yahoo.com Open in urlscan Pro
2001:4998:24:120d::1:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www1-notifbestads.azurewebsites.net/
Effective URL:
https://yahoo.com/
Submission: On January 22 via manual (January 22nd 2024, 10:45:11 am UTC) from DE — Scanned from DE

Summary HTTP 397 Redirects Links 295 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 39 domains to perform 397 HTTP transactions. The main IP is 2001:4998:24:120d::1:1, located in Quincy, United States and belongs to YAHOO-GQ1, US. The main domain is yahoo.com. The Cisco Umbrella rank of the primary domain is 113.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on September 26th 2023. Valid for: 6 months.

This is the only time yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	40.71.11.169 40.71.11.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	2001:4998:24:... 2001:4998:24:120d::1:1	36647 (YAHOO-GQ1) (YAHOO-GQ1)
91	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	34.252.254.34 34.252.254.34	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.30.200.188 52.30.200.188	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.124.11.16 104.124.11.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
1	3.160.188.68 3.160.188.68	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2.19.106.142 2.19.106.142	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.48.23.12 23.48.23.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:400... 2a04:4e42:400::539	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
21	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
11 29	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
9 15	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
5	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
17	2a02:26f0:480... 2a02:26f0:480:f::213:7ecc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	194.97.41.228 194.97.41.228	5430 (FREENETDE...) (FREENETDE freenet Datenkommunikations GmbH)
4	2606:4700:440... 2606:4700:4400::ac40:9b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2600:9000:25e... 2600:9000:25e8:7600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
4 6	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.214.230.121 52.214.230.121	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	54.76.92.15 54.76.92.15	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223f:2c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:c25c:80b2:2625:60ad	16509 (AMAZON-02) (AMAZON-02)
397	45

2 40.71.11.169 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www1-notifbestads.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2001:4998:24:120d::1:1 (Quincy, United States)

ASN36647 (YAHOO-GQ1, US)

yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bats.video.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-api.yql.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tb.video.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.254.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-254-34.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
noa.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.200.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-200-188.eu-west-1.compute.amazonaws.com

fsbcn.fp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.124.11.16 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-124-11-16.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.188.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-68.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.19.106.142 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-106-142.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-12.deploy.static.akamaitechnologies.com

lg1.hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:400::539 (United States)

ASN54113 (FASTLY, US)

edge-auth.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.217.16.194 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.151.101 (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:480:f::213:7ecc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 194.97.41.228 (Germany)

ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE)
PTR: ndirect.ppro.de

ndirect.ppro.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9b32 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:7600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.90 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.230.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-230-121.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.92.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-92-15.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:2c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:c25c:80b2:2625:60ad (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	524 KB
75	yimg.com s.yimg.com — Cisco Umbrella Rank: 673	2 MB
62	yahoo.com yahoo.com — Cisco Umbrella Rank: 113 guce.yahoo.com — Cisco Umbrella Rank: 3906 edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 7088 geo.yahoo.com — Cisco Umbrella Rank: 1609 fsbcn.fp.yahoo.com — Cisco Umbrella Rank: 230565 opus.analytics.yahoo.com — Cisco Umbrella Rank: 4199 bats.video.yahoo.com — Cisco Umbrella Rank: 4650 video-api.yql.yahoo.com — Cisco Umbrella Rank: 4779 www.yahoo.com — Cisco Umbrella Rank: 1658 udc.yahoo.com — Cisco Umbrella Rank: 3113 noa.yahoo.com — Cisco Umbrella Rank: 4668 tb.video.yahoo.com — Cisco Umbrella Rank: 6064	3 MB
49	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	344 KB
21	ad4m.at ad4m.at — Cisco Umbrella Rank: 11475 as.ad4m.at — Cisco Umbrella Rank: 29340	116 KB
17	akamaihd.net bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 4376	612 KB
16	ppro.de ndirect.ppro.de — Cisco Umbrella Rank: 338179	155 KB
15	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	8 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	140 KB
10	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773 lg1.hb.yahoo.net — Cisco Umbrella Rank: 2893	217 KB
7	openx.net 4 redirects us-u.openx.net — Cisco Umbrella Rank: 524 rtb.openx.net — Cisco Umbrella Rank: 625	1 KB
7	brightcove.com metrics.brightcove.com — Cisco Umbrella Rank: 3299 edge-auth.api.brightcove.com — Cisco Umbrella Rank: 5251	6 KB
7	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3055	339 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
6	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 3712	48 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	104 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	325 KB
4	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 197599	3 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 6258	954 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	1 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	143 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 485 fonts.googleapis.com — Cisco Umbrella Rank: 28	372 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 671	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1234	104 B
2	azurewebsites.net 2 redirects www1-notifbestads.azurewebsites.net	543 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 651	596 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	614 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	166 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373	574 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	238 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 5589	233 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579	550 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	543 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	301 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2320	53 KB
397	39

	Domain	Requested by
75	s.yimg.com	yahoo.com s.yimg.com
45	pagead2.googlesyndication.com	securepubads.g.doubleclick.net imasdk.googleapis.com 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com yahoo.com cdn.ampproject.org
28	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
26	tpc.googlesyndication.com	cadmus.script.ac 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com yahoo.com
17	bcbolt446c5271-a.akamaihd.net	players.brightcove.net
16	ndirect.ppro.de	as.ad4m.at ndirect.ppro.de
16	yahoo.com	yahoo.com s.yimg.com
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
15	ad4m.at	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com yahoo.com ad4m.at
12	noa.yahoo.com	s.yimg.com
12	geo.yahoo.com	yahoo.com s.yimg.com
9	googleads.g.doubleclick.net	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com yahoo.com
8	bats.video.yahoo.com	s.yimg.com
7	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com	cadmus.script.ac
7	players.brightcove.net	s.yimg.com
7	hb.yahoo.net	s.yimg.com yahoo.com cadmus.script.ac
6	us-u.openx.net	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	as.ad4m.at	yahoo.com as.ad4m.at
6	manifest.prod.boltdns.net	players.brightcove.net
6	securepubads.g.doubleclick.net	cadmus.script.ac
5	dt.adsafeprotected.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
5	ad.doubleclick.net	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com yahoo.com
5	cdn.ampproject.org	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
5	www.googletagservices.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
5	metrics.brightcove.com	yahoo.com
4	static.adsafeprotected.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com srcdoc
4	pvx.freenet-mobilfunk.de	as.ad4m.at ndirect.ppro.de
4	www.yahoo.com	yahoo.com
3	an.yandex.ru	2 redirects
3	eb2.3lift.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	s0.2mdn.net	imasdk.googleapis.com 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com yahoo.com
3	lg1.hb.yahoo.net	yahoo.com
3	udc.yahoo.com	s.yimg.com
2	ap.lijit.com	2 redirects
2	fw.adsafeprotected.com	1 redirects yahoo.com
2	sync.1rx.io	2 redirects
2	www.google.com	cadmus.script.ac 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
2	edge-auth.api.brightcove.com	players.brightcove.net
2	imasdk.googleapis.com	players.brightcove.net imasdk.googleapis.com
2	i.clean.gg	cadmus.script.ac
2	edge-mcdn.secure.yahoo.com	yahoo.com edge-mcdn.secure.yahoo.com
2	www1-notifbestads.azurewebsites.net	2 redirects
1	googleads4.g.doubleclick.net	yahoo.com
1	ads.yieldmo.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	rtb.openx.net	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	s.tribalfusion.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	dsp.adkernel.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	tb.video.yahoo.com	cadmus.script.ac
1	fonts.googleapis.com	3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
1	video-api.yql.yahoo.com	s.yimg.com
1	sb.scorecardresearch.com	yahoo.com
1	opus.analytics.yahoo.com	s.yimg.com
1	cadmus.script.ac	s.yimg.com
1	fsbcn.fp.yahoo.com	yahoo.com
1	guce.yahoo.com	s.yimg.com
397	64

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
news.yahoo.com
finance.yahoo.com
sports.yahoo.com
football.fantasysports.yahoo.com
bestball.fantasysports.yahoo.com
baseball.fantasysports.yahoo.com
hockey.fantasysports.yahoo.com
basketball.fantasysports.yahoo.com
n.rivals.com
help.yahoo.com
shopping.yahoo.com
autos.yahoo.com
guce.yahoo.com
yahoo.uservoice.com
espanol.yahoo.com
au.yahoo.com
ca.yahoo.com
qc.yahoo.com
de.yahoo.com
hk.yahoo.com
malaysia.yahoo.com
sg.yahoo.com
tw.yahoo.com
uk.yahoo.com
legal.yahoo.com
www.adtech.yahooinc.com
www.yahooinc.com
mail.yahoo.com
login.yahoo.com
search.yahoo.com
twitter.com
facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2024-03-20`	6 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
guce.oath.com DigiCert SHA2 High Assurance Server CA	`2024-01-16` - `2024-07-10`	6 months	crt.sh
fsbcn.fp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-05-01`	6 months	crt.sh
script.ac E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
opus.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-05-27`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-05-30`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2024-01-21` - `2024-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-14` - `2025-01-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.ppro.de Sectigo RSA Domain Validation Secure Server CA	`2023-01-30` - `2024-02-24`	a year	crt.sh
*.freenet-mobilfunk.de Sectigo RSA Domain Validation Secure Server CA	`2023-03-14` - `2024-04-13`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2024-01-12` - `2025-02-12`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://yahoo.com/
Frame ID: 687D33D50A9F4603519520D5BB96B2FB
Requests: 153 HTTP requests in this frame

