2NTMyNDgzODc0NjY5NIAKA5gLAcgLAYAMAaoNAkRF4g0TCOiSn-yRqIIDFUaMgwcdnWsHirATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNq6AE2krdzSuHcNz8WeqkCIzL0fkSfaVmLt5GC3r0qogPKA3N76Dd54aIIs_-uXlwoNhTpoUPGAE%26sig%3DAOD64_2OFDvUSsb84rmKR55hjLSbKppNqA%26client%3Dca-pub-8731210765202237%26dbm_c%3DAKAmf-APNQevFhiHcNyKQEm7SlRyguhnTiWMBQLpdko91X3CNhzJFEFOZQVePDgI8wqxMSfdJhjfOXsxddMuzCnkfIJKwYDzkgWOILDvN9J1-v2pOffF4DEwe41Taa1mxEbdZmsynhiXYoUwFjB2NkH_HjkD0q4l77BvxBxQpdL66Zg_Ad7TEps%26cry%3D1%26dbm_d%3DAKAmf-Ct1bF2nZXwYuyQFBdhEgCvR23cTgE92mKfTVoyIUG6UCmK79ygH66BrTDRliLvgcs_pJuWFYu0FA-xiQDpPVeyMeXNlx6VwkKiew1leJugL4fzmIN1nqtN4WtZBzOgXLFzMy-EUbsp4OIphEWgV2NGrGJAzLrCTSpU538mSngzKPY1IyUIfdjg-Y0m_SJbtF4rs8rSXtsVmR3TL4mHGyVJV7OUTlA3qyz2kXfdKS6tCaI0yqVCjScK9aNKyfRykA-zHsz2gsqP7xaOdXD7vRdt30G-kv-2WKx-9hE9jOI-JbYir7jsx4zj6VPOOBq_j9uFryS1LzeSGj1vvRMX2PGoows8KMv-EaKuYP_PiBZa2apO3BfJLqqUNLAJkZqGL-8neKyKesXN12PTZ4h2myi1Y9W3VvIKisn5_lwY3K4jycx-6pRWSRUgxcC6GeGelHECBVisu6hyekFHypFK3lbjdvRMCb36L2sFVcG7xQ2QtiqOes_lBXQT19AnVDqSeMFeoTRvcV7uRKSScIaFIY519T4BbJn16jqE4f5HUswZrQ6Sjr4sZoLicR_BFHGUNvhWSFaQMEQr5rYwsJYBwK-PMGEiONeLOhVV--gWsRsSC6GjfN2kVuW1IZfe61KSN7XXRqJzb5DmN5c42X8B9QCyDw7xLGKTB-GWb0DX_yKi8KOFmPl8krkAOrS6zxBteOhcWsHcFT_WMm8Q3_yYRwv4jMppbzAgohpHhfzv3nnsVYKrVDqgYSX7opXcGRAvgRhYbGKD%26adurl%3D&documentReferer=https%3A%2F%2Fstd.stheadline.com%2F&ancestorOrigins=https%3A%2F%2Fstd.stheadline.com&random=5045750574431&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 03 Nov 2023 15:25:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 10 Nov 2023 15:25:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4319
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23e6&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
202 B

73ms
31ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23e6&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Fri, 03 Nov 2023 15:25:34 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654510eee7e41c365b8b23e6&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D189:83BC_91EFC182:01BB_654510EE_B63284:1A42A

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2969
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

0
202 B

29ms
29ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 03 Nov 2023 04:25:34 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40027
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D189:83B4_91EFC182:01BB_654510EE_B57828:1E879
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85871400096651404444552012497002&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 2969 43 B
665 B 220ms
62ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=85871400096651404444552012497002&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D189:83BE_91EFC182:01BB_654510EE_B62C4F:1A429
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7573
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8731210765202237&ias_chanId=1&ias_placementId=20496570232&bidurl=https://std.stheadline.c...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adContainerId=brand_safety_7RBFZezPLMbnx_AP9ZawoAw&cbFunctionName=goog_wrapCb_7RBFZezPLMbnx_AP9ZawoAw&true_pb=

1 KB
1 KB

16ms
14ms

Script
application/javascript

2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adContainerId=brand_safety_7RBFZezPLMbnx_AP9ZawoAw&cbFunctionName=goog_wrapCb_7RBFZezPLMbnx_AP9ZawoAw&true_pb=
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: vBWVP21J15tPY2s9w9TMkzU6H2VI4KIK
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
date: Thu, 02 Nov 2023 16:01:52 GMT
x-amz-cf-pop: FRA56-P5
age: 84223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 26 Oct 2023 16:01:50 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: EZ40_X3C9jDXeT-3oQHqqvjw_Mq3p7j4QsQkXjd5CoSKSs-ETISfQA==

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gWXzD52NMLX4ivVkTrcrE-&ias_xappb=&adContainerId=brand_safety_7RBFZezPLMbnx_AP9ZawoAw&cbFunctionName=goog_wrapCb_7RBFZezPLMbnx_AP9ZawoAw&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5B37 91 KB
23 KB 50ms
13ms Script
application/javascript 2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3770184
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 92CdePUg7iJ07-oeuf_ngk38IwgmKUBRlWTrLPNasE7Ib5x7s4cwPg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7573 43 B
216 B 360ms
104ms Image
image/gif 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c7606e46-5d83-be6f-f314-41da4b979fbe&tv=%7Bc:sVeX5l,pingTime:-3,time:114,type:v,im:%7BpBlk:92%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUyQjwp+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h*.1627455-73523879%7C1h1%7C1h2%7C1h3%7C1h4,idMap:1h*,rmeas:1,rend:0,renddet:na,siq:66%7D&br=c
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7573 43 B
215 B 339ms
105ms Image
image/gif 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c7606e46-5d83-be6f-f314-41da4b979fbe&tv=%7Bc:sVeX5G,pingTime:-6,time:135,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:135,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B127~0%5D,as:%5B127~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUyQjwp+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h*.1627455-73523879%7C1h1%7C1h2%7C1h3%7C1h4,idMap:1h*,rmeas:1,rend:0,renddet:na,siq:66%7D&tpiLookup=ao:std.stheadline.com*&br=c
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame D720 8 KB
8 KB 18ms
18ms Font
font/woff 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:41:12 GMT
x-content-type-options: nosniff
age: 168262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 16:41:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E1C 0
23 B 66ms
64ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5eEX7RBFZcrMJPadjuwPma-vkAsAAAAAOAHgBAI&bg=!z8ylzIPNAAb4oU7C2KE7ADQBe5WfOGdh4O4xVE2jkR3GFwW0kxyHYc7hADqsYWoapEUqTm4w1O8tjV8L7rm_npNrGUj0AgAAAP1SAAAABWgBB5kDUr63qz7hW8toWuRU8rCZYN6l8sKWrWpjQ3OzyAFvWtEf8vwYXOwLG3hVkykIeEAA3W7HaX1nmTg9plhz8NsRLBz3VTKYc2Bvxjk-JuQBxbIkr8g9n2H-GfKzxYeS-BRnzsNNkuB2QpAV7vJpqMG4RkZNfXg7ZBXO-L_MMHTBjBrq2VbgWGiHAg042yVj9Rga1lTb4TxvrPBkvtPqUTstBZp4zawKK4_4zRICxDh_s_hjh8J4wubCwlxiYT0bIuiqiGB5SPjGhOVHBB94Z4_CNWubgdLPlYocyfFAAZuZa3FsSN3EDLkDevYG0s7dRAuDpSE_Ybmav_Hw61nd6iPrde_lfZMQakgCv4K52IozGrwiqdOdMAwItRyLLHfw6R6IMnP5xOxZq6TMJzQY_ehraPIWQO_XUZFUT6EckYEkCxAkvVi8LOUmBEaIPXGGXvlPuiwqrdRP99Po-gzbtnFERLQvfFZl8fOY-LX0mxiRbpGqC0l1q8WBjcDtSSLSEFWW2z2o7KC9_wnhthnZEfpA57fwIrU7vMMFv5QlgHyHcKh8XAXNdKBHuUQ0mALtwX3XymJG9l06vmezmHhXVVaJjspVbubJUy3YcJHsgswc6oORZFHlNMZJQO8S7otb92GAmrlfG61A-WbHrCuqLjA9NSFy2cahSdpJZC5o-81rAHUYML73aAH_tFOE2vFvE_53zfTM375eNaaTSLDmSf2regLvvmyj_fcSCfHwWj5nC1UxOLU1oeQeKHRfAS2mxZTjOeYMuxHpIP3GPMyfB5ObfJEPjC26VnWEtqwwvSMLWt7pm94_x3IU9tQQTn9q0sf7DV9YcvwQ6IPbvpmAoPWijFrEayz-VD2vY5MGkAUh4MvwGvjFbanKsNI-07fksEfWwuI-IwcQbsvKvTUv2FCmFKHq4c0lO1HrE3gOOETMf0vUytqoNEDE0hG5iyYUGXeUl4IrmMmScRYS1Bq72ZGeJ8n__dgoa6btMFjvYWx16CcrWId1XCmluy5erG-UlUidU6VDKXpEdftpOEJY8BYfieOYYEmZ77dUJa3Ykhe9yVUSuSaI9oaaSGd6WgAejJ0X_SlB9VktIJ89zFdbEc51XpD6UF4MSU9DbmHw37iOrZO7KGk