Frame: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
Frame ID: C585AC070BF85D1784EDEF295E5FB7E7
Requests: 46 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2717E16F7E0C736A4B48C2CDD2F286A8
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/checksync.php?cid=8YHBJ3BJ0&cs=1&cv=37&hb=1&vsSync=1&prvid=25014&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Frame ID: AA322FB60952333F9AC2F3A9E74C44CC
Requests: 1 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA3BFE949FEB4C0F315B517006E62EC4
Requests: 18 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9732C687BDC8C1DA4CC6E0572DEDF20
Requests: 16 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C5047038651174DFF21ABF0E6CBEE6E
Requests: 17 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F14A03F285760B7974DABDA939FC4B6
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Frame ID: ADC6EA8BA6FC1968FA311F0D335F11EE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 187574E75480CAC57E794FA364ACDA33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMYifix0AEwAQ&v=APEucNW7NUWKGrDTvBMr-UJ08eAFCOIuIJ5yxltuaKYNPUVCU2sSpCQh26Fe9Mp4yvKwamklbPTEOOHtKTooRBrrSNX0CPj6SJrDYDw8vPuVzwfmSG_NbEo
Frame ID: AE96E5F87E92727377129A4048913351
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUjJqQo8WfkgAp52LMUbjdZta35iuT47Mau2a1Zr6rTinsgK6xZ46w8B4oavcIs_9JIylpiZd_s4rTAWzDcXYLUJlwmvZhYNRYFNOww6427PUaP9js
Frame ID: 94D9C974A737159C2A557CA4C0F63435
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUZBmOXbZBkN4ixi7WlbMmmPdICPaWVnzFudwszav2gzXv41JVBfxXjnpGdwuHtQBNYheWIJJvsh2qNyZeCEtyPqjVAKkvTyUKjIATkje8ebnlHyok
Frame ID: 98CDAA3FF9B286CAB1F5DEBA355CCEC9
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CEC8FCD3FA29033CE26FA11D5BC3D26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F251AE208594808EF691795387078EBC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C5097EF4D592E4B1BE2949C2E473BD45
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FAB72E0999581C6390C116027E86D19E
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 3BB30B284DD53F220ECD6AB3AA355BEF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3999289DD39ED040319E29ABE8B91061
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: ADB476FF36C850003287957356EA0564
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: AEABB0FB3F0DB01F4CB379FB3541800D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=0c11b454dd0e906fb5ad5af74e79ef07%2F11166614406115260581&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282542&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCW_KxGEeuZfTwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9BH02udZLc9RdL7-6qZVlFwb5qNuf2G1PWEBemEGppTxbqdLThuHT2_HIKXB1gij0qy4rnvWO3ZVNrH3rzBPQRsgC0lxrqQVKhfgvwUQovLaZtFJ9OCrceqh41NpFVlPPaHZnfFdqW3pRZwdixlJ6zeYZfMRonDUyNCqV9dX8dJRz0n9IFDVh9TU6uLYz0gBeQ-mPCdhia-1tc0sedfyAjmrQVWu_eMSOOTDJKypXD4-weQsLD_DifRXOIVxmLDnBVpDcUscgRhMTfOahlAZOFQIXpiQ3v1Su2hw1WFVC7tCaEKEPvSRl7Uh1JYv6UW-4b7ivf0QMMRA7TBqK2O7UkGfSdOR1kxopUw3uWoUPxiJXb_3uPABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi7ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_2pejBwPMTDVs6HE7ohoqkxQiWHxw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-C0wP0CisB3jyMptCKHtqNvDTe6sy8XEeq_9Dr9dFmNoFAvM75FyZ49SUIKgYtAyHY3zYnngq7FHfzeV0qIX2WinsJfqkF8H45vlmw-PyUHQ92kBYDzMiC0jWikfXKgqM35ugzXIteUKFb4AwiCLeCx5p4Ho0o3j0jdHoZsys_vg1g4EWk%2526cry%253D1%2526dbm_d%253DAKAmf-DBhovvvoziDOHjQrC2VegwZA6gYJQo6sI-sxCnQXhYpBkPISdKzL67ifue04LZQgIjT0w3feYCfAcAa2WAbc2opqW9-um4rZ4ZwUsbuu__ElggfSGrlyM_xULiqSqzr67gkQCgriRwz4IoaV-xRr03dHxX-OSJq1_OfH1Msvgb1zRcFuViw1D4CJatYgORnZWXiOC5qdwGiBYURBjlnEeqAStO9YQd3snT2iKwQoHtx7NGVfzVwWx9VFaa6Gk6DwI9wmo5aWkGecjqkwlgI7FLxzVxcVi-i1AmlJTTeSW7mtiusqMNwyWoaMQI_02iETR3_HLkNOcIYwL2bF0zFqutxNWCEQeJhQvsfnk1ozBeq2v6LdNRHvGjaXCWM3AEaNKO8qdiXarprNvXL-C0h3EOkDNfrnyCzsfNi8aNOqIG-YmWM4aD0VGruu5UmMlwonaLmCK-5dQkTLS44cPdbHdP8Buzxw3sB4vmWDjYBveubGBbmQ78ih0L7_htobxGFBjRLEKl0VNjXp8zrvhOfks4diz9bvIaVbWHYxIXDiCPwXpPSKoZ0Vsp2XxtlKmGDvsd71FH%2526adurl%253D&y=1&s=&z=0
Frame ID: C4385BB28CFBB9CEB1B343AC5E522D6B
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=490606&b=RxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6q&f=QxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgG&c=300&d=600&e=&g=73df1c6d8e19a92533bb34f8e3fb0d6d%2F14284877538674441755&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282558&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC2c-xGEeuZfPwILf09u8P66qi2Au_yZq1b5qYmuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJACT9CE8KCRgd0_B0IBcu8JMiHkh7oFuSCVSSlixm5wZZCKWzWj8oO_rQenezz0Im9WDhBk8w1o4_xJEY1nYZHDbruYuIUsKBbaa5UJagxu2hZ65uwwGgO8LzqkbWwYKADr-XdXWfeKT8YugOKqu6aXBGS2XH2mC7mATUThMLFlPJtsgpSW3o0d7tchPsts0J4umxwQmGNVK2KTY2tsCZF0nrcGCFjecj-p7f1Y01Yi2CWb3BChqXKUpE_Klb9MJQo97Lg62kl0kTHE0tTiKU7_AJljRnza1fwHo62ICiScWjD96K0nn_VBxrAxEyuDjBvXSUqV31QUq9h822voxwJP0M5VwYfT7PnF2n8DvsgfGGTABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi6ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_0DsZy4fkZ_oxnvXAYZgU83pKknIQ%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-AfKLXJkt97ElfIM2LLfOAw6UwY2V_GfVg6r_Vc_0eC70IXuhSu1AH6jod0ZhxonYF06ZIzMsp_BI55jEQ_8CjUcleeC6bKmzu2NdotQOA2Fzy9pEdik6UjzY0Ny9ranIAeQqJfG53KhYCKhUETUOUlfSFcggw4wM8huumFvitDNAFXcEI%2526cry%253D1%2526dbm_d%253DAKAmf-ByS26LkW3bvSFCsxzur-OTnQRG_smsdcT7LaaYIqsnwyCHExoNQNanBr2EZKgNp2g5hXgzcLFyH-YP5sthYOQDIBI9Q6l39dAhZgxK0wKCuCkZiilm0CFg6r4eOE2t2RgiBr5LIsi2I9Dx480ENGGJs4GvSi1GB6dh2zwGY3RGhxiQIYzDjlJQmod3ZyBfqXaF5Hye8TCqtIC9dkiRtluDyUZ__1VT-cpQThtidAKYfJ6XXTDEzNHpf5QKsdgGgmUeA9ajBSc7KTxlroVc4Y18feNOTJ5XfvY_V6cUfe8kQL_V_lMQQVNXJ0wWGEyix1ECrEqZtTI-gdSjx4rZonLrTxtVWN-zRhuMFdJUGWQnFYpQxa_tJOHWBj-YqWNFGy9A9_2qLpMa1XkmlhHLTZeClT67Kxgf6but4UrDQKEMSv5UshaKPBZs-AwsTwSjrJOAHsPNoNZ9gb_TYMvnKc4RDQy3Vc5rgmm2oqiItSj-OXb4JZrMVGsVNeOVIsQKVWY_U06kWmUIQGJH8nTKCaejOHrhAmxTbFA_NJ1740lsJhcGJTdjQ-T2kGt1WlcViBqtDDV-%2526adurl%253D&y=1&s=&z=0
Frame ID: DE3F9BF7DD4C8FAAA89A673529639522
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0
Frame ID: AE1EE4C9E580607D2EF4241544BB6AA0
Requests: 5 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=30cWLsWP1&vid=Q2loUzEwMUVLM2JFZzZENHRaczhXbTZuT3ZQZlFDRHphUjlLNXpHYmYxYlp0WWp5dzZmaE9HUldtVGpzSXJpYnd1bVpITG1IY3g4bjAwcXBqaTR6VGVjNUlLMnhPbmlxOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
Frame ID: EFD8C7F096918BD9897A1EC4557F39FF
Requests: 2 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=30cWLsXh2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
Frame ID: F3E7BAD33B2E68177433A167AD0A7633
Requests: 2 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=30cWLsYv1&vid=Q2loUzEwMUVLM1lmdzNncEdXSlFEQT092.&a=2
Frame ID: C19AADBA206F064B2B0372C3EBE93C2B
Requests: 2 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
Frame ID: D29750D03F01295F04A26F3AC44E4F6C
Requests: 2 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F8C63B65B87E3D7F382C6A4FE37B63E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEL7tuo0EGIXR4YICMAE&v=APEucNXMAI7iBCwCTyeArHLpWjtbx-Wucn_HJ6bkkPVwIc-B-AnpHYNLrSsA1NqbJ3ztaw8reCfqzLBu6HiZ6xBy1grWMI9zdTMwOAxkd5JzH9qwPujMHtk
Frame ID: 053F7C5FF211E21AD6140C06A908F426
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED8AB8691316DD616AEBF313F67D6FA4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CC6A4D6331966BCBED9DB8481B440AAD
Requests: 3 HTTP requests in this frame

Frame: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9C587AA628D36F8BDC6E6724DE32E41C
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWwIuGNwHblRJAF9gjEoPMEmSY2mJtd5PYP2RXbaBe_ogDzccO7omjmOrmRgnViOvp6YibxkDONGC9iRCg33wq1ONa6YXQ3yDixjSqM8BRnDyEYGIE
Frame ID: CF369DAA40EBB6A7F2EBE4890C64FD03
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D37959E1D48391E5D67E767FA38D15C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FEE666F622B8368620190AB81ACB617C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B6C41F73862D6191D6F75386DDC286DE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x600.js
Frame ID: AEEA44783EC7D766F51DDFDDA52D7577
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yahoo | Mail, Weather, Search, Politics, News, Finance, Sports & Videos

Page URL History Show full URLs

http://www1-notifbestads.azurewebsites.net/ HTTP 301
https://www1-notifbestads.azurewebsites.net/ HTTP 302
https://yahoo.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

397
Requests

92 %
HTTPS

48 %
IPv6

39
Domains

64
Subdomains

45
IPs

6
Countries

7835 kB
Transfer

18306 kB
Size

43
Cookies

295 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/
Title: Today's news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/us/
Title: US

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/politics/
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/world/
Title: World

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/reviews-deals/
Title: Reviews and Deals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/audio/
Title: Audio

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/computing/
Title: Computing

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/home/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/phones/
Title: Phones

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/science/
Title: Science

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/tvs/
Title: TVs

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/weather/
Title: Weather

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/science/
Title: Science

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/elections/
Title: Elections

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/originals/
Title: Originals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/tagged/360/
Title: The 360

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/
Title: Finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/portfolios/
Title: My portfolio

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/portfolio/p_1/view/v1
Title: My watchlist

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/stock-market-news/
Title: Stock market

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/economic-news
Title: Economic

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/earnings
Title: Earnings

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/crypto/
Title: Crypto

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/live/politics/
Title: Politics

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/bidenomics/
Title: Biden economy

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/personal-finance-news
Title: Personal finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/calendar/
Title: Markets

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/most-active/
Title: Stocks: most actives

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/gainers/
Title: Stocks: gainers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/losers/
Title: Stocks: losers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/trending-tickers/
Title: Trending tickers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/commodities/
Title: Futures

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/world-indices/
Title: World indices

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/bonds/
Title: US Treasury bonds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/currencies/
Title: Currencies

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/crypto/
Title: Crypto

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/etfs/
Title: Top ETFs

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/mutualfunds/
Title: Top mutual funds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/options/highest-open-interest/
Title: Highest open interest

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/options/highest-implied-volatility/
Title: Highest implied volatility

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/currency-converter/
Title: Currency converter

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/
Title: Sectors

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/basic-materials/
Title: Basic materials

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/communication-services/
Title: Communication services

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/consumer-cyclical/
Title: Consumer cyclical

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/consumer-defensive/
Title: Consumer defensive

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/energy/
Title: Energy

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/financial-services
Title: Financial services

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/industrials/
Title: Industrials

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/real-estate/
Title: Real estate

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/technology/
Title: Technology

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/utilities/
Title: Utilities

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener
Title: Screeners

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/watchlists/
Title: Watchlists