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame A35D 175 KB
63 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d40c7cc22f2317bda26cad5e1105eb1283acafc08b152f9160106b16519f49b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64036
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame D791 175 KB
63 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34c74c37b8d29fb698da762ad0f62f8323896539df242d442a54f434e1f51d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64034
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7573 43 B
215 B 294ms
106ms Image
image/gif 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c7606e46-5d83-be6f-f314-41da4b979fbe&tv=%7Bc:sVeX6s,pingTime:-2,time:183,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:531,beZ:532,mfA:535,cmA:537,inA:537,inZ:542,prA:542,prZ:589,si:596,poA:598,bl:623,poZ:623,cmZ:623,mfZ:623,loA:666,loZ:670,ltA:714,ltZ:714%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUyQjwp+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h*.1627455-73523879%7C1h1%7C1h2%7C1h3%7C1h4,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:66,sinceFw:116,readyFired:true%7D&br=c
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D597 42 B
67 B 53ms
52ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1LDRko6JuCFtfchKqsGSFjrDO8_36PcVM0JCinraYMg6PYjS76zidXE4WWFbNm1lXmSgRAL78oV1OZXxykDZljFQ4N7qMWst-Pup40WbvGdHIceN0w2UlU_Vnc8a4dl0dW1PfzBB0yKP5&sai=AMfl-YSeF3EB0-lrPIWdVF9Du25nDOKx0ObOw0xkkryIps76KPMGp4-znydFqRTprHWZZS9SLfDMjNmsNtAFqdVt8QRdJsAYW8QwVE_3FvOlgkHehFBJmH98t8CfVhc&sig=Cg0ArKJSzMzO3L-gzecDEAE&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&id=ampim&o=650,510&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1095&mtos=0,0,1095,1095,1095&tos=0,0,1095,0,0&tfs=705&tls=1800&g=100&h=100&tt=1801&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 226B 42 B
67 B 59ms
59ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-d_agQ8z8Q8wmkO-vtNhaUH0c48mq03zzn56HRxDYrKdpUJrucFD-a_V7F_upVOfz5H4VvkdbOqx27XLLHdNGuaLb2VTTBFWYn3dYCTBz0gd-qZCnBpZd38FDy_K0cMLtNWncYBEU-wDzuQbQMASqN_bd5zBNc-QC87FgGaU&sai=AMfl-YT00oma0c9hAXjg5xoYAgZt3wWc2CFvUhzROjjFk8taZE3FI-4d1abTLqpRaKUNAAxohO56gehDzqBS2tPMJe8J9WKN9LN3sqCfhZjT7nqoAav5toRMI6jSZ4c&sig=Cg0ArKJSzHxdLyoD4ruhEAE&cid=CAQSOwDICaaNOuj2eDaQK5ASD7a-yaYhA1Gp4BRYJ_iZRgHTI5kg_3JiPZizhvi2R9sf53qajh3cqfLvPwPRGAE&id=ampim&o=650,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1097&mtos=0,0,1097,1097,1097&tos=0,0,1097,0,0&tfs=698&tls=1795&g=100&h=100&tt=1795&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7573 0
0 55ms
54ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGlGgK3xZmj1KY9ZOAQrusGQ10QDryq9FaOAsNWPImjAVI53pfl37P3didF6jE7lBkLq8Wf4ki3g4TgtUmpHSCJEdDq-aWLjcsOIvqpoyQD5Q8t7K2U2y3g-TpI3BnQfzb8cRVaPwABVmZMWKgmJW_vauQhyzloqW20nn5thR3sjWkd5u9eAZnbE0MiQKGM-BAUdIIN_5ME1hA7iVxxDAW77_A3ZzCTU6HTeqDy8ITgEtuL0gGc_Zir8dCV3t5gS9Gmih2NPqNK6bT8anWf8zJp5Gzt_krABmu3gADlgMCSXbr65tLWNJHU3Z4oItNZtOS6eaVF2g1x-PknbHaNUI8LgUgX9qsqdFdRAJLC-MbkQNjvY-DxXuRp1dm0bHF4IKe5eIG-o8mlWOTBv_Loq1AQpASP_Avo44PnePyRnMr5NTWQ6Kual4RvNfFfU6IlxjPxyyD3yI5cG9fJIuYMbTCi9iiDOkjeuH1mQnCVaLzfv9OUtxBQ1RyV0PpMpS4Qs_xvxg1mHSP5bVhuVJfDtIgtOmSYpt-X-zAxH4TwWHurGyx4iOxeHXKav7cG-_G9UKq1v1LNZfh-aVK3kjc4jo3aMTuxwN6_mjPmjMbUDOje4ZMw-bDYwjWLQOe9pXUDuC70exKf_Fcabc5mF4U0wadmqktmOIv4Qxfos7b7zGXBnlT5B5z9HCNvajHNxDKC9IbmVeBVYlcHscvSofYwZXcV4vkYr-6rLqZVb8rJqejGDfCCzlnXbJY-7ge1bXEcPvBLECwjcmsf7VQT5L7iSJFs9FSS9EZTVPlc6AmddPZyAE83A1ckbbsfGIF8TKOp_EKAbm7hmE8pez6fz0BgL5kB2Wpgs-XDNgcak3CvkTBm3_vODSvB9glyzfwhJZTMO6-U7-NvgpVyM9q-Bmo0xFSvENOc2uDTUJ7uyvWMAYFFHjXEXFHqU_jcj91uJ9j7DDgE9Yk_lEX01VZ1N9yEFbVPTmsEPWYh86ltiaAo2OxvL4gv836ezjJdXNPVlvczprRJwvSMaFyr2UYVdlUbFVvhk_sZU-AkqITMBp79Lej-SGWDlyW26mViw8eq-7XIr18FvWdIXP3eBWHxz56rufeHnSV_sqi000nADxfVQzppHwE2ULlA-gkDPeG1M0J2TrvprsID_6X34cBH6X0qVtM7216a2hTqY3NaQVLilrTvxbSd5xbTQPiFWSmIe97J9uS1yW1FdJAnnUwlsIZ4tuBuHdTVBcyrnE1DMJigJX_cJ4lCzHVf8FXzP2VokQ5cjhqHIQrlyCirR-0T-E6eeCwme7w72X8LiC4tsl_CHpUNZyAyQ9No_IxgtLZ5pIuFex_hOCgddSEGpMI-T65RBYRITgOGMDRca_F7xtKctne0WLtHXMiRLzwGRCm7opsVNW752nEj-71XC14sKgIK_2Z9-rrzRo2kiE6D-0M0l-uDh38nQd45Tlp_FpfztiEC-ns5HhMGKz_SQ4R83UoT2huoQpxX3WHo8BXDT_PJPcP4iI&sai=AMfl-YQI8_yezHQfHLyuD26hcp6xLErHnL_IeMDySqIOH37w_0ogmcBkn2CezwKzFTxNIDzoFEpEAUaX0UoIBVp33oZmOc9GdP84Ptb3TULrrd0EjJDx-ld88VfNJlpWPzPYZxKr07OgUO8bx-iXbPs5q1bXPYLCPL_pLxvEaSYIxY2WR0c7EjXN8rQK0Oh182GZSXAcsqK1PaLn6MkgFE3cAqYYONzlIey1DhI8ZPF49A6dtgt77BI2_FnM0hpSTVJwUXgd&sig=Cg0ArKJSzBhJmnleSo_mEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=477&vt=11&dtpt=373&dett=3&cstd=100&cisv=r20231101.35553&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ 35 B
413 B 427ms
103ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A35D 274 KB
91 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c78a5580d96f380a9da98718022e91fb9c8d45e940af987d8f08d5e761dcde3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 35C6 2 KB
2 KB 161ms
93ms Script
text/html 13.42.240.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=90737500104271904444552012497017&nw=1
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.240.154 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-240-154.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5add1380d524da43983df788068d8141c194b6dc008ecd98e18bd483a7ed2ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
last-modified: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 03 Nov 2023 15:26:34 GMT

GET
H2

200

activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37 Show response
5994599.fls.doubleclick.net/ Frame B319
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37?

390 B
325 B

59ms
57ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37?

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

ec9661e7fc7543cd2257dcd18df85a7a5f69c9df499fbf2b516ceeb77e6d66ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Fri, 03 Nov 2023 15:25:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 1EC6 7 KB
2 KB 35ms
12ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: f932b7d32f5182dabb2b95c70830a5610f4cbd77d30f856e14aa08a0ce6fd7e2

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2085
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Nov 2023 15:25:34 GMT
Expires: Fri, 03 Nov 2023 15:25:34 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1E70 1 KB
648 B 14ms
13ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 04 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D791 274 KB
91 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

021509f9399fbcd701f39d4c06193a064742120110303f0b45f5d2cf4c2dde23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2969 2 KB
2 KB 71ms
68ms Script
text/html 13.42.240.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=85871400096651404444552012497002&nw=1
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.240.154 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-240-154.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 3d2552b8d86003da01dcfa395545b86be4cdbc7667b3c45551a367d42a1b1ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
last-modified: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 03 Nov 2023 15:26:34 GMT

GET
H2

200

activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702 Show response
5994599.fls.doubleclick.net/ Frame 87D7
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702?

391 B
284 B

61ms
60ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702?

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

67c1744b90c74b21e47bb6ea7572589bc5eb2e9afe8bcfc30fb3faa842a347a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Fri, 03 Nov 2023 15:25:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 15:25:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 360D 7 KB
2 KB 44ms
12ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 451de98803785192aacb62cefd63530fe88c6fb838fd6d7164feb430d71e2f62

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2072
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Nov 2023 15:25:34 GMT
Expires: Fri, 03 Nov 2023 15:25:34 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 37C8 1 KB
648 B 21ms
21ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 04 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB10 0
23 B 54ms
54ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8947042749768&version=m202309260101&ct=76&x=1&cor=10134606371858720000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1EC6 5 KB
682 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 13:37:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EC6 13 KB
13 KB 48ms
15ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 53a5310c952d60a16eb2eba131663a7062aaff9bd8b4bd3581210e105b439964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13086
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EC6 13 KB
13 KB 48ms
16ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 29db3d00ec9e324c6474a114727931b7c84cfe269e9c9d8af2b71bafea5bfe72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12957
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EC6 11 KB
11 KB 102ms
78ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d829c1b5edf8c9d1ba807c3636dded78bf12d834fe2225cd47d22c286926d0df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10695
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 360D 5 KB
682 B 30ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 15:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 13:26:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 15:25:34 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 360D 13 KB
13 KB 36ms
13ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 53a5310c952d60a16eb2eba131663a7062aaff9bd8b4bd3581210e105b439964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13086
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 360D 13 KB
13 KB 37ms
12ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 29db3d00ec9e324c6474a114727931b7c84cfe269e9c9d8af2b71bafea5bfe72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12957
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 360D 11 KB
11 KB 126ms
101ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d829c1b5edf8c9d1ba807c3636dded78bf12d834fe2225cd47d22c286926d0df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10695
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27A0 0
23 B 50ms
50ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmV2j7RBFZeXfKaa07_UPzd-V8AIAAAAAOAHgBAI&bg=!-fql-rXNAAb4oU7C2KE7ADQBe5WfOFUqTrvuE188TeT36AGn1_fdgzF59QuxvU77Y-ZqsjST5DplMnmJX4zSZqcHNm3hAgAAAhpSAAAAB2gBB5kDQUyAIqYZOMtl1i48ThYmI6HjcGma0p1ndsLgWya8xZOvno-hZAs7UVmCoiQAiFsyhowlmYSquHS2sXeKVufMgW4x3aeqTl99u4ElCxbtwvuJHrnUODVaM6B22EM7m0QZUR8D21uy2FjXyrcdfNTZWWDkYsb47OQfrBgNUFQvWzNqn25AzyZe9egZj-XlFEAZGSegYEga4IPvUpkzta1gSPzvop9aaMo_x6VYdpv84oDIqL0EMlEfnBYvthK26CfsrckXQZtr30hWbnmo0H87PJWxTvzdyFneTfk0NcVOml-_rEU4qRZjYoC-r41iBg2Ka3MdWaZc5YcIrq3VQfDxkWQsAQXAt28gg_csj4hJgcoBQYrWgE0f1NrZeiMchPtNOEP08Pouw1w5rAnPuuwDtFqNusRBC9uY3mhwzIQa_OWdjA6RgkFdaYWyAHWlqEJDWbKPeds_dmEHu08o40UOaz4gauuziKayDH0bY-jlzZvysOpNhkFywl5GTU0GcQTULkyb6qSWkvSAO7yWP_mL472F0GlGoS9YELPQlGiPWDKERmBTPp9idwD6M8Fs1FeN4Rc78WArGw-iXgPlVKvKJIEIDyS6qLKSZb7DsfJ_mLsTwRy85v4_FXT5iUOFj7TCDLz1RdsIkblQ6LfhXC_yhwXflC2x4nhUt1ueLICgXHw1jLnvQR6V4TAOu4NQJGMf9tXdUGtFjStQtqsk2j_hWxJGCRcrVZRKPOE27RXi1OX9v2LwJHEErSGKP3bR-B0AaHNt7NE33VLsZ8ppTscPR7gn5OjrYmm4inQR7YEZtzNmkwK_bbfcqnKhtx24AcvFYkkxN-F7_R9ZNhyM6NqgA8otbXgH2O6vt6GL4t5UxDX43ycBZJXz6aZtsWIHBMFLhVPVcmtb7eXI2Tpb1CU4gwl9FB-fFTuPlwVkFESYkObkGdScDXbwXNAkxE4BB3i3jRhwHLGPHPoAL7c7PtxrUlta2b0B87jkdClHIjbvHGU8HZr2lBTM6-HAcAkRcSjzdg9Oj-DK0LNRNgn232BKeDcfoxC8qT111slgHwaoAcKLjtgCRoJB4g4JfXCcgoUxbAFzbpVmxM6WBhznS9mHGdkn

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E70
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OW94Q01yeFMxUVlXM2M1&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvC...

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OW94Q01yeFMxUVlXM2M1&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvCleFzC7CXbNnJZgKSJ01xItBoopIOeLBRG3Q3cAmozofTAWHHkVRzm

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 15:25:34 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0de411db0dbb18bd6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OW94Q01yeFMxUVlXM2M1&google_gid=CAESEJNG-GMKD0FU64F8Ex69GHg&google_cver=1&google_push=AXcoOmQY2iudLhL245HGJRcDGi4iw3IDZldUjZjq4gwHLvCleFzC7CXbNnJZgKSJ01xItBoopIOeLBRG3Q3cAmozofTAWHHkVRzm
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E70
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI6ddV083PLMGuhLQuDrF6w&google_cver=1&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8ARl-S&google_hm=eS1lTmZ5dTZGRTJwR1A4U2...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8ARl-S&google_hm=eS1lTmZ5dTZGRTJwR1A4U2tkVS5nZEEzMEtxTTZWRTBvdX5B

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR1w2bl5GGdGlSbv_9N1io4lLPSDCIGXlllU8zbLcSvXtgIacu5dzaGoOQynLtumx9QpTvx8XQbJoorHahVNkUNUG8ARl-S&google_hm=eS1lTmZ5dTZGRTJwR1A4U2tkVS5nZEEzMEtxTTZWRTBvdX5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1E70 43 B
245 B 82ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELqpuYNWJcIjdlk1ZfI3i3M&google_cver=1&google_push=AXcoOmR9pBNApvnVvLFfywXPtWgL5y4spDEcTxmxrfqtsna7hUJHMUc7mb3NAoedzbzAlXqt0hBoTFPIiHWqKTdG3uOcO-Gm4U6K
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E70
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmSx7oW31xuEg6EwkiXAY7Y9X4gvHe0Eg...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmSx7oW31xuEg6EwkiXAY7Y9X4gvHe0Egf7OlsG-HoHivFUJG_iOWm5lLD7BVXecRN0y4m0-8QXj6O8i-vvLSg2-Tb0Naij7