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/new
Title: Equities

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/etf/new
Title: ETFs

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/future/new
Title: Futures

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/index/new
Title: Index

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/mutualfund/new
Title: Mutual funds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/analyst_ratings/new?ncid=dcm_320339942_490172245_127172993
Title: Analyst rating screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/tradingcentral_event/new?ncid=dcm_320544712_490172245_127172993
Title: Technical events screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/institutional_interest/new?ncid=dcm_320344326_490172245_127172993
Title: Smart money screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/institutional_holdings/new?ncid=dcm_320545006_490172245_127172993
Title: Top holdings screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/personal-finance/
Title: Personal finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-credit-card-interest-rates-193519877.html
Title: Credit card rates

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-credit-card-for-balance-transfer-213356438.html
Title: Balance transfer credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-business-credit-cards-181530428.html
Title: Business credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-cash-back-credit-cards-220845639.html
Title: Cash back credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-rewards-credit-card-203736692.html
Title: Rewards credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-travel-credit-card-203950032.html
Title: Travel credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/find-best-cd-rates-165749654.html
Title: CD rates

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/find-best-checking-accounts-234120614.html
Title: Checking accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-online-checking-account-180614848.html
Title: Online checking accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-high-yield-savings-account-rates-203648059.html
Title: High-yield savings accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/high-yield-money-market-accounts-170614474.html
Title: Money market accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-personal-loans-202034980.html
Title: Personal loans

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/are-federal-or-private-loans-better-175200294.html
Title: Student loans

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/how-to-buy-a-house-in-2023-144721139.html
Title: Home buying

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/taxes/
Title: Taxes

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/videos
Title: Videos

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/etf-report
Title: ETF report

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/fa-corner
Title: FA corner

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/options-pit/
Title: Options pit

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus/finance?ncid=dcm_306158762_490172245_127172993
Title: Finance Plus

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/user-insights?ncid=dcm_306158750_490172245_127172993
Title: Community

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/research/trade-ideas?ncid=dcm_306158753_490172245_127172993
Title: Investment ideas

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/research?ncid=dcm_306158756_490172245_127172993
Title: Research reports

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/predefined/ms_basic_materials/
Title: Industries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/
Title: Sports

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/
Title: Fantasy

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/news/
Title: News

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/
Title: Fantasy football

Search URL Search Domain Scan URL

URL: https://bestball.fantasysports.yahoo.com/
Title: Best Ball

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/pickem
Title: Pro Pick 'Em

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/college
Title: College Pick 'Em

Search URL Search Domain Scan URL

URL: https://baseball.fantasysports.yahoo.com/
Title: Fantasy baseball

Search URL Search Domain Scan URL

URL: https://hockey.fantasysports.yahoo.com/
Title: Fantasy hockey

Search URL Search Domain Scan URL

URL: https://basketball.fantasysports.yahoo.com/
Title: Fantasy basketball

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/mobile/
Title: Download the app

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/dailyfantasy/
Title: Daily Fantasy

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/draft/
Title: Drafts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/injuries/
Title: Injuries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/super-bowl/
Title: Super Bowl

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/gamechannel/
Title: GameChannel

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/nfl/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/mlb/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/world-baseball-classic/
Title: World Baseball Classic

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/draft/
Title: Drafts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/injuries/
Title: Injuries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/nba/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/playoffs/
Title: Playoffs

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/stanley-cup-playoffs/
Title: Playoffs

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/
Title: Soccer

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/ligamx-clausura/
Title: Liga MX

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/concacaf-league/
Title: CONCACAF League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/champions-league/
Title: Champions League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/la-liga/
Title: La Liga

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/serie-a/
Title: Serie A

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/bundesliga/
Title: Bundesliga

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/ligue-1/
Title: Ligue 1

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/world-cup/
Title: World Cup

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/
Title: College football

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/rankings/
Title: Rankings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mma/
Title: MMA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/wnba/
Title: WNBA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/sportsbook/
Title: Sportsbook

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/tennis/
Title: Tennis

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nascar/
Title: NASCAR

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-basketball/
Title: NCAAB

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-womens-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/boxing/
Title: Boxing

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/usfl/
Title: USFL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/cycling/
Title: Cycling

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/indycar/
Title: Indycar

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/olympics/beijing-2022
Title: Olympics

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/horse-racing/
Title: Horse racing

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/gamechannel/
Title: GameChannel

Search URL Search Domain Scan URL

URL: https://n.rivals.com/
Title: Rivals

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/podcasts/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/syndication/
Title: RSS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/jobs/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/sports-news
Title: Help

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/news/
Title: More news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/celebrity/
Title: Celebrity

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tv/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/movies/
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/music/
Title: Music

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/how-to-watch/
Title: How To Watch

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/interviews/
Title: Interviews

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/
Title: Life

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/covid
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/fall-allergies
Title: Fall allergies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/do-i-need-to-worry
Title: Health news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/mental-health
Title: Mental health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/relax
Title: Relax

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/sexual-health
Title: Sexual health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/study
Title: Studies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/the-unwind/
Title: The Unwind

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/parenting/
Title: Parenting

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/family-health
Title: Family health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/so-mini-ways/
Title: So mini ways

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/style-beauty
Title: Style and beauty

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/it-figures
Title: It Figures

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/unapologetically
Title: Unapologetically

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/horoscope/
Title: Horoscopes

Search URL Search Domain Scan URL

URL: https://shopping.yahoo.com/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/best-of/
Title: Buying guides

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/food/
Title: Food

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://autos.yahoo.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/terms?locale=en-US
Title: Terms

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/privacy-policy?locale=en-US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/privacy-dashboard?locale=en-US
Title: Privacy Dashboard

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/925969?browser=chrome&bucket=&location=US&os=mac+os+x&partner=none&rid=fs9nySqH
Title: Feedback

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/?p=dnr
Title: USEnglish

Search URL Search Domain Scan URL

URL: https://espanol.yahoo.com/?p=dnr
Title: US y LATAMEspañol

Search URL Search Domain Scan URL

URL: https://au.yahoo.com/?p=dnr
Title: AustraliaEnglish

Search URL Search Domain Scan URL

URL: https://ca.yahoo.com/?p=dnr
Title: CanadaEnglish

Search URL Search Domain Scan URL

URL: https://qc.yahoo.com/?p=dnr
Title: CanadaFrançais

Search URL Search Domain Scan URL

URL: https://de.yahoo.com/?p=dnr
Title: DeutschlandDeutsch

Search URL Search Domain Scan URL

URL: https://hk.yahoo.com/?p=dnr
Title: 香港繁中

Search URL Search Domain Scan URL

URL: https://malaysia.yahoo.com/?p=dnr
Title: MalaysiaEnglish

Search URL Search Domain Scan URL

URL: https://sg.yahoo.com/?p=dnr
Title: SingaporeEnglish

Search URL Search Domain Scan URL

URL: https://tw.yahoo.com/?p=dnr
Title: 台灣繁中

Search URL Search Domain Scan URL

URL: https://uk.yahoo.com/?p=dnr
Title: UKEnglish

Search URL Search Domain Scan URL

URL: https://legal.yahoo.com/us/en/yahoo/privacy/adinfo/index.html
Title: About our ads

Search URL Search Domain Scan URL

URL: https://www.adtech.yahooinc.com/advertising/solutions
Title: Advertising

Search URL Search Domain Scan URL

URL: https://www.yahooinc.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/originals/
Title: Originals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/style-beauty/
Title: Style and beauty

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/
Title: Screeners

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/newsletters/yahoo-sports-am/
Title: Yahoo Sports AM

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/world/
Title: Editions

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/
Title: Mail

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/?.lang=en-US&src=homepage&.done=https%3A%2F%2Fyahoo.com%2F%3F&pspid=2023538075&activity=ybar-signin
Title: Sign in

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus?ncid=mbr_ryhacqnav00000038
Title: Yahoo Plus

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/
Title: More...

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/suburban-ceo-killed-freak-accident-004300220.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/unexpectedly-widowed-29-then-found-090313176.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/trump-chooses-absolutely-baffling-topic-090905507.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/went-romantic-getaway-guy-id-124401595.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/pawn-stars-frontman-rick-harrison-171550958.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/couple-demolishes-dated-beach-house-090000058.html

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/twitter-justin-jefferson-call-league-022609777.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/trump-hints-vp-pick-people-173853517.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/ferrell-had-zero-knowledge-trans-001436923.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/trump-responds-protester-interrupts-hampshire-021454672.html
Title: Trump responds as protester interrupts New Hampshire rally: 'Get out of here'

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/met-dating-app-bogota-woke-230219138.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/the-45-best-amazon-winter-sale-deals-to-shop-this-weekend-get-up-to-80-off-laptops-apple-airpods-tvs-and-more-200551651.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/world-largest-nuclear-reactor-aims-070000048.html

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/feeling-broke-665k-salary-surgeon-133000790.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/disturbed-lead-singer-david-draiman-152538512.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/rainn-wilson-shares-heartfelt-napkin-222700355.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/donald-trump-campaign-cuts-off-224930075.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/m-british-student-us-college-180928684.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/superman-star-christopher-reeve-children-220000123.html

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/watch-taylor-swift-celebrates-isiah-023257473.html

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Buffalo+Bills&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 1.Buffalo Bills

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Ayodhya+Live&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 2.Ayodhya Live

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Ron+DeSantis&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 3.Ron DeSantis

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Nick+Dunlap&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 4.Nick Dunlap

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Vladimir+Putin&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 5.Vladimir Putin

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Navy+SEALs+Missing&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 6.Navy SEALs Missing

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Adam+Harrison&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 7.Adam Harrison

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Russia-Ukraine+War&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 8.Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Iran&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 9.Iran

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Kate+Middleton&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 10.Kate Middleton

Search URL Search Domain Scan URL

URL: https://twitter.com/yahoo
Title: twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/yahoo
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yahoo/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/yahoo
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@yahoonews
Title: tiktok

Search URL Search Domain Scan URL

URL: https://www.adtech.yahooinc.com/advertising/solutions/dsp
Title: Advertise

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/account
Title: Help

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/341361-yahoo-home?browser=chrome&bucket=900,seamless&os=mac%20os%20x&partner=none&location=US&rid=fs9nySqH
Title: Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www1-notifbestads.azurewebsites.net/ HTTP 301
https://www1-notifbestads.azurewebsites.net/ HTTP 302
https://yahoo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

Request Chain 193

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

Request Chain 342

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH2LSmEwuUZS71FukVDct_Q&google_cver=1&google_push=AXcoOmT76JQw71ldktsfO-ij0NWbAERTeJRkApSrRJdCeDCUqHOfwsOoM8AKwR3GwaOc14I7l9Tw6NkMZz5YzUvYi_LVqCgc-4fU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH2LSmEwuUZS71FukVDct_Q&google_push=AXcoOmT76JQw71ldktsfO-ij0NWbAERTeJRkApSrRJdCeDCUqHOfwsOoM8AKwR3GwaOc14I7l9Tw6NkMZz5YzUvYi_LVqCgc-4fU

Request Chain 343

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELl43ApDoGCxhXLY_Jyu8qw&google_cver=1&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5pJxLLC0wn4iGfsqDv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5pJxLLC0wn4iGfsqDv

Request Chain 346

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKqfCwfoEY8UmCJK9_2MvZo&google_cver=1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1705920304118 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9a9cf15b-a6aa-445f-bb0a-da659727f7f3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ%26google_hm%3DA5qc8VumqkRfuwraZZcn9_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&google_hm=A5qc8VumqkRfuwraZZcn9_M

Request Chain 347

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGV25VEv0vcBMTYv21BP6ts&google_cver=1&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk&google_gid=CAESEGV25VEv0vcBMTYv21BP6ts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk

Request Chain 348

https://an.yandex.ru/mapuid/google/CAESELMk1_9-zTnKgQ5P73h7c7w?ext-param=AXcoOmT6g15bbrUPrYx_h54mO6PwmSWTzCkNHvyBffAacKQSz0BX9Brb3oWpLlmPn8IjtXt8cN9johvgpVArTo2f_CZ07M_xX1La_g&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESELMk1_9-zTnKgQ5P73h7c7w?redir-setuniq=1&ext-param=AXcoOmT6g15bbrUPrYx_h54mO6PwmSWTzCkNHvyBffAacKQSz0BX9Brb3oWpLlmPn8IjtXt8cN9johvgpVArTo2f_CZ07M_xX1La_g&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELMk1_9-zTnKgQ5P73h7c7w&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELUM2lPk9Nd0zvTrRVQE7p4%26google_cver%3D1

Request Chain 352

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2Mzg0NDI4NDM0MDM1NjU4NA%3D%3D

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0

Request Chain 354

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

Request Chain 366

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1

Request Chain 367

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEyODM0NDA4OTk1NzIwODg%3D

Request Chain 368

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0

Request Chain 369

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

Request Chain 381

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 384

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENXXThtgCHZxRRrEthFKRtU&google_cver=1&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0zhSBnlBJRy9iJd3_z2-ZMAj89 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPU1dKOTMtMUotNDNFTA==&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0zhSBnlBJRy9iJd3_z2-ZMAj89

Request Chain 385

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPt_eux5QkIkUDBTF9WAeeo&google_cver=1&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPt_eux5QkIkUDBTF9WAeeo&google_cver=1&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz&google_hm=ICJFrGZHQTL1knQ8TWOVFTGa

Request Chain 386

https://ads.yieldmo.com/exptsync?google_gid=CAESEGzU4pN91il4LcTvz7sA_zI&google_cver=1&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox&google_hm=VkVTekFpaXR0VWlJRXVXQzJHYXc=

Request Chain 387

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGV25VEv0vcBMTYv21BP6ts&google_cver=1&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_oRydtPLxeK6cpu7RQYAEm9QqxJOY0ydyjEje HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_oRydtPLxeK6cpu7RQYAEm9QqxJOY0ydyjEje

Request Chain 392

https://fw.adsafeprotected.com/rfw/st/1350098/69352126/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_placementId=20884453817&bidurl=https://yahoo.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy4wDc-rAdWv5MbjC6rjak&adContainerId=brand_safety_MEeuZdzwEufJ9u8PibmomAc&cbFunctionName=goog_wrapCb_MEeuZdzwEufJ9u8PibmomAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fyahoo.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fyahoo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:16d913df-3ecb-9d68-3b57-e5a2c2e20024,c:21ExGa,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-84r8t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u25tKlZ+11%7C12%7C13%7C141%7C1421%7C1422%7C143%7C15%7C16%7C171%7C172%7C173%7C1741%7C181%7C182%7C183%7C1841%7C19%7C1a1%7C1a2%7C1a3%7C1b*.1350098-69352126%7C1b1%7C1b2%7C1b3,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:24,oid:4d2373a1-b913-11ee-8c94-5ade614991ad,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

397 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
yahoo.com/
Redirect Chain

http://www1-notifbestads.azurewebsites.net/
https://www1-notifbestads.azurewebsites.net/
https://yahoo.com/?

1 MB
239 KB

489ms
165ms

Document
text/html

2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

b8393bfbed51a060bea18b4d709e5b514b523f73f1cef6112ecface402558d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76
cache-control: no-store, no-cache, max-age=0, private
content-encoding: gzip
content-length: 243933
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 10:43:24 GMT
expires: -1
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-cf-id: Rdg4b0QUrh4rQx0RnfYfpNliYJ2PpprGteKbntqL3RGaXjPB25VVvA==
x-amz-cf-pop: SEA73-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 142
content-type: text/html
date: Mon, 22 Jan 2024 10:44:38 GMT
location: https://yahoo.com/?

GET
H2 200 YahooSans-VF-Web.woff2
s.yimg.com/cv/apiv2/ngy-fonts/ 64 KB
64 KB 48ms
14ms Font
font/woff2 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/ngy-fonts/YahooSans-VF-Web.woff2

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Origin: https://yahoo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 01 Jan 2024 16:52:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9XZMTX7ZJMQZ5B5C
age: 1792307
x-amz-server-side-encryption: AES256
content-length: 65176
x-amz-id-2: l1+hI3XE+b/cVQY42lRPUrPqG9L9txHyCtuEeABlznsoBQ7Db+I5V79vOAT51x7nSukJJuy5JZY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 20:20:29 GMT
server: ATS
etag: "b4df4fce99e5a3c3d1493112a0159071"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 cmp.js Show response
s.yimg.com/aaq/cmp/version/6.4.0/ 181 KB
35 KB 84ms
48ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/cmp/version/6.4.0/cmp.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

79de39502b10f052460efec133b798596c4ea73661805e0baa3f3f6fe7ee480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 09:43:10 GMT
x-amz-version-id: 0NB5wIePnD6VDNLrorup848w_F2MnmT3
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: RG90G00EP3RJAQ58
age: 176490
x-amz-server-side-encryption: AES256
content-length: 34928
x-amz-id-2: fCLoXvOUlgTzKIB50rQM/MRqZWZ0acHN97LricnklUjA5ZJRtrXMLVfVk+TrHebXkyyK1/oGWDA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Sep 2023 17:41:16 GMT
server: ATS
etag: "35600da82cda4dc8a32e3f3e3d3040f0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 consent.js Show response
s.yimg.com/oa/ 83 KB
24 KB 138ms
102ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/oa/consent.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c8de53891633ecc5cb4cb6615e90af1358e813aded05d534a5e6060476df3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 10:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: GDY21YBPYSMVKY7K
age: 121
x-amz-server-side-encryption: AES256
content-length: 24639
x-amz-id-2: rJLeyPfgPTPGiVIlKPAvB+7tNK0OTbopEbrfgYv59aADe6PjyDuTG7Dt49jabhSW+eaLNOUUTL0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Jan 2024 12:45:51 GMT
server: ATS
etag: "8b3e7199261258640a1ef846d809c8fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes

GET
H2 200 tdv2-wafer-utils.customErrorHandler.bcda778b736c3a054af62f437b536e78.js Show response
s.yimg.com/aaq/fp/js/ 4 KB
2 KB 129ms
95ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/tdv2-wafer-utils.customErrorHandler.bcda778b736c3a054af62f437b536e78.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

892e2f5e07fef6de0428e4dcb284201b3d110c0a6f2d8ef899cd2cd2c61eb546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 10:19:50 GMT
x-amz-version-id: 4nvcVa.IxmhX7xaj3DD1aoyDc2oHnofW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0WNZNJBJCE52MCCW
age: 260690
x-amz-server-side-encryption: AES256
content-length: 1884
x-amz-id-2: Qv0U3mFW7A+u1jD6kC8Ksa2J9WhHtuPtEhrjXpfkXVf6CLVFcQhnuEuBX+cFSw2tsUogFHyEKqo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Nov 2023 02:30:41 GMT
server: ATS
etag: "bcda778b736c3a054af62f437b536e78-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 fpDesktop.907c8bf6c67491b309a489c75f65f939.js Show response
s.yimg.com/aaq/scp/js/ 17 KB
7 KB 121ms
87ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/scp/js/fpDesktop.907c8bf6c67491b309a489c75f65f939.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

755c6cd5b0f614ffa0906ca3ab469adb6e9f036c9a7e6e5d1471c2c943ca64eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 11:00:48 GMT
x-amz-version-id: kqQNNuDBa1XU2.LreescnfUlTiwBZj0u
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4JQ14BP919GR0DE4
age: 258232
x-amz-server-side-encryption: AES256
content-length: 6439
x-amz-id-2: Xi2b/DjMWK1fixJCxM12MbHpsg4iM9mNpaFt2rIHFcJbQqzwvAPFe4ofrdM8UbyvgPKZRyd6rL4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 19:44:04 GMT
server: ATS
etag: "907c8bf6c67491b309a489c75f65f939-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 benji-1.0.131.js Show response
s.yimg.com/aaq/benji/ 45 KB
15 KB 134ms
100ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/benji/benji-1.0.131.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