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28frLvuKwkrfJ7jjSjSPQ%2B3wBjOXVsRBdKSNI9ms8C9p%2BGt%2BBCY2%2B8L9mChtI7S1FsdIDQKQpgVCMp92AN%2FDIk1nDeSRXes71vLhUJpSHvErI0Luoa4P2xQnQsSUin%2Btj8vDCW1CK%2BGtVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmSx7oW31xuEg6EwkiXAY7Y9X4gvHe0Egf7OlsG-HoHivFUJG_iOWm5lLD7BVXecRN0y4m0-8QXj6O8i-vvLSg2-Tb0Naij7
cache-control: no-cache
cf-ray: 8205a173bf0e37e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 1E70 43 B
199 B 160ms
37ms Image
image/gif 54.72.250.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEOLLIM-unRdXJbJEbg0CmUg&google_cver=1&google_push=AXcoOmSeTITlW4FJwru9v8rz-8YLy3vS0SbuuBiC_Vce5WoaHO_DJTbFULpIwPGv-n3Qxh5oH07MgN3fpEqjijD9DFCz-059egkr
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.250.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-250-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Nov 2023 15:25:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E70
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-761951b0-0817-42cc-9993-de504dee138b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRFqCEZzcTMReQ3kMvE3...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&google_hm=A3YZUbAIF0LMmZPeUE3uE4s

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&google_hm=A3YZUbAIF0LMmZPeUE3uE4s

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRFqCEZzcTMReQ3kMvE3UrI_peucCp_p9LEypc-_gHPaSeTzTdsv7JFOLPGHhJIO5_cdh7GJI2YyvnwnGS8ZtGtHhkl9Tg4&google_hm=A3YZUbAIF0LMmZPeUE3uE4s
date: Fri, 03 Nov 2023 15:25:34 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX761951b0081742cc9993de504dee138b003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E70
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9wo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9woMeipwxNCAg4urDQgk...

170 B
188 B

40ms
40ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9woMeipwxNCAg4urDQgk5zo8ekFQMMNZieLfU6dvnnffCzLc59iaSEB5hujVD9EZzXU-nrtcAtfCBmQ_qWWdX49Q

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
an-x-request-uuid: 62cf3bac-f34e-4793-9abc-8dcccbec3348
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTUxOTUzNTc3NzM5MzM5NzgxMw%3D%3D&google_gid=CAESEI5Oz_iiSHypNOcBX5hsxzA&google_cver=1&google_push=AXcoOmTNWzs7yY9woMeipwxNCAg4urDQgk5zo8ekFQMMNZieLfU6dvnnffCzLc59iaSEB5hujVD9EZzXU-nrtcAtfCBmQ_qWWdX49Q
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1E70 0
12 B 21ms
21ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrJG1cegeCd067-TKtR2MfHYBicPR_buOvHOW9MH0tCvT1kFsx5IWaH4Z_yEx2P-eSiebuPQ

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37
adservice.google.com/ddm/fls/z/ Frame B319 42 B
401 B 89ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOB7uyRqIIDFUOLsgodHBMD4g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7013147909053.37?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702
adservice.google.com/ddm/fls/z/ Frame 87D7 42 B
107 B 89ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6F7uyRqIIDFV1VkQUdpdcIbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6963976949440.702?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 37C8 35 B
463 B 42ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFtyfzX33py8uERtGeB1MhE&google_cver=1&google_push=AXcoOmR9zSrSzAse86_iYC77r_Q15kuyKaYLeSKe0U9aq6W2WDDlkFOf3Vi-9xEfjOsmob8_rSAgRvdYI9sG3zL3PbZeVXrfAXQy

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37C8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmRasn6gmJoAvu4OljTG1ccYOx3g4r...

170 B
188 B

40ms
40ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmRasn6gmJoAvu4OljTG1ccYOx3g4rOlc249OdbkuGTL2pObBRkKfVNTYbuWnGiziNRmOG3GEp4X7EfyuMyJQRN4khIjfPw

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220055-FRA
pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699025135.676253,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVVUTZRQUFBTEs0bVFOLQ==&google_gid=CAESEK28eUTu8eOHMWpImHbsZGk&google_cver=1&google_push=AXcoOmRasn6gmJoAvu4OljTG1ccYOx3g4rOlc249OdbkuGTL2pObBRkKfVNTYbuWnGiziNRmOG3GEp4X7EfyuMyJQRN4khIjfPw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37C8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEELz1bpsAmskqSn_EvLQoro&google_cver=1&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jjRPtYMIKNYlYY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20878A7D028E49F988FD00F48FEE02DE&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jj...

170 B
188 B

25ms
24ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20878A7D028E49F988FD00F48FEE02DE&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jjRPtYMIKNYlYY

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20878A7D028E49F988FD00F48FEE02DE&google_push=AXcoOmQRFf8Qy7ORaGH-xlqfET2KaMURMxPsl5y1VQyc7UYC5-TvZJFlaDJECbJA8Gvz4xReRKfMwE5B2Xjs4jjRPtYMIKNYlYY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 02 Nov 2023 15:25:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37C8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBXJjQpknRfK84kYnC8SfTc&google_cver=1&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVO...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVOXGgkPtfI6cdm

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVOXGgkPtfI6cdm

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Nov 2023 15:25:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=F3crkIa6Tu4CX465X57KBw&google_push=AXcoOmQ2sQN55xR0XB3TwnF1O2uBihc5sYNzbkUyX_qjt0IQAjxFbjCrrmqZMy2s5Q2gPV-wYV-2aXwIOrOoGVVOXGgkPtfI6cdm
x-host: tde-deliveryengine-production-bb588bf9-vdm97
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37C8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmT7UltHF5GYJk_161Buf56mJ_Ou8Aitm...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmT7UltHF5GYJk_161Buf56mJ_Ou8AitmmCZnR9YWKhvuCkNGJNwNX7z6oPQgbeIQdkeuy3sIb6zWV_QreHlMB6z--MuL-C3

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8nE9BkhYR3w1aNB%2FZR2nO1wwBWDlkECSafh7UKWjpR3HzbAX8zmz6bBHGbcinjCvAsP2s66fAkRD7Q9OxJpK6Ok0PoSYPsoPP1lW6GBy3bDu6Q084nQ5kNmn3q9goIviVB8GscPbW02Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBz5ot6sPyu2MDzcB_m1-zw&google_hm=ZUUQ7eV5ERniz2bieDazDQAAFBwAAAIB&google_nid=index&google_push=AXcoOmT7UltHF5GYJk_161Buf56mJ_Ou8AitmmCZnR9YWKhvuCkNGJNwNX7z6oPQgbeIQdkeuy3sIb6zWV_QreHlMB6z--MuL-C3
cache-control: no-cache
cf-ray: 8205a173bf0c37e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 37C8 0
75 B 154ms
21ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJD-CAkf8LWNuQwooufPX9Q&google_cver=1&google_push=AXcoOmRL5tLYV3TWRvMm4ymUotAI_IDkzNyKBb1Nc2ZjVGu8xAq7aEb0GwRKHTIzPD0V9-nkuvj9aR1t6igRV0DGQOZDuM4h5Hw
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 37C8
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEf2gNK5OAzAvUscTSdl_7I&google_cver=1&google_push=AXcoOmSEfvx1NDgGbvkBvpadyq7MWtJqdHlMsNLPGT71fxU0Y1FMOlyS7W4OneFndaCa2tfLVhS0lwFFOQC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEfvx1NDgGbvkBvpadyq7MWtJqdHlMsNLPGT71fxU0Y1FMOlyS7W4OneFndaCa2tfLVhS0lwFFOQC0kIZJneY1NPo30a7_yQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

15ms
15ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 37C8 0
12 B 28ms
28ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzRfJS14LAd-ZiBfhWn0ELpp9kbza_u_2jly70--tMPz3lOeSRsJqUGrCpnCLXsEuKiZ8nXQ

Requested by

Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 1EC6 0
150 B 56ms
16ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=90737500104271904444552012497017&a=2fc18719&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=90737500104271904444552012497017&a=c24fd415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2969 53 KB
19 KB 100ms
27ms Script
application/javascript 18.66.2.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=85871400096651404444552012497002&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-109.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 06:34:19 GMT
content-encoding: gzip
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 16:51:16 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P1
age: 31876
x-amz-server-side-encryption: AES256
etag: W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QFtWhetJsHDkLewPOqcMfsqZia9hKJJA81IPyyNcWB5H4vsIdvc5Fg==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 2969 3 KB
3 KB 53ms
9ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1699025434&Signature=hd-Nwxnu-6JrWV5A2cr1NLVOWZvXengSht-bvz7cR0YXzfYUrCibpt8tApaBP1ug0R~e19rKOOSa4mj~78Z~xY1SXvY4wVDfEBe6DLIXdhLdV2kbziTdQjTRha2HYUNnfEpGxYocm1KRx3eUPguDdEQ654S1pI~6PR4W4urFKRzWhhM8WYBTDT9wdWBROgJQ76x0w~VmUIkognjDpT7sIB3l-xvfeVnfsq3X3We1YVGMv-HrlNjhwcn6jxqL8UYngakwd4wi7dQuDraHZCtuphAZGRuh7jm1z0K27vTPRkACrwGaVjwxsuPf~Hmfm~m7crOVTIlvEKDz1p1gApFUjg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 03 Nov 2023 08:11:23 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 26052
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: wQiCE0Dj-_SKZlXFA3NHlz6eMWCfohT6nkHD_i9H_jSty7dQNSubZA==