543abf25cf873829e6035fe50d2c251fc1f33e550cb0e85fc51a1fb19bf28235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 14:51:03 GMT
x-amz-version-id: xIeLET12O0pxWp7W2kKbgfWP0qA7SdNv
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AGZW5BZEJPZRVXQ4
age: 71617
x-amz-server-side-encryption: AES256
content-length: 15284
x-amz-id-2: CED4E1el90XlvR1iUoARBXmCwo7WP0Uxl0Pr/gBskO7y5QpyaSarYXC6nVNIPwgtCNgRQsm2P5g=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 21:24:40 GMT
server: ATS
etag: "e16322cc098a2227314721c3cfad388d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-caas-1.35.4-modern.js Show response
s.yimg.com/aaq/wf/ 27 KB
9 KB 112ms
79ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-caas-1.35.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fd9675d041aa9e86d2435708a030c1d0d96e1074b5d7b584a82684348b2ad592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 19:56:11 GMT
x-amz-version-id: zA3zLb2bn.Pa69oXiA5lh1jLuGQ1SxJA
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: P5AC2250WKMJA6XF
age: 53309
x-amz-server-side-encryption: AES256
content-length: 8537
x-amz-id-2: oUxUKWY3LeMn8oOGJz4ZDomVVwi2OYnpo8OzF1XMLZpJTolzuwDsfnkClrwhTt7LHzPFnYaKCIo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Nov 2023 06:52:40 GMT
server: ATS
etag: "f9c3fd700f5c2dbb03768bf662c39211-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-toggle-1.15.4-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 114ms
81ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-toggle-1.15.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 04:30:04 GMT
x-amz-version-id: HE26GDjTNsmXBUPJeKnrarkIBLKe8tee
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EZCBCQKV1VZNJS93
age: 22476
x-amz-server-side-encryption: AES256
content-length: 3937
x-amz-id-2: Y7WJmuRjCeX+fsVlEWKQwepdpVbypCPbNO+wUnFx6nGnKl/ynOmYUoG0lzWcxSVWkQMT8AUFdihZ6SUpXT2jcqrmtAKyZpJ8EIiSGhigDo4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Apr 2022 09:12:23 GMT
server: ATS
etag: "9ec69a2055c595f415eade096a476b0d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js Show response
s.yimg.com/aaq/fp/js/ 2 KB
940 B 124ms
91ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 22:11:27 GMT
x-amz-version-id: ktIqZY5t35wTM4d07XFqB.S0kDb7QpBg
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DAWWSSTN4ZVPFQXR
age: 131593
x-amz-server-side-encryption: AES256
content-length: 671
x-amz-id-2: 19lR2Wd3+AoCAUK6LCJ9FUB0f5x8UW3hnXQ9nrl0cG+ryid/WL1dkSeKeTgaNmWvVd5PVm0sS6Y=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Aug 2022 04:32:27 GMT
server: ATS
etag: "12732500bc8e47693f0d777bbe88001c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-video-2.22.15-modern.js Show response
s.yimg.com/aaq/wf/ 30 KB
9 KB 118ms
85ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-video-2.22.15-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9a7394871abbfc5eaf0a8d34dbd3db6eb06ab1595ca124d31f640a6e9c77a90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 19:51:39 GMT
x-amz-version-id: i2Xvn4CPausMO.IP89xsYvIHYgOU2NnO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: CQEPGEXRPXYM7ZD5
age: 53581
x-amz-server-side-encryption: AES256
content-length: 9417
x-amz-id-2: wGykTJXqSD4KoBus3JJsWc0heS+CD9q8T6kxWHyjXhZ0qpwu/Nnt7/EHA8howC7ntSM9Ery1mg4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 18:04:39 GMT
server: ATS
etag: "698c2e383831b3e3fda6895026d87c5a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-text-1.2.0-modern.js Show response
s.yimg.com/aaq/wf/ 3 KB
1 KB 138ms
105ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-text-1.2.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ca9998a600267dc2431abc077f8cf7a5476a46ee1e82d0c6f12bb17e512c3fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 15:10:22 GMT
x-amz-version-id: 8acCB8Oldv6HTX7VU3iQtZux9BoZJqhX
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EARGARHC34YGQ9JT
age: 243258
x-amz-server-side-encryption: AES256
content-length: 1245
x-amz-id-2: 6nzLLzT3pHPGs6SfRfFu+5VuQSgF+AyOSfa9+EL4HzLLgRZRCOdDH194ZUQ83V6o7/hCEWlTh78=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Aug 2021 06:24:25 GMT
server: ATS
etag: "956dabf4d28930bc42d934995b814d6d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-bind-1.1.3-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 129ms
96ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-bind-1.1.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c6d2343a147111e4f3881e468facc72da4582c6aaeff475d3371df3fa2576bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 03:18:03 GMT
x-amz-version-id: Qyt1s0oNtpHMZryrsEe7nbfplEXvu_oO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DEGGD8RRMNRB3BG3
age: 199597
x-amz-server-side-encryption: AES256
content-length: 1343
x-amz-id-2: GXRzSbex4j3yOrRPOyx21vbOz9Q+LwvBKF0oSsjECbNhQuzvC11nuB9MSnAfFeiBoWqur+0xNII=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jan 2022 10:14:03 GMT
server: ATS
etag: "9fba2531ffa6cb0b4d3d34c56c295495-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-image-1.4.0-modern.js Show response
s.yimg.com/aaq/wf/ 6 KB
3 KB 141ms
108ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-image-1.4.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 18:19:44 GMT
x-amz-version-id: kGIIRCHIdgWfcr_wSmm8v8C_z6K3HVA8
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SGAH4MP2AKSKJVGD
age: 59097
x-amz-server-side-encryption: AES256
content-length: 2573
x-amz-id-2: gCynFBZwEu8TltY1PW8LqmkIDQT4CXo6l10OOwsFY69rJV5Zu3VPcPB3D/jX/Bq44Ga41F+giI0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 16:44:15 GMT
server: ATS
etag: "2e3968239b770b8186bb480d513311cd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-rapid-1.10.8-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 125ms
93ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-rapid-1.10.8-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ee6ac88fcdda8e39410e1e291495b9f5adeb2ec3e95069fb4d50964093de53a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 19:53:33 GMT
x-amz-version-id: Q69wD21Xmgx79j1lWnoee6Lougj4LC2V
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: GVWHGFV7MTV7XBAK
age: 53467
x-amz-server-side-encryption: AES256
content-length: 4030
x-amz-id-2: W4SM9AEMLuveEQ6cXx0IcZ0zBPPD1A01a37D/yJsTjUgIoj+xWtMDnFQF9y+tjy9IAKUdkoAQBY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Nov 2023 07:51:34 GMT
server: ATS
etag: "ea64a20375abf74f7191d89062a7d4f4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-fetch-1.19.1-modern.js Show response
s.yimg.com/aaq/wf/ 16 KB
6 KB 130ms
98ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-fetch-1.19.1-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f2c2013a67c8dd205e93ef40cf60da7b3bb48a075e7b649fde2b2f646b15896f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 09:45:19 GMT
x-amz-version-id: XcyEKreDz4JYLdlgGq65LAHV5Dsub3V6
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 31VSGHZVZNFKB1KQ
age: 3561
x-amz-server-side-encryption: AES256
content-length: 5500
x-amz-id-2: nNnaTsjUBjv2BMmp63sWGVIYwoQNXahErgipGlHptD7s7HflSrOlTdWu4QkdVAxVT8krTeTvCj8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Oct 2023 09:18:13 GMT
server: ATS
etag: "f085d6c42acb1394e457e463230de8ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-benji-1.1.3-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 121ms
89ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-benji-1.1.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5df38664779ae737ba7e379597410ae785f40b41914f8e912b48e76259b88935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 20:43:03 GMT
x-amz-version-id: D6_gE0hdDgWzE0zXZDBC61nGy_dZFLNd
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: J8GAYGJFR7QE8DVK
age: 136897
x-amz-server-side-encryption: AES256
content-length: 2828
x-amz-id-2: yGH831ZDIgD1edL0nCLPBhOr9fKmkMFA5U78ZHWKNaMIVnDcyeAbgrRj4X3JtVXCNcSWZU1GYOw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 23:22:13 GMT
server: ATS
etag: "66dd7e9082b2f37836df08d0c25d4947-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-beacon-1.3.4-modern.js Show response
s.yimg.com/aaq/wf/ 10 KB
3 KB 115ms
83ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-beacon-1.3.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 07:47:09 GMT
x-amz-version-id: tENZ6Ri2vrrjg96D4AX.qx653XeJQH2M
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: Q1GE4JT40X4D7NZZ
age: 97051
x-amz-server-side-encryption: AES256
content-length: 3304
x-amz-id-2: IAPS+/5vtiDsutgfGZKoEePkrMszlRhR4nQR0xMQFvUlfnxxaTxApzYtwYe5CmIhJmq5g1BPIQA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Feb 2023 05:31:36 GMT
server: ATS
etag: "397b59e3eeca4f747ea1f6ff6323154c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-countdown-1.2.5-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 138ms
107ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-countdown-1.2.5-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 11:00:48 GMT
x-amz-version-id: CQ1lP8549yVnp28g4QLu9GcN8rB3ImgO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4JQCGEMH4GAGS70Q
age: 258232
x-amz-server-side-encryption: AES256
content-length: 1815
x-amz-id-2: HXhhHqJzSA4ID0t/btRseAWdKHI2Ez3MgCLGbOuOYCvdy3pbNcLRphY1HA4bpdcqu72LwAfkrkm8VRRLOXL3ZSLCC8p+O1ARA57wIoh8eH8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Sep 2020 18:50:05 GMT
server: ATS
etag: "681d57e9e7cbef5de44544c13f8ca62e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 wf-lightbox-1.10.6-modern.js Show response
s.yimg.com/aaq/wf/ 14 KB
5 KB 155ms
124ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-lightbox-1.10.6-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 05:29:24 GMT
x-amz-version-id: K.68hs0p5c2EOJjfXuKP9dx0XBa4hSTK
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: M1XPC153GVN40CD9
age: 191716
x-amz-server-side-encryption: AES256
content-length: 4499
x-amz-id-2: mnQsY+6Zq4houGzSNI34ypxmJqsjysFrRmtQuCPWU2AJqrCajJ8PYxd8gy02ohuNv6KSbisLd8QYVSc4Yt+BrqZ8EnUH09oH
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 01:43:59 GMT
server: ATS
etag: "69831b2f7b26bc6dd6321c8dcde85968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-scrollview-2.22.2-modern.js Show response
s.yimg.com/aaq/wf/ 34 KB
10 KB 157ms
126ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-scrollview-2.22.2-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a50cd765dc960512d033632139cd57336ac7e8db767ff7eec30c5355c75dc68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 22 Jan 2024 10:33:08 GMT
x-amz-version-id: m9PASXvvA3rS5amqnDs07ZXOsIzuq8R4
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 042P5Q521D70KKQX
age: 692
x-amz-server-side-encryption: AES256
content-length: 9597
x-amz-id-2: ORauEFKZKf7MCfiefmZoENQ2SvmV0mI2OBlwq+rAqFMhgbDETJhbog8M+7C0qA0ogFJBCwbGCLI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Jan 2024 01:37:50 GMT
server: ATS
etag: "84439433192fea5b2c6de991dbb908b0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-action-1.8.1-modern.js Show response
s.yimg.com/aaq/wf/ 13 KB
5 KB 159ms
128ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-action-1.8.1-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f271bf73d0eefe04f56cb6390e07d7d2a4794787283d65221397b258cef040df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 06:46:55 GMT
x-amz-version-id: wiQ3AdVTneuswkykDVtSm3aaY9QhtZW9
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZX3ZTWH237BQ7J1X
age: 273465
x-amz-server-side-encryption: AES256
content-length: 4796
x-amz-id-2: xEzbTlAS0r4qS4O6y3OWV5nAp/6EnUBwt1t7nFUO3+cMFXFE1Ks+l1RYH/mXdyL0/2Jw5D2OnHM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2023 17:55:26 GMT
server: ATS
etag: "4443a60b3d3645610c9e65b7cc9f15bb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-template-1.4.3-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 143ms
112ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-template-1.4.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

79d954b80c39513a18ee1e0143d931ba9222b4c4794438f7bad23f9e0380cdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 02:20:40 GMT
x-amz-version-id: h9L3Y9Rw_EkQ1yH8NskMO9BjqcI4jexa
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MPG9QG7E5PD6WGJT
age: 203040
x-amz-server-side-encryption: AES256
content-length: 2562
x-amz-id-2: kHZKJmHfRke4Dw5rxEvUvvZFoBcPx4udkNggOINp7IV6jmB901JXJaOmpyaNnez59xYU8ZvcXCPEqHitSHiOFJdgPBCXmD5opeFldM+Fi4Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2022 02:22:21 GMT
server: ATS
etag: "85070595d47a7cc86af31833110dc18a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-menu-1.3.0-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 149ms
118ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-menu-1.3.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

33d8bfda78c83de19751ec84e1d7f40dc5d7c81e7fb822069f811a9030d2d459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 23:40:30 GMT
x-amz-version-id: BhLpL.WQZsmgJZIKchhrGPJ9SR5h0N22
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 5K5JM79C3J0F16AM
age: 212650
x-amz-server-side-encryption: AES256
content-length: 2802
x-amz-id-2: hWZ9G0PMVKsO54riVZ2f+5A9h7ypG6aJNpVGUdz5ppoBE45+pJ2XjSq1lZJ/MftsH5yEqGil1Qw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Nov 2023 00:39:45 GMT
server: ATS
etag: "76aeb54211fca21ec7f4f9a39b1d88d1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-form-1.34.5-modern.js Show response
s.yimg.com/aaq/wf/ 13 KB
5 KB 145ms
114ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-form-1.34.5-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0291e42c6c243b4177e0331b6e3692a8e03e29a39852790ce81604a998872c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 05:45:02 GMT
x-amz-version-id: DBytk3Q0UWhxEEWk9lh0GV23FbLhPzJr
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XS5XN61B2QJ4FFSQ
age: 17979
x-amz-server-side-encryption: AES256
content-length: 4727
x-amz-id-2: QjmaRnrv47t+gJx5Je3SOOfAXJLe2NF6O7zbGHr8Fz5GS5wjmw3Rt1+PMg5VLh8CJYz7S4ih/gfNhMwbB7aLV4DBd5YceHJAoUAh7FVEf/8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Nov 2023 22:30:39 GMT
server: ATS
etag: "94d07daa349c254b35ffcda6e54cc754-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-clipboard-copy-1.0.2-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 146ms
116ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-clipboard-copy-1.0.2-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f59452bba989e5a78e9492ae296cbf910745529c3294b49a58efa4ec7eba8d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 18 Jan 2024 15:58:54 GMT
x-amz-version-id: s6ZljWUzqa9Ss0D5hEgjXb_jGlec.wYG
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TSZ3HXEHCXERPQBG
age: 326746
x-amz-server-side-encryption: AES256
content-length: 1619
x-amz-id-2: TdM7R4UqlvQj+FN5y086l7Pu5/Rjn5fLUEuq7s6gRnJ0joHvBsTvHJp1pUrubLvW7ln+Qnssw/Y=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 16:40:35 GMT
server: ATS
etag: "9d2a8efbe3fe9705e54df41100ea2dae-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-native-da-1.0.3-modern.js Show response
s.yimg.com/aaq/wf/ 11 KB
4 KB 141ms
110ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-native-da-1.0.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4a49828993f5623cb08e4fdac5b714c4f7edfabee23f4af4a5256817c6bc891f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 00:14:55 GMT
x-amz-version-id: .WtSZPY4TBvcWVtow89uKRis9rZ.xbsA
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FBD6VJ6965KQS9TD
age: 124185
x-amz-server-side-encryption: AES256
content-length: 3704
x-amz-id-2: VpP531+Sw/9ifErvsvA6OCF2XEUzkaVbtXoqCJwAFHGeIXHShIh1xyWibMg+00J9XP7VcupbEOw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 08:24:28 GMT
server: ATS
etag: "1b3cba92fad04fe3b6085f9dd4504f0a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-stream.custom.modern.1ed4fe71b1fc647ddbf37a7050944309.js Show response
s.yimg.com/aaq/fp/js/ 8 KB
3 KB 162ms
132ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-stream.custom.modern.1ed4fe71b1fc647ddbf37a7050944309.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