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 360D 0
150 B 36ms
13ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=85871400096651404444552012497002&a=4fc29bd5&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=85871400096651404444552012497002&a=316e3f71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 15:25:34 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 35C6 53 KB
19 KB 71ms
28ms Script
application/javascript 18.66.2.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=90737500104271904444552012497017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-109.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 06:34:19 GMT
content-encoding: gzip
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 16:51:16 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P1
age: 31876
x-amz-server-side-encryption: AES256
etag: W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oojUWkIos_fSsTlp5uedKYJenqEq7G84ZjRe_zLpEUv6gh7pqACGRA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 35C6 85 B
434 B 23ms
9ms Image
image/gif 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1699025434&Signature=PxmbaqV3xqlZj9eSKROJZhbsMQRiGxHj1r9PiY8sSnfhgEiHKvaHwfIbK9f-11zoCXM6XqqpBY9n6PcakOq5xeNNBTK0EQx7nvRyXVCaysUH5CZSx3bJBACAp269FoUE1pduWws46~Af~b4hHp2TAPdL3Lg1L6hwpMKn5roYl2iTfDcDqgM8pT6KAPJy3pOueTr1kBuSk79Oy~4dqtP03lOo5~o2HaN05xU3TFeEheJrZSrMuq-ShScFwJ2-dfJMi8CFV~8ZMUVwmOfTNPV5eAfKgbD~YKxEs9C5VeoawVCGHainVaZkldo73xcOZUO47IOrgs4Cxi5CDc1Dn3QEsA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
URL: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 03 Nov 2023 05:01:39 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 37436
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 0s-9u5H-qj-BQyRW_2Tr-3yzjA1hgJvJoLz9riz5YeFfz0d6NP2vDg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7573 43 B
215 B 104ms
103ms Image
image/gif 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c7606e46-5d83-be6f-f314-41da4b979fbe&tv=%7Bc:sVeXfk,pingTime:-10,time:733,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjEwNSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1699025134785%7C%7C6c08af14bcde6434b167b57cb58d7da5%7C%7Cadc68e3ec772ef714cd200e23f927f85%7C%7C9c052b3b64cbc66447d6783e217739d9%7C%7Cc14a555b12b553f425a67a6acbc84c1e%7C%7C45a56a5f22e88a0aa46b68f8c77b0697%7C%7Cc0178905d8fd9d614ceea18a5f306cf8%7C%7C4268a9f0f3c93f4ea205abaca6b13af3%7C%7C1663701684,im:%7Bpci:%7Btdr:166%7D,pWait:33,pLoad:530%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F09C 0
23 B 51ms
50ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BT-9n7RBFZezPLMbnx_AP9ZawoAwAAAAAOAHgBAI&bg=!aWqlaiXNAAb4oU7C2KE7ADQBe5WfOP8gAE9EanoEN_D5jCoHjkwrR3lOGE360D8Y6DQCqmPIGydl2LUfcm6hOwuTKHf6AgAAAiRSAAAADGgBB5kDX3bKs1Z3BrJObPwhBIzdpGXItKqMDHw3ym6umOQ54MMMPzd_r4n-WUsk6xb7iUttO6GCSj3SRggFGA1VYYGaFfOn5b3xY1ne961VlaGLTO_yiWqD0tugPNaF2IohzGdM9t0lcnNw-dM_fo_yu5BiNWv26F-WHaHBCxplA9mtEzFhvefysHS7W2VJPu6y60kOjt01_n_Oeb8LuBNoGCyRw0TJEfme3-WV1Ue53A5F0dEQStpW-AebBU6kA68Y-0D2HFUVCGfWujK8Bjnr0C_4RhOyCNSztuP7oG-hyvmnGpLEaxbfKsiRoxmGdTE9ygTeV6WLUyzL2iZSAtOs6UL7caqaFEJR_van2AndIAk-FeDe7a1lnnVQy-9IpSHLJSKbeprBdNgxTVxm1h8Ys86MiL1NEXFPc3cvCu-RdvdvULqdtSa-J_Adf-BrekYuAg96Jf5aJ9J7TOLTYKU5JMmq27vlWP-EAisgWCN43OF6TcUXeh7nFvApfYM-9eDe-mB-s9t8tWE4-iBe9vYq6ORT4XatfzFydI6YtLtLftfWLM79FPininp9AUzhkhwLW1aj-YC4mya0IuaoGx8o7PPLzHN95QymLlDpr8n8k7p2dPufeDJxzJ86hZ5CSFFfCXLOLcwMtuTFJgTeg5_BMvjQEdxm-25DQw9bxWFL4yNyBEFuZgnIRLWe-NsyJxIxJIuF9do4JT-hVUHN0LXJZxKuIwaPGZfZQg1Q8_ICsdc9I9EZmHIh_TuJc8oZRXGMX7f1euVSUe5TQLNKHIYF195KKPnyotTOemUwEHujb9UsP4qRsd3itEtMimVWR7bXtyCND2FjDf_UYfUwZTFMlh1dlje-nzRQ8iqd4h10bnUsoyPtFSnDl7yZLUwMhy5RYUr_CG_ExjZyZyZiswqpuuDkMZY6RcYLpKDJ1K64f3nJ5F5G2g3Z-trtIn8J7x3esQf1nYRrgpdy3jiJdK3e2iwhebJQxCYcgCCIDwUsWHZvPQFjhnogBQ00ijDsn-aKvBKUZWmvEpsDug4UopiY_15J7P2mNATt-ZpOqjRX7Qq8Ug6XKL1PX8G2QTh6E53-uYLDEbHUyLz6AZZzx3RQyhKb1KiILRZJSYaz77bdTSkMpLJyoSSjzOXRUSqEB-p0qYMX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7573 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssALkLXNVQv44itlnENq3vBTqOjjCgcsbSF8cumvS-FuH6YajSiBDm-myFgUjBCVwwk00z-AK2Pgx96YTaEvZaEfH3SaV-uUXFcjR7IsEHaqNPCDkiiSG5B6RTkCjYESdRx8ggAAQckQh-3&sai=AMfl-YT-xoeJezHtR96FvIEskegXGx3axoRMnZCWut4iyDDYKrNw7rCVuSrO-muGNjrufSQrwj4Ovt95GXG8hyqlJCCR34UTXBMBD0KCI7af9hy8yhfQD_UqAkixXXo&sig=Cg0ArKJSzILD9PlmD9--EAE&cid=CAQSOwDICaaNtWgrt4M7RCQaVnI8eI5PjqTf2CZyaHRV-aTFS6Mi_Yu-lNo26fWarIjruncDxpppOdvxNaoLGAE&id=lidar2&mcvt=1000&p=978,366,1228,666&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=672148664&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699025133522&rpt=313&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 19ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-custom-prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:25:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Nov 2023 15:25:35 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2969 16 B
209 B 70ms
69ms Fetch
application/json 13.43.78.194

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.43.78.194 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Nov 2023 15:25:35 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 35C6 16 B
209 B 68ms
68ms Fetch
application/json 13.43.78.194

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.43.78.194 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Nov 2023 15:25:35 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 0
24 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6491056608689&version=m202309260101&ct=76&x=1&cor=6817873491663656000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T9RMKL3N37&gtm=45je3b11v870307558z879478043&_p=1699025128867&gcd=11l1l1l1l1&cid=440603065.1699025130&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699025130&sct=1&seg=0&dl=https%3A%2F%2Fstd.stheadline.com%2Fdaily%2Farticle%2F2555061%2F%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82&dt=%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF%20%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82%20%7C%20%E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1&en=screenload&epn.articleid=3287403&_et=4&tfd=7894
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9RMKL3N37&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://std.stheadline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://std.stheadline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 156ms
20ms Preflight 13.43.78.194

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.78.194 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 03 Nov 2023 15:25:35 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 130ms
21ms Preflight 13.43.78.194

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.78.194 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 03 Nov 2023 15:25:35 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2969 0
24 B 47ms
47ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8235379365303&version=m202309260101&ct=77&x=1&cor=5385593127535561000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C6 0
24 B 49ms
49ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1392344173304&version=m202309260101&ct=77&x=1&cor=3097719138306891300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7573 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c7606e46-5d83-be6f-f314-41da4b979fbe&tv=%7Bc:sVeXCS,pingTime:1,time:2193,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:64%7D,%7Bpiv:89,vs:i,r:,t:1192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1185~0,0~75%5D,as:%5B1185~300.250%5D%7D%7D,%7Bsl:i,t:1192,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:89,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~75%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:117,fm:tUyQjwp+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1d%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h*.1627455-73523879%7C1h1%7C1h2%7C1h3%7C1h4,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:66,sis:289%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:7ab2:7b59:1f27:1df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 15:25:36 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fstd.stheadline.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772