faf50015de5b96281dcbf145fdf58222efc35c962759a3e915f4e95f510d7b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 10:46:54 GMT
x-amz-version-id: xy7lqotFC.zmCqihzzE4iOckpJX.wEX6
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AZ4RA3T14GAGK715
age: 172667
x-amz-server-side-encryption: AES256
content-length: 2941
x-amz-id-2: wx67f9LsqvcmLJtn4Tud1Wgp0w3xCOC5NaONfDH1ZLbM6cYhui0GuKV4PpT0C+fSDfjW+6QFA20=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Dec 2023 00:17:32 GMT
server: ATS
etag: "1ed4fe71b1fc647ddbf37a7050944309-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 664bf98.caas-news_web.min.js Show response
s.yimg.com/aaq/c/ 116 KB
29 KB 150ms
120ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/664bf98.caas-news_web.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

858c292e1a134a58869f931ba4a0c61e64a65543e3cecb43e114c8aa73e287b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 10:01:54 GMT
x-amz-version-id: QfUbm0FlcWbXKE7ZNIkS8ThcFrCJKWPa
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 2P305RYVKAXEFZG9
age: 261766
x-amz-server-side-encryption: AES256
content-length: 29204
x-amz-id-2: oLKn0H3jgUQL5DR8rafvardy2vwoAeXv4ZChHo2S4QxX25/vehBKAfz1I+xLIQXRvSq5VSgBKXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 Jan 2024 05:17:32 GMT
server: ATS
etag: "2fd49458a76749bc498c19ca12eccddd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 503 KB
503 KB 293ms
293ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderStart&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fs9nySqH&site=fp&t=1705919985364

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: yYNIUu03uYdck_QNQE7iXK_wFsUPa0HC8hKaeQEf6zdYcdljZQ5iIQ==
expires: -1

GET
H/1.1 400
Bad Request consentRecord Show response
guce.yahoo.com/v1/ 64 B
585 B 164ms
34ms XHR
application/json 34.252.254.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/cmp/version/6.4.0/cmp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.254.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-254-34.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

be6b2025e99620fec98afa6dea4dc05421edcc5c2449827f249cdc3165dc4aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 10:44:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: guce
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://yahoo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, User-Agent, X-Forwarded-For, X-Oath-Gcrumb
Content-Length: 82

GET
H2 200 cerebro_min.js Show response
edge-mcdn.secure.yahoo.com/ybar/ 6 KB
6 KB 15ms
14ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:09:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QPV8VJN48QMFTB9Z
age: 12912
x-amz-server-side-encryption: AES256
content-length: 5636
x-amz-id-2: l04f1ZsDgDfgcYDdabPmQeSXW0i1WpEVSXnI5XxEFEqcLJOsAia4vqOeEjWGlMXxe0VPA9oySKY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 May 2022 20:34:05 GMT
server: ATS
etag: "0ccb51bc1dd6980920da39e008a599e0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Regular.woff2
s.yimg.com/os/fontserver/YahooSans/ 28 KB
29 KB 14ms
14ms Font
application/font-woff2 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Regular.woff2

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/
Origin: https://yahoo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 25 Dec 2023 08:57:47 GMT
x-amz-version-id: null
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: H42H5A71ZFVH31VD
age: 2425613
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273943966280
content-length: 28860
x-amz-id-2: W9AzTMP+PXXMqHVwFmEqSve0dn31Y3PGTBZJgh9Ot9EqpytP2XuaaDzkNQ0UW92u3H7MRwKLjJP9j0kZkxIHEw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 16:32:11 GMT
server: ATS
etag: "a99b283070afc519f4816e4300c515d2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public,max-age=536112000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:cd38276d-8695-4172-982e-30a706d38b1000055bc464a77248"
x-amz-meta-x-ysws-access: public
expires: Sat, 12 May 2035 16:32:10 GMT

GET
H2 200 6bb52f30-b8bd-11ee-a8ff-87b6bacd0748.cf.jpg
s.yimg.com/uu/api/res/1.2/HzTtg6vYv1CFjDV7H_htPQ--~B/Zmk9c3RyaW07aD0yNzI7cT05NTt3PTU2MDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 77 KB
78 KB 16ms
16ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/HzTtg6vYv1CFjDV7H_htPQ--~B/Zmk9c3RyaW07aD0yNzI7cT05NTt3PTU2MDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/6bb52f30-b8bd-11ee-a8ff-87b6bacd0748.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

15785ddd0b395428377bf449d16b3e1b02e9c8db7c574dbd7eb6e94ad2c0c654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 34996
cld_latency: 1
edge-cache-tag: 277288019882887498460828062568078487337,475279004647958939364354769181425940513,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: d8bc944b1cbf8b9d804f4c730f1e649c
cld_by: cache-lga21939-LGA
x-served-by: cache-lga21939-LGA
referrer-policy: no-referrer-when-downgrade
x-timer: S1705885283.378872,VS0,VE1
etag: "3e3e6030c246986fde3ab2ad412ba890"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Mon, 22 Jan 2024 01:01:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 277288019882887498460828062568078487337,475279004647958939364354769181425940513,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 79265
x-xss-protection: 1; mode=block
x-request-id: d8bc944b1cbf8b9d804f4c730f1e649c
last-modified: Mon, 22 Jan 2024 00:30:21 GMT
server: ATS
surrogate-reporting: width=560,height=272,bytes=79265,owidth=736,oheight=414,obytes=54839,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e3f20390-b8c9-11ee-b74f-a11fbf9000ea.cf.jpg
s.yimg.com/uu/api/res/1.2/XMrlex9W6IEu0DZOhbkiyw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 14 KB
14 KB 36ms
35ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/XMrlex9W6IEu0DZOhbkiyw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/e3f20390-b8c9-11ee-b74f-a11fbf9000ea.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

496eaa5a206da3bb35e031cd617ece260c6f0376f03547f3b91b778fef50b471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 02:23:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 30060
edge-cache-tag: 322601490885677839954455231476082597507,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 322601490885677839954455231476082597507,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 14098
x-xss-protection: 1; mode=block
x-request-id: a7ec2f6448becd13ed02d77b79987305
x-served-by: cache-iad-kiad7000082-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 01:59:38 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=14098,owidth=3812,oheight=2146,obytes=834870,ef=(1,13,17,23,30)
x-timer: S1705890220.931191,VS0,VE0
etag: "c64d5165146df26cc07848eb00b9c2b6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 2

GET
H2 200 83058f30-b878-11ee-bebd-1908475f3730.cf.jpg
s.yimg.com/uu/api/res/1.2/ZK5TfbUvsAr2zJcPCPGLGw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 10 KB
10 KB 37ms
36ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/ZK5TfbUvsAr2zJcPCPGLGw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/83058f30-b878-11ee-bebd-1908475f3730.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

407939ae02e3e976ca5f753751636c6de4c31c31e72709ce5f8c84ab96bc8b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 64928
cld_latency: 3
edge-cache-tag: 225869383993246905703485075776018651812,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: f33dc49b4216f2e068b58c6d82068f3f
cld_by: cache-iad-kjyo7100133-IAD
x-served-by: cache-iad-kjyo7100133-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705855354.000312,VS0,VE3
etag: "568dd56c38037a433382d2235821aff0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sun, 21 Jan 2024 16:42:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 225869383993246905703485075776018651812,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 10033
x-xss-protection: 1; mode=block
x-request-id: f33dc49b4216f2e068b58c6d82068f3f
last-modified: Sun, 21 Jan 2024 16:17:05 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=10033,owidth=1476,oheight=829,obytes=82481,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9c86cdc0-b887-11ee-b7af-8ee3a7cad3f3.cf.jpg
s.yimg.com/uu/api/res/1.2/ubc9.YmS6CpN2mlIJvRwrg--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 22 KB
22 KB 37ms
36ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/ubc9.YmS6CpN2mlIJvRwrg--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/9c86cdc0-b887-11ee-b7af-8ee3a7cad3f3.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

29c10793fc1cd420fa267039deea09a9f6fe4ebbd05999e01b768ac24ebd4201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 59014
cld_latency: 1
edge-cache-tag: 261286809456871268703025314187416772096,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 95f5d096b2766ad98d675aaf290df174
cld_by: cache-iad-kiad7000047-IAD
x-served-by: cache-iad-kiad7000047-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705861265.462438,VS0,VE1
etag: "5b7cd34e4dad8cd5e8c4f037d4651ea0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sun, 21 Jan 2024 18:21:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 261286809456871268703025314187416772096,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 22285
x-xss-protection: 1; mode=block
x-request-id: 95f5d096b2766ad98d675aaf290df174
last-modified: Sun, 21 Jan 2024 18:05:13 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=22285,owidth=5278,oheight=2972,obytes=2416560,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 afd0b9b0-b88f-11ee-b5bd-75db3c088081.cf.jpg
s.yimg.com/uu/api/res/1.2/hKPI_Duh1d8DZdUIflXOnQ--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 10 KB
10 KB 37ms
37ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/hKPI_Duh1d8DZdUIflXOnQ--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/afd0b9b0-b88f-11ee-b5bd-75db3c088081.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

60601e6aaecddd3a0b7ff82b5254e17e69558f191ca400133226c0aa54949eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 19:54:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 53434
edge-cache-tag: 372422626972535898861499667623278431945,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 372422626972535898861499667623278431945,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sat, 20 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 10067
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000129-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 19:54:04 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=10067,owidth=1778,oheight=1000,obytes=114692,ef=(1,13,17,23,30)
x-timer: S1705866845.198131,VS0,VE1
etag: "e52cb7008fa9f57f069f71047b2eb22e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 cb47b4f0-b876-11ee-bfaf-f6eebaef25da.cf.jpg
s.yimg.com/uu/api/res/1.2/HzqF2lqhgr8PGL2MFblOOw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 19 KB
19 KB 38ms
37ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/HzqF2lqhgr8PGL2MFblOOw--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/cb47b4f0-b876-11ee-bfaf-f6eebaef25da.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

441bc6cd512e8d78b539f5403e954148a63f112a77ee1b6d91f2395c433531a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 65277
cld_latency: 1
edge-cache-tag: 311820851764503654291010183975898267337,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: ae7cd0c82311bd2d6da5ca86809713d8
cld_by: cache-iad-kjyo7100020-IAD
x-served-by: cache-iad-kjyo7100020-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705855002.159973,VS0,VE1
etag: "73e8f982454b07d4291e97a2eb5da13c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sun, 21 Jan 2024 16:36:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 311820851764503654291010183975898267337,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 19337
x-xss-protection: 1; mode=block
x-request-id: ae7cd0c82311bd2d6da5ca86809713d8
last-modified: Sun, 21 Jan 2024 16:04:52 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=19337,owidth=5000,oheight=2814,obytes=2272524,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ef5887cfbf3b5c8d9eb65d2e9046f23e.cf.jpg
s.yimg.com/uu/api/res/1.2/QFdPUFhvmV4u7kL0ngjJLw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cbs_news_897/ 15 KB
15 KB 36ms
35ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/QFdPUFhvmV4u7kL0ngjJLw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cbs_news_897/ef5887cfbf3b5c8d9eb65d2e9046f23e.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a69d91374206b6fc983baf901b64224550fa1356a60e07908d7bde71bb3f44f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 08:29:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 8131
edge-cache-tag: 221151356522469087873832114091920902507,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 221151356522469087873832114091920902507,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 15263
x-xss-protection: 1; mode=block
x-request-id: ee997cad9b8b0096f1513e87b7d06d2a
x-served-by: cache-iad-kjyo7100140-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 08:04:00 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=15263,owidth=1251,oheight=703,obytes=42920,ef=(1,13,17,23,30)
x-timer: S1705912148.148139,VS0,VE1
etag: "e98d7d1b490f99ec9e5cc0a576477460"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 aecca5cbdfbbcd2a7a5ac3eef0f5bd1f.cf.jpg
s.yimg.com/uu/api/res/1.2/GgzDuU9.Xi4bNijTvA1vrg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/ 19 KB
19 KB 36ms
36ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/GgzDuU9.Xi4bNijTvA1vrg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/aecca5cbdfbbcd2a7a5ac3eef0f5bd1f.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d2b1cbcd9d354af86e2881031abe0a44ce211a4748b2fe4059e0d4d0d51e4515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 09:10:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 5666
cld_latency: 1
edge-cache-tag: 211083639424213039340696741258488219859,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 211083639424213039340696741258488219859,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sun, 21 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 19114
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100118-IAD
x-served-by: cache-iad-kjyo7100118-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 09:05:00 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=19114,owidth=1200,oheight=600,obytes=79454,ef=(1,13,17,23,30)
x-timer: S1705914614.848265,VS0,VE1
etag: "c23b423cac4d8f4f72bcaba539eade25"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 46c46a3d81c6dcdd1a8065db058f8a85.cf.jpg
s.yimg.com/uu/api/res/1.2/n2jAeN4pbU3GmDIRQI9huw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/ 17 KB
17 KB 37ms
36ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/n2jAeN4pbU3GmDIRQI9huw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/46c46a3d81c6dcdd1a8065db058f8a85.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a07f1a26adf7b9f9acbff7921d52a7d0bbb9674ac8f0090bae8f69bce6e488e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 09:11:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 5604
edge-cache-tag: 227590349578480226875281188175801307132,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 227590349578480226875281188175801307132,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 17282
x-xss-protection: 1; mode=block
x-request-id: 568798682f33a23563bb1493594e979d
x-served-by: cache-iad-kjyo7100162-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 09:10:34 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=17282,owidth=1200,oheight=599,obytes=68985,ef=(1,13,17,23,30)
x-timer: S1705914676.501053,VS0,VE5
etag: "393e2a217eaa350becfb808566ecaa4d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 a2d46075f9c8622abdfa39ce7b6309a7.cf.jpg
s.yimg.com/uu/api/res/1.2/GYgXBKGCVbmiy8d924HZyA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/insider_articles_922/ 46 KB
46 KB 37ms
37ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/GYgXBKGCVbmiy8d924HZyA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/insider_articles_922/a2d46075f9c8622abdfa39ce7b6309a7.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5dd56e4378b56656cadc4827e98e63c32c793448c35b59274e2d7b5285b6b6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1
age: 3997
cld_latency: 2
edge-cache-tag: 223022627221370754043288233244203527953,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 856c8367e756a8621f1b76ac036530c4
cld_by: cache-iad-kjyo7100056-IAD
x-served-by: cache-iad-kjyo7100056-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705916283.677747,VS0,VE2
etag: "f7b5e9f2214d60dc44a7c9e8ec79ce91"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Mon, 22 Jan 2024 09:38:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 223022627221370754043288233244203527953,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 46898
x-xss-protection: 1; mode=block
x-request-id: 856c8367e756a8621f1b76ac036530c4
last-modified: Sun, 21 Jan 2024 13:16:35 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=46898,owidth=1837,oheight=1378,obytes=352140,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rapid-3.53.38.js Show response
s.yimg.com/ss/ 50 KB
18 KB 34ms
34ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ss/rapid-3.53.38.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 20:41:18 GMT
x-amz-version-id: KmTm9VD7TIhhmyhjuol1GLEcLGSKZuTd
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4APZYWM4GN3KD2VR
age: 50603
x-amz-server-side-encryption: AES256
content-length: 18290
x-amz-id-2: OY+PSma1Y80dizuvY7EhWgB3SfhMbunLmSRXgdi9NiJhi26l0PukqMulIV2h3P2lcfrb+apxexQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 May 2022 17:12:37 GMT
server: ATS
etag: "b3e320952536a9e017d8fde91f2c4968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 535 KB
535 KB 172ms
171ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderStart&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fs9nySqH&site=fp&t=1705919985364

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: GTckpTGBUWCkdJfWkMmftXvVoMCMsVPvQxs5mE9hx4TF-CKPLUBb5Q==
expires: -1

GET
H2 200 yaft-0.3.28.min.js Show response
s.yimg.com/os/yaft/ 17 KB
6 KB 39ms
37ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yaft/yaft-0.3.28.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 21 Jan 2024 20:41:25 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ESPBQZPE6DCQRNBC
age: 50595
x-amz-server-side-encryption: AES256
content-length: 5786
x-amz-id-2: SOmyV4AvIw5lsMEyOu4WlEX6S3lBJDmoBgWWHxVzvbHd5JH3TeXYblp4fDjcgX+XbG5oKhAHuZ8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Sep 2019 04:05:39 GMT
server: ATS
etag: "0731da3e399a4565e47c36702ffa9ba6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 wf-core-1.65.0-modern.js Show response
s.yimg.com/aaq/wf/ 59 KB
16 KB 37ms
35ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b3f5f787daf156fa19c2916470f4ea8bdbf9e5828b3990c33c04810fa74ed084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 18:18:57 GMT
x-amz-version-id: 20SJDrjaD349v_TEBoaGm7JknCokjFV_
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SK69DCSVN66GZNZ5
age: 59143
x-amz-server-side-encryption: AES256
content-length: 16109
x-amz-id-2: Xg0DizRYjFp+EbOakenmhygCAR1RnbTi7mWfy7FqnT4bauDJHkyVjlOB1wJSXuIdkUb+dKWKlrcUvDNGEj1KAk/nsHihkP8y
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 18:45:04 GMT
server: ATS
etag: "ef13714e251549821d2930d0d99d6b70-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sh-5.17.22.js Show response
s.yimg.com/aaq/notifications/js/ 23 KB
7 KB 39ms
38ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/notifications/js/sh-5.17.22.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

671672d5fb51ada783e99b16b5b961f30ca3bd1b7e4d0ec1723c7a680b0d6394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 05:15:11 GMT
x-amz-version-id: z7DM9UzujGJgb9sjP6qPJCWgNM7tjNra
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: J6H28XHTX3KT02PJ
age: 19770
x-amz-server-side-encryption: AES256
content-length: 7247
x-amz-id-2: NHKsqxdN2Kq0E9u6U27DwaCR4RdKnBeCh1nVSAiBCZqkCL3rSjgg+xiZNONOb4c8iTM7jYsOVbCS9Ef0YyJX+uC6Mx2sCVMSC5dvZ1Yy4ws=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Apr 2023 17:42:09 GMT
server: ATS
etag: "b6a0718189771e63d6886f3189569ad4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 homepage-pwa-defer-1.1.6.js Show response
s.yimg.com/aaq/hc/ 66 KB
18 KB 39ms
38ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

cbeee7da6cc21d0d3394c55fab07c9005d10405a505117cb41c2a1b013773b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 17:51:54 GMT
x-amz-version-id: 62z3e394BVX5YApOMJTuFHiUFyy3mHgC
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6WRN0G2NFDSANSAB
age: 60766
x-amz-server-side-encryption: AES256
content-length: 18232
x-amz-id-2: x2I2PojBZrLmHeVcDQrZvJ2+zM++n79HYCKvG84Qc+GSjlZM8FoQmUEnlTAUQ8neZIr7KxyDcsQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 May 2023 21:04:06 GMT
server: ATS
etag: "6ea12fccbed15820786c87f0b9b67d61-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 safe.min.js Show response
s.yimg.com/uc/sf/0.1.360/js/ 70 KB
26 KB 37ms
36ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/sf/0.1.360/js/safe.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

2ca181f5f8781eaca01c4e8a41d1334700378302662f1bd7fe31ef9ee4c1bfde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 00:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1WRZ5GT49J85VJ2S
age: 124668
x-amz-server-side-encryption: AES256
content-length: 25865
x-amz-id-2: 5BONrlpIwK3ABebGRwyigEZ4uoPelz8rZ3yVxa4eVHEmbLL2Katusc3wUGVoBmQpD4MpKoyvKkA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 17:34:40 GMT
server: ATS
etag: "ca6c03a0104a0556de35624aa3065b70-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 advertisement_0.0.19.js Show response
s.yimg.com/nn/lib/metro/g/myy/ 158 B
445 B 38ms
37ms Script
application/x-javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/nn/lib/metro/g/myy/advertisement_0.0.19.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 13 Jan 2024 23:37:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 47XQVXZ21MX3MHZ7
age: 0
x-amz-server-side-encryption: AES256
content-length: 158
x-amz-id-2: a44QwPYvee0SCvB7L7lldVKzblMBmb1S0qvQ/uGuBwI7ameFQ5IlgqFrvw8175zSCElYDlE7JVM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 May 2020 03:33:21 GMT
server: ATS
etag: "ca243b22264dca7a4a899c51cc2dc963"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/x-javascript
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 64 KB
64 KB 172ms
172ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderEnd&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fs9nySqH&site=fp&t=1705919985367

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: CFWC36OlJKNJaGtloRUUVczuw-y5ODF3eMgGsQka1IiZCG8AvRDBgQ==
expires: -1

GET
H2 200 6ee52c374fc3b562982cb2b2559e03c3.cf.jpg
s.yimg.com/uu/api/res/1.2/5a7IED9H2u2U6QP9mH5smw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/theblast_73/ 25 KB
26 KB 38ms
35ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/5a7IED9H2u2U6QP9mH5smw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/theblast_73/6ee52c374fc3b562982cb2b2559e03c3.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