Verdicts & Comments Add Verdict or Comment

572 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 20:16:17	Name: demdex Value: 18929616725618372521516930529287439875
.stheadline.com/	1969-12-31 23:59:59	Name: AMCVS_E1E31A3C5BB4BED90A495E47%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 00:42:41	Name: everest_g_v2 Value: g_surferid~ZUUQ6QAAALK4mQN-
.dpm.demdex.net/	1970-01-20 20:16:17	Name: dpm Value: 18929616725618372521516930529287439875
.stheadline.com/	1970-01-21 01:33:05	Name: AMCV_E1E31A3C5BB4BED90A495E47%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19665%7CMCMID%7C19275070699401529491583014910872516786%7CMCAAMLH-1699629929%7C6%7CMCAAMB-1699629929%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1699032329s%7CNONE%7CMCSYNCSOP%7C411-19672%7CvVersion%7C3.3.0
.stheadline.com/	1970-01-20 15:58:31	Name: _gid Value: GA1.2.1605084653.1699025130
.stheadline.com/	1970-01-20 15:57:05	Name: _gat_UA-41819048-3 Value: 1
.demdex.net/	1970-01-20 20:16:17	Name: dextp Value: 481-1-1699025129942\|771-1-1699025130046
.doubleclick.net/	1970-01-21 01:18:41	Name: IDE Value: AHWqTUnmIuzfphuZSH817XgHJnQ7nGobEfjjBNk9bsM6aDszLgscLF0ZfbPNHGFkY6M
std.stheadline.com/	1970-01-20 16:40:17	Name: _rtbpbjs_userid_consent_data Value: 3524755945110770
.stheadline.com/	1970-01-20 15:57:06	Name: s_pn Value: %E6%98%9F%E5%B3%B6%E6%97%A5%E5%A0%B1.%E6%97%A5%E5%A0%B1%E6%96%B0%E8%81%9E
.stheadline.com/	1970-01-20 17:23:29	Name: s_getNewRepeat Value: 1699025130444-New
.stheadline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.stheadline.com/	1970-01-21 01:33:05	Name: _ga Value: GA1.1.440603065.1699025130
.stheadline.com/	1970-01-21 01:33:05	Name: _ga_T9RMKL3N37 Value: GS1.1.1699025130.1.0.1699025130.60.0.0
.stheadline.com/	1970-01-20 15:57:05	Name: lotame_domain_check Value: stheadline.com
.criteo.com/	1970-01-21 01:18:41	Name: uid Value: c84d93cc-f817-4634-b244-e9ad3108c29e
.stheadline.com/	1969-12-31 23:59:59	Name: tp Value: 2977
.stheadline.com/	1969-12-31 23:59:59	Name: s_ppv Value: %25u661F%25u5CF6%25u65E5%25u5831.%25u65E5%25u5831%25u65B0%25u805E%2C40%2C40%2C1200
.stheadline.com/	1970-01-21 01:18:41	Name: cto_bundle Value: AArFnl93cE12TFFiT2pIJTJCenZJSEJ4bmd0bzVjRUZQZDBCY2NEVzZNVXlLV0hGTTM1QkQxWEt2eWJSaVNNNFltWXFyU1kzMDUlMkI1S08lMkZjNVpoZjQlMkZsJTJGWjdCZ0NJRm93UVglMkYlMkZzeCUyQk5YcnBLJTJCOE5MQ3VNeEJxSTNhbU9aTmIlMkIlMkYlMkJSJTJCaDZaSlZXc0tJN0ZLNzlaeEx6Y3Z0SW5sUSUzRCUzRA
.openx.net/	1970-01-21 00:42:41	Name: i Value: f766b5a5-a15a-47a2-ab37-2bf85a2fe395\|1699025130
.stheadline.com/	1970-01-21 01:18:41	Name: __gads Value: ID=0173c40f72bcb9d6:T=1699025131:RT=1699025131:S=ALNI_MbV29tfvaH95V73gvOsJdlDkwvloA
.stheadline.com/	1970-01-21 01:18:41	Name: __gpi Value: UID=00000cb3932a67ed:T=1699025131:RT=1699025131:S=ALNI_MYPvaQ6mpHZBQ8sMfo8tPNUtm2E5w
.script.ac/	1970-01-20 15:57:06	Name: __cf_bm Value: KXfvvGmzi1RXqizUjDqqYCSHF1nG6EYJvjMbg_n11ac-1699025132-0-AcyjGBfc72QHJL2B0XLaOu4B3tlu+IlmqsOc7Gp+gqu05HxWBVFR0PdBIuo2jgBSNJhCRsec/4hyiqjy6ghvDfc=
.rubiconproject.com/	1970-01-21 00:42:41	Name: khaos Value: LOIRP2KP-1U-AEHS
.rubiconproject.com/	1970-01-21 00:42:41	Name: audit Value: 1\|naVuGyos1qoI3RomnbNtyS+IXqvPVzt4X6LBWwGzep07cZe5xyGZWQaBXE397Cut7FIarhfYTiUmfOVQfL4vnvPzJ6cr+j5/UJeulnyjcPKXvnqSXrQ1MyKPLRELhl3x0A+VO7RH1E0=
.doubleclick.net/	1970-01-20 15:57:08	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:16:17	Name: APC Value: AfxxVi4Hkz9BadOx10KjfVo9NmbYEISnWuXHI6Az5vwrBXC79gTv7A
.betweendigital.com/	1970-01-21 00:42:41	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 00:42:41	Name: ss Value: 1
.betweendigital.com/	1970-01-21 00:42:41	Name: unm Value: 1
.betweendigital.com/	1970-01-21 00:42:41	Name: tuuid Value: 69ad2b33-0a60-5233-bf3c-4ff2da795f1f
.betweendigital.com/	1970-01-21 00:42:41	Name: ut Value: ZUUQ7QAA7kj0CIKugEBu59_UadxwA-nT9306GQ==
.adnxs.com/	1970-01-20 18:06:41	Name: uuid2 Value: 5519535777393397813
.casalemedia.com/	1970-01-21 00:42:41	Name: CMID Value: ZUUQ7eV5ERniz2bieDazDQAA
.casalemedia.com/	1970-01-20 18:06:41	Name: CMPS Value: 5148
.casalemedia.com/	1970-01-20 18:06:41	Name: CMPRO Value: 5148
.redintelligence.net/	1970-01-20 18:06:41	Name: 8lcfmzhxc8d6_uid Value: 2a48462d5d631a70
.travelaudience.com/	1970-01-21 01:27:19	Name: _tracker Value: %7B%22UUID%22%3A%2217772B90-86BA-4EEE-025F-8EB95F9ECA07%22%7D
.ctnsnet.com/	1970-01-21 00:42:41	Name: cid_19f74e4a43ff42928d049bf01599d7a7 Value: 1
.ctnsnet.com/	1970-01-21 00:42:41	Name: gid_CAESEC4hGy7EE9MfSPCG4Fl9Jwc Value: 1
.csync.loopme.me/	1970-01-20 18:09:33	Name: viewer_token Value: 4d9054ef-eef5-4c48-a092-e2c9447a60ee
.adform.net/	1970-01-20 16:40:17	Name: C Value: 1
.adform.net/	1970-01-20 17:23:29	Name: uid Value: 687052095138104846
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: w0tjgv153lhpxjf0iotxufdc
pb.media01.eu/	1970-01-21 01:33:05	Name: DTU Value: 9CAA498AB1E8D326EAAE1784F5DFF44E
.office-partner.de/	1970-01-21 01:33:05	Name: source Value: {"webgains_webgains":{"timestamp":1699025134465,"clickCookie":false}}
ads.travelaudience.com/	1970-01-21 01:27:19	Name: _tracker Value: %7B%22UUID%22%3A%2217772B90-86BA-4EEE-025F-8EB95F9ECA07%22%7D
.quantserve.com/	1970-01-20 18:06:41	Name: d Value: EBkBCQGrKoEA
.quantserve.com/	1970-01-21 01:27:19	Name: mc Value: 654510ee-ac717-612dc-096b1
.w55c.net/	1970-01-21 01:27:19	Name: wfivefivec Value: 9oxCMrxS1QYW3c5
.w55c.net/	1970-01-20 16:40:17	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-21 00:44:07	Name: suid Value: 20878A7D028E49F988FD00F48FEE02DE
.1rx.io/	1970-01-21 00:42:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-761951b0-0817-42cc-9993-de504dee138b-003%22%7D
.yahoo.com/	1970-01-21 00:43:02	Name: A3 Value: d=AQABBO4QRWUCEJe5SEs-_HxhIQ2p-La6rPkFEgEBAQFiRmVOZQAAAAAA_eMAAA&S=AQAAAq7_FQGlhRRExg6_HjMa7BY
.aralego.com/	1970-01-21 00:42:41	Name: gdpr Value: 1
.aralego.com/	1970-01-21 00:42:41	Name: sspid Value: e53109da-f0fd-3d07-a53d-ad963e274379
.targeting.unrulymedia.com/	1970-01-21 00:42:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-761951b0-0817-42cc-9993-de504dee138b-003%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://std.stheadline.com/daily/article/2555061/%E6%97%A5%E5%A0%B1-%E9%87%91%E8%9E%8D-%E5%82%B3%E6%B2%99%E7%89%B9%E9%98%BF%E7%BE%8E%E6%8E%A2%E8%B7%AF-%E4%BE%86%E6%B8%AF%E4%B8%8A%E5%B8%82 Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fstd.stheadline.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772' from origin 'https://std.stheadline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fstd.stheadline.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.teads.tv
ad.doubleclick.net
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
assets.adobedtm.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cbf57f95a514d00fd533380d7e2fcda3.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdn1.iconfinder.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
csync.loopme.me
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hal90002.redintelligence.net
hb.aralego.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image.stheadline.com
imasdk.googleapis.com
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
prebid.smilewanted.com
pv.medialead.de
region1.analytics.google.com
rtb.adxpremium.services
rtb.openx.net
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbdemand.apiip.net
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
singtaolimited.sc.omtrdc.net
singtaonewscorp.demdex.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.stheadline.com
stats.g.doubleclick.net
std.stheadline.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
c.amazon-adsystem.com
104.22.69.131
108.138.36.27
13.224.192.181
13.32.99.23
13.42.240.154
13.43.78.194
142.250.186.38
142.250.74.198
144.76.91.199
145.239.193.130
147.75.84.158
151.101.2.49
151.101.67.52
159.69.70.9
162.19.138.82
162.210.196.208
172.217.16.194
172.64.151.101
18.196.149.165
18.66.2.109
184.30.21.51
185.106.140.18
185.64.189.112
185.86.138.155
188.42.34.64
192.96.203.13
2001:4860:4802:34::36
2600:1f18:1aca:4280:7ab2:7b59:1f27:1df
2600:9000:223f:4400:8:48e:53c0:93a1
2600:9000:2250:5600:a:e047:753:a221
2600:9000:236e:e00:2:d490:4d80:93a1
2602:803:c003:200::41
2606:4700:10::6816:3456
2606:4700:10::ac43:1bf8
2606:4700:20::681a:8a9
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700:e4::ac40:ad26
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c03::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3100:787::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:7277:7abd:362b:c0c9
2a06:98c1:3121::3
2a0b:4d07:101::1
2a0c:5c87:5241::2
3.127.126.167
34.102.146.192
34.107.231.31
34.120.135.53
34.120.63.153
34.250.238.79
34.253.158.202
34.95.69.49
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
35.214.162.209
35.244.159.8
37.157.6.232
37.252.171.85
46.228.174.117
46.4.10.47
51.89.9.254
52.208.223.188
52.210.47.152
52.29.125.157
52.76.145.253
54.228.190.197
54.72.250.72
63.140.62.22
69.173.144.139
88.198.250.30
99.86.4.39
99.86.4.52
00128aa9fd8f0a918e8153243a8959140f25a670aeb71351786a6821903b4a9b
002950561b27dcb01587f5ceed423297218cd1f5710c67022cfcbc11f08191a7
007608d4b9c0ace879bf0975020ffada24cfd4e4ab54a24737f380899f304010
007ce83d6f8f3f6d6e7bb71df1dacd4efb86bd7c8c7cac59c1ceb564c61e4417
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
021509f9399fbcd701f39d4c06193a064742120110303f0b45f5d2cf4c2dde23
05780e564cc28fec43a7b742dbc37507ec540ccb6240f0c9ac5dfa7c89fa9d94
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0911197e5caed0b3fe8a7916caa1253399349a0d6a4e146fb99d2e221d28eb83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d
0f2f4e0624382faaca1442fd0f7d826449c9b25a9debae2891210b9d63544b13
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
0fcea8de688740d4cfad7e0312c98c02284589f979e7b0ec5edfbd3d2b1f1b11
0fdb9131fd2f2a1e147a61e2e07e870fb540f1d3ee1a807d7fae0620db974733
10d76d9ad137244e90910361e73d0c25406d6b864abd7c8ceb578dc92e846ebd
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
11a3bac416c573db70b18bc51e255508b59ef9e0982e5dde663fae6b9f4d01f7
1238902b73e1d18704723d7f9021868af51c722ed28680ade1c4e66d00c18810
14425bdb51313ab29d844c4c6f20690508a4c4475d2dc8ee5a0dddf5dd781b31
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
171ee46cc8419822d61dae68b7cb2576d5f1a8ed245c2b42df0d3f66db47e5c3
1978f2dc7bd4fa1b92560d0fb0276d2d6d45f91ea7ca0ae4f1a865fc3b11b32d
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c02ec5ce9f353a45ee995a413751c2ad1fcdc9e2bc9cb1435861259784f39d3
1cfb73df05de1b204ad9c2b2d24b83b6d5b4f07c43108d51a60f97f457b9dbf0
1dda9e5e94a3edb823534f5087d7f790d5c76342d9629ca7a3a4aaffcc66c237
1e8f4b5858271ef1d49092cf4e82842fcd638995985c7a4660b01594bbb9da02
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
1fc84e825f772b3ea9a5d55840482f85216679fcf3d4d7625a34348d052c2608
22ad7191a0426fa373b1512f7fc0da5d2b96c8fe03b4e160015cab08faa3f2cf
230cc326e13f246d46f7827c2e5f085436f5dad54f70e6313a8393b147c640b9
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
249e87b95ee48365855a79e62973446c7bd7d6c6f2d9ba4f7134ad524aa6a5e5
24feb2f978c9bde6be7457c893a81d2e6e127c4349bff7611e153d33aef6aeae
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274c5d4471d2b79099d1d711b7747757409a6e113f9a8d1ee35a92e97e429678
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27cc0dfd5b926712a634872775f4d1c560570aa5eb85aeb80ee5d815c5aae8ce
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29db3d00ec9e324c6474a114727931b7c84cfe269e9c9d8af2b71bafea5bfe72
2a00984a28d97c6ebf98603e57187441c43bdc85fa9eb9ba03a0d72c15b59a14
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525
2cf44e6da3d18b6c53eec6f939aaddfaabfb5002e150e315dc02f9bea7a4daba
2e5f02280945975bbf9d9d9e301865df300b31b6a6c068f05a61ecd015d4cdc1
2f2de7eb022059d9477ffec847a514a961e70920fb3eb8cfb59363b9071e97b9
31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c74c37b8d29fb698da762ad0f62f8323896539df242d442a54f434e1f51d02
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
37d7763385cad082a9084bfbf1c26418b7c8768229aaa4ee199d4bca314632c2
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
3d2552b8d86003da01dcfa395545b86be4cdbc7667b3c45551a367d42a1b1ec0
3ff6b6d4a3018c2955ebcba77327e323f89de2510f4e2d512cd87a3491fec89b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
445466a88a8307acd93ebcd4b3182110f1ab5a0272ec0fed9dbc956a80f377d7
451de98803785192aacb62cefd63530fe88c6fb838fd6d7164feb430d71e2f62
46544204ec6165023cf7a0085179226301502e0abc5887469d8368aa0406b84b
46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471550ed7025e2abacc6b0cf8aafb152a479d00674d64561b109bbbd22abc469
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5c1d0d7eb977109eeb792f3a30e0c121f583fd4a015ac2611689b5ba7fec71
4d36f2b9b3a81e30c93085de22aa1adf9ca51559264c51cb067a8b5a842e709b
4db7cea580d713cbf55a968c66266734d5b859e362827aa3c6b3925641f40f84
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
511de991d6e51c7a768f092b7a3aacaee112367e92905574d6c8773e65146ad3
5251631d756dac0ed74a7892e651437c0f8840e552f9e245c731860ab1a89581
52f9dfd25b8000960e13ea7b51ad646c2bb4ea81664b617e0d9d00e193f11a13
53a5310c952d60a16eb2eba131663a7062aaff9bd8b4bd3581210e105b439964
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
53e327d0099c5a1e80f182574d39f40112a0b86c90209f96683bae0168326453
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545e49291cb8ae94e35598b299521659fcfb87754f98c04d6477c547f8185ddf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54be3a7e7ef8c06852f510db379fd2c0449a6ecffbaac4151b654bf99e953f73
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56781372ef7b3ea917d9a672006ed4dda4805689294733a98dc256c679f64adf
59256d68959f1c40218d6a6c7f9dc0a89346c35e6bac1f4c42be4490217b5eff
5979ca0df8799a0ed2c45b615d4ae50438df2aeaf4550d0f25b573dcd5e98a96
59dcf736e34517f8acbc1aef5c66d5006c6978be52dc04882aae659648834e61
5add1380d524da43983df788068d8141c194b6dc008ecd98e18bd483a7ed2ddf
5bcd5c17a254cd4a072a72be3972bf66d7cff97af5e06c3639452857d8e26a3b
5be33211d4a643c8b21d3cde4b849240941f458fd73f482504291e8267c15cc4
5c541f6e7a3e287e7a8b3c6ecf413306f3c762a847a4443a8e3ea22bdea957f3
5e4521666186dcc9e8af3e52a260384df8c1e7e3b53b4eb0c2a09e6a157189c2
5f7919c35fa7282144d5380cf3e9536ba9c4743dea6d7b50174f9496392d4c66
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61a18f52ff5eb0fcb2d37118ba350a06c6977e9e7b34ae999f96a4c2c88efebb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621ad50a5f51139a98256724d0e10bb1856612de37e24646320c6335a0f4b95c
63dec8dd0f6d58e0195860e115826bec46a12d7db222277bef9a4e61daa03a15
6680854b14d983460a40ecbef6d72786c5dd607d1348c9df0570f808daca6f5b
67c1744b90c74b21e47bb6ea7572589bc5eb2e9afe8bcfc30fb3faa842a347a9
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab8caf25a00a5b1066eda83a89b016b14038afcda0c87f2ceb07e408a02ea9a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
700d5450048b2a5b504b1e433569636e8bc0f390eec802ae7f17c325c0146319
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b
77a7a23b07670a5a31946d32365e59d374ea1a4f9d41261d5471ec0cef4a4217
78bf14ac2f34c90520d5c1956c4a37cca0964e63ea019b10b633d60a51c9ce6a
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7d4ca6d68f1b016f9ac04d2338df4d2fe1e66e58c2e81a6c81f982e0ae0ec344
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82769aa1a413334332c0e0d15f35ec7797298124a43c6dce17fe54e173c163be
8295d15439dfa3e3f329cf749c890c7db979e0aa6350159ebbc9a53314de978e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf
8ad67548a761a0c1c4601152c23a74620e773648ccac0ea2a51b2dda4b36eaf8
8b028e1457c5ab4e1b91ea05f1ccf182c52c2c3fbaa2a5b4d706701e428776e0
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8bdc6084d6c146066a1ae285e612ed7797c2a74e8397227513bd09de57249c30
8daf641a6211502aaaa89d3199d1a965fb6268aa73b3ee4af5268040303fdcf3
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8edf934cf81ca088ec72ef362c66090602eee3e583198ec96690978bcd183531
92829bb31f8492ac8867bc349df3c761915c9b3d7f9ff5b9eeef8516d2f5f112
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
9646af07c16149c27678ff0d4001b4e94d680b744f2b1044dc1433ee4d50cf88
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acebbba1bfeff45f726c067a80bf642a2d40b11a456d7cc2eee6cf276b50ec9
9c9b3aca8bdeaf648fa31a8048c78beae60c2c1383d9b314ac6628a51fe1f3f4
9fc31ee6bafd21b6b905dde786016101e5bfbdb0f75d34299df2f572311a8449
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b02fb5552816769995428dcf50397647a34d7caddff0e41962090381259a5f
a43f53c9124a825815d2c204475a3435bb89c846a12ded6ce9c030fa73c41daf
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1625f27e7eaa0e6ef2091feccc30d310754e69fc7c11486b0479bb7e3d8203
b0194c2c4443d6cb4e0a2265bfe8ecf70478941f5456d3423d71a2be01c8c08e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b99b0d8abedbc69f8d4ee5a1c17afe5b943e0ef7545964e6757cddfc24e08717
bdc24643a088ed464e7eec4d15dfe7bc66c0877d9c170a73da83ba6f06d72f60
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c67d333a7165afbb8b8e6fffba898c04cad7f62ba2993c0306da1fda37e8ae40
c708f1377f3104c01c8030e66f4ce062153bda7769d74e6b0fc6f2b0f5a3e482
c742b0ca2382da3c9fd37dce090413a2b8851ceb16723c73bfc270fbc9a99d76
c78a5580d96f380a9da98718022e91fb9c8d45e940af987d8f08d5e761dcde3c
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
cb1ee6ee420216236e4c2a73e47754093d268c06817387cc5ddba900551d3670
cbae153705044e9bbd76950cf313fe3d0cb3f59223cd4f37cb3aecb22c3e9025
ce229c593f390900b7efebebb458731676ef1f5b9da2d471312cc3032312025d
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cecf401f631441db76cf007bda00b878c398a4c9d226e2250f05bb8e578f5560
d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d
d40c7cc22f2317bda26cad5e1105eb1283acafc08b152f9160106b16519f49b8
d44ba882d037a62abcabddae28ac9b3ef4fd65654e40c4230537fe9d464c82fc
d5a1f3c4b7f7cf3a46a179fdc5b760b9cf0f408196a5ecc9637ca0c02420e06e
d79315dff47af2d1d75f285b60dfd5bb392f541653e3957be5aea563b363c695
d829c1b5edf8c9d1ba807c3636dded78bf12d834fe2225cd47d22c286926d0df
d8ec1529c8252274b8fa894f3816672ba99b45464e27f6994c14b438fd22c671
da04c6340e406f050a4dfc06019bc384189b2d0f555d186b189c026562105660
da61453bb2e981f85c0b80bee5db943cb0d08ca6b35735ac07bed8c4b0fc6540
ddda1b44b917db80a00255e879bcc1b6b91cf7e4a818ba14e54819824f43f4a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb509754bf3accae8062063fb55b5dcbd4fdf80c13e7629ebe140f86e119096
dfc1c497167685a60311f00c26a612ff0647a0ca6bcd8f898e00c48a514e9ca3
e15cb41033bf33ab52f2a549a4d89fd5361b92f24cb2200d0955601e93de45aa
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2925d7e324d859d4b1c66bc41bf4418ffccbcb9d82337b2b25a11c0a43102da
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e7e2c9d350ea2c20cdc3a849f809e9d15094ff6fb06555175d5772c57515cd12
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eaa2ab342817f20198327bb3bf58c0c46b2012701abd9ccd67a8ea942a4464a0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec9661e7fc7543cd2257dcd18df85a7a5f69c9df499fbf2b516ceeb77e6d66ce
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb61f810902a76a0baf817174c11e94d5b5238748a0513db4a310a15e7e3059
f154314ae0c41246999f1e6bd194abba3344102e0500c30b5f6a1e1a2ee9e901
f43f156b15e150655c27e48135fa8e978f55c232ea2afb037f59b420297eab84
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5be69c7ac1082afc82fc29ac42c59d10be043c84b9e6afb17de11b424cbbbba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8748af9f16076c64db25b50366596818ce0d260548fb243ebfe3bfa63154239
f932b7d32f5182dabb2b95c70830a5610f4cbd77d30f856e14aa08a0ce6fd7e2
fa4d45acffd06d885495530995c5a39300aedcddca357066be53468b5c507af6
fb15e83f6da2ae1cedfc95aa24c594ebeadd38402220a56edcb0c58e85367249
fbfedf4879ea6d624d908317d6b8ae052b7f94532b7c3d540c3c39c860b55cb6
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
fe6439572c81ef4ee1f622dc8163e6c74f95259df71db003869ba75572037489
ff9e86db29fc718cb77a85c53347c4cb0c97b0bf629cd826598454a59944e8d7

std.stheadline.com Open in urlscan Pro 2606:4700:10::ac43:1bf8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

433 Requests

91 %HTTPS

42 %IPv6

72 Domains

108 Subdomains

88 IPs

12 Countries

5344 kBTransfer

12504 kBSize

58 Cookies

20 Outgoing links

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

std.stheadline.com Open in urlscan Pro
2606:4700:10::ac43:1bf8 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

91 %
HTTPS

42 %
IPv6

72
Domains

108
Subdomains

88
IPs

12
Countries

5344 kB
Transfer

12504 kB
Size

58
Cookies

433 HTTP transactions
11 data transactions