2a9ec51da93abd8d56eb8425690401c3442f6def54547704d835b61c74c9a9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 146539
cld_latency: 3
edge-cache-tag: 336644826504163823919785399259738159384,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: b7e77b37dee1167efec4d7b3d6bc333a
cld_by: cache-iad-kjyo7100109-IAD
x-served-by: cache-iad-kjyo7100109-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705773740.296402,VS0,VE3
etag: "18a1943fcd05ca4df28d48041966d38d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sat, 20 Jan 2024 18:02:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 336644826504163823919785399259738159384,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 25827
x-xss-protection: 1; mode=block
x-request-id: b7e77b37dee1167efec4d7b3d6bc333a
last-modified: Sat, 20 Jan 2024 18:01:37 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=25827,owidth=1728,oheight=800,obytes=141912,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 228115807248d93425649f91ee7daaf5.cf.jpg
s.yimg.com/uu/api/res/1.2/dVSi5EAAQbtJtnZEsGttzQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_cool_down_737/ 28 KB
28 KB 39ms
37ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/dVSi5EAAQbtJtnZEsGttzQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_cool_down_737/228115807248d93425649f91ee7daaf5.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3391f7d62f99d6e6a76071ae7c60f93fa463a0f0b75ce5e6bc9485d041ffe893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 1764
cld_latency: 1
edge-cache-tag: 264848198603745335250310664458778930059,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 793cc6ab7cc8ae8bd4be02f3f68e0a25
cld_by: cache-iad-kjyo7100118-IAD
x-served-by: cache-iad-kjyo7100118-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705918516.841704,VS0,VE1
etag: "d7da4d98df899b857bee9df08f568739"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Mon, 22 Jan 2024 10:15:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 264848198603745335250310664458778930059,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 28627
x-xss-protection: 1; mode=block
x-request-id: 793cc6ab7cc8ae8bd4be02f3f68e0a25
last-modified: Mon, 22 Jan 2024 10:07:24 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=28627,owidth=1920,oheight=1284,obytes=459219,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c92131d3ee429f0e886b2932c33f6e3d.cf.jpg
s.yimg.com/uu/api/res/1.2/LZkAzdJPtORlf3P4qQX1vA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/minnesota_vikings_wire_usa_today_sports_articles_625/ 26 KB
26 KB 40ms
38ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/LZkAzdJPtORlf3P4qQX1vA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/minnesota_vikings_wire_usa_today_sports_articles_625/c92131d3ee429f0e886b2932c33f6e3d.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

769256fd793fc46dea18a695a94b7cc860cc9165aafc6d9934bbab706c84b42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 02:37:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 29247
cld_latency: 1
edge-cache-tag: 473345525842988189547090763984725229105,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 473345525842988189547090763984725229105,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sun, 21 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 26127
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100031-IAD
x-served-by: cache-iad-kjyo7100031-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 02:26:56 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=26127,owidth=2560,oheight=1707,obytes=417679,ef=(1,13,17,23,30)
x-timer: S1705891033.723378,VS0,VE1
etag: "1a023275532cc77238ce3a0e8fde1055"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 174103ebba7cb76518a26c458ae6d421.cf.jpg
s.yimg.com/uu/api/res/1.2/9phnWDOZdfS_8qfEvnTGPA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_hill_articles_341/ 21 KB
22 KB 41ms
38ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/9phnWDOZdfS_8qfEvnTGPA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_hill_articles_341/174103ebba7cb76518a26c458ae6d421.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3f085032bfe9d6e8f7ddf6abc608017f49b1890b1ac279bc986e5f5cc8e3c16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 19:45:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 140344
edge-cache-tag: 349941160943463743490037868680664454921,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 349941160943463743490037868680664454921,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, MISS
expiration: expiry-date="Fri, 19 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 21777
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100096-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 20 Jan 2024 19:45:19 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=21777,owidth=900,oheight=505,obytes=53828,ef=(1,13,17,23,30)
x-timer: S1705779937.866446,VS0,VE27
etag: "77439f9fdf2a709682194834b39b31e4"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 ed5184f118e4bdc09b310462f166662a.cf.jpg
s.yimg.com/uu/api/res/1.2/mucogmcTOQJ7Z8PBhPVhqQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/variety.com/ 27 KB
28 KB 41ms
39ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/mucogmcTOQJ7Z8PBhPVhqQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/variety.com/ed5184f118e4bdc09b310462f166662a.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1fdd95500f26d092502b38b1191f9db0a4f5a1df4eb90a84a9aaf469608b6fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 00:27:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 37036
edge-cache-tag: 220083968156047002348448611723071978642,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 220083968156047002348448611723071978642,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 27924
x-xss-protection: 1; mode=block
x-request-id: 4d7d87894f5c00cbbd77e1dc6daca753
x-served-by: cache-lga21939-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 00:18:31 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=27924,owidth=3000,oheight=2000,obytes=1623688,ef=(1,13,17,23,30)
x-timer: S1705883243.314006,VS0,VE9
etag: "0917a5de47bbed6687b274ad44c16dbc"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 bf970574632caf45b5720757820533e7.cf.jpg
s.yimg.com/uu/api/res/1.2/ifnz1dayzrvxrx9qTJQzEA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_articles_875/ 20 KB
21 KB 42ms
40ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/ifnz1dayzrvxrx9qTJQzEA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_articles_875/bf970574632caf45b5720757820533e7.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

cd3e5e150552654ace3650b3c4954ee38485a7ffa6914e2f5a2914675f7a7bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 23:49:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 39307
cld_latency: 1
edge-cache-tag: 268053994123235926584506683135706963417,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 268053994123235926584506683135706963417,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sat, 20 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 20505
x-xss-protection: 1; mode=block
cld_by: cache-iad-kiad7000090-IAD
x-served-by: cache-iad-kiad7000090-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 23:44:47 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=20505,owidth=960,oheight=540,obytes=50901,ef=(1,13,17,23,30)
x-timer: S1705880972.462301,VS0,VE1
etag: "e0417f0dbb8ca054992f3c5f055700b6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 363507a0-63cb-11ee-abef-1e03afcb9a4d.cf.jpg
s.yimg.com/uu/api/res/1.2/WyTjOE9XQgzswyMawEHSMA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2023-10/ 25 KB
26 KB 42ms
40ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/WyTjOE9XQgzswyMawEHSMA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2023-10/363507a0-63cb-11ee-abef-1e03afcb9a4d.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a0fd68a946ed7e1a073576a4ab96d54a1d22412bb6519de98662cff29c51b864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 05 Jan 2024 22:41:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 1425808
cld_latency: 83
edge-cache-tag: 303312199377649306246036819638838295859,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 303312199377649306246036819638838295859,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Thu, 11 Apr 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 25527
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100057-IAD
x-served-by: cache-iad-kjyo7100057-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Oct 2023 19:35:38 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=25527,owidth=1500,oheight=1000,obytes=312921
x-timer: S1704494472.666715,VS0,VE83
etag: "afe637784a312bba9a0ffcd5e48eda7a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 f53d35340f426ae15120e6d122d392df.cf.jpg
s.yimg.com/uu/api/res/1.2/PFG1RKxPLV48PHFhupvufw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_cool_down_737/ 36 KB
36 KB 43ms
41ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/PFG1RKxPLV48PHFhupvufw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_cool_down_737/f53d35340f426ae15120e6d122d392df.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c059ebe472c40fcd89c22a6fef7150c87eb2458472a9c0e2a6a93982d038af58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 8845
cld_latency: 1
edge-cache-tag: 495487177320345457885774577744230663232,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: ada82b733c9f513e97a3ecef3ce0ec39
cld_by: cache-iad-kiad7000025-IAD
x-served-by: cache-iad-kiad7000025-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705911435.707051,VS0,VE1
etag: "0299c8b05b045860474125dde29ca522"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Mon, 22 Jan 2024 08:17:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 495487177320345457885774577744230663232,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 36552
x-xss-protection: 1; mode=block
x-request-id: ada82b733c9f513e97a3ecef3ce0ec39
last-modified: Mon, 22 Jan 2024 08:06:36 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=36552,owidth=1920,oheight=1282,obytes=391329,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 361d07b965c918a8a6064baa4dadafdb.cf.jpg
s.yimg.com/uu/api/res/1.2/RZsy7fAY42rhmlwbDGYbrg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/moneywise_327/ 19 KB
19 KB 43ms
41ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/RZsy7fAY42rhmlwbDGYbrg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/moneywise_327/361d07b965c918a8a6064baa4dadafdb.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8c1300ed308c63c73261b96a4ca4bfdd3cc5f8d641f8ea8a33ff7db149d363c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 75741
cld_latency: 1
edge-cache-tag: 501461589896715164995696171573056010350,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 67b6d2680fa32d056e891ac181090498
cld_by: cache-iad-kjyo7100066-IAD
x-served-by: cache-iad-kjyo7100066-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705844541.032916,VS0,VE1
etag: "1358f1f61c42599c77d9b56c79ab765b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sun, 21 Jan 2024 13:42:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 501461589896715164995696171573056010350,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 18988
x-xss-protection: 1; mode=block
x-request-id: 67b6d2680fa32d056e891ac181090498
last-modified: Sun, 21 Jan 2024 13:35:24 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=18988,owidth=728,oheight=400,obytes=26139,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9ff20020fc5644d2a4618b6cbb0c8885.cf.jpg
s.yimg.com/uu/api/res/1.2/lnuQDR2WsE0jOEGg6y7Vgw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/parade_250/ 23 KB
23 KB 43ms
42ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/lnuQDR2WsE0jOEGg6y7Vgw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/parade_250/9ff20020fc5644d2a4618b6cbb0c8885.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f55ef6320574380ba5588de69dfbbc4eb5048ffd4e6bb4e043d8412f29da628e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 17:00:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 63841
edge-cache-tag: 282823776694006492530890788667031519874,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 282823776694006492530890788667031519874,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 23471
x-xss-protection: 1; mode=block
x-request-id: 1ed4e4decbec5400ed4621259ef468dc
x-served-by: cache-iad-kjyo7100174-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 16:58:43 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=23471,owidth=903,oheight=800,obytes=154729,ef=(1,13,17,23,30)
x-timer: S1705856439.782326,VS0,VE1
etag: "ed8f0ffa8db5af381160a03d14ea9438"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 095161fd5be03240a1f8fa70c936dbf8.cf.jpg
s.yimg.com/uu/api/res/1.2/6oIpDsanXeCmTNfLZ94Y4g--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/ 28 KB
29 KB 44ms
43ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/6oIpDsanXeCmTNfLZ94Y4g--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/095161fd5be03240a1f8fa70c936dbf8.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d15a506ca5dd31b0e4e667976095b58cc250e0db6dbb6607d6e5f2f64cf0f830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 128451
cld_latency: 1
edge-cache-tag: 226737373150400882808856466494468909516,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: c66fb912371b329f947a87784b7d0cb8
cld_by: cache-iad-kjyo7100152-IAD
x-served-by: cache-iad-kjyo7100152-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705791828.173846,VS0,VE1
etag: "12c320fee1c0c26624f168e8e29e8c5a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sat, 20 Jan 2024 23:03:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 226737373150400882808856466494468909516,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 28987
x-xss-protection: 1; mode=block
x-request-id: c66fb912371b329f947a87784b7d0cb8
last-modified: Sat, 20 Jan 2024 23:03:43 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=28987,owidth=1200,oheight=594,obytes=126175,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 913031aefe4bdd0cb15244e0c8aa1e20.cf.jpg
s.yimg.com/uu/api/res/1.2/ko0pH9bbF.3alL1iIecr6A--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/deadline.com/ 21 KB
22 KB 45ms
44ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/ko0pH9bbF.3alL1iIecr6A--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/deadline.com/913031aefe4bdd0cb15244e0c8aa1e20.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

757ae6fd9eb2ff6a9857e0bc52743605b7d8e86f2db36c4a498a9350f7bf7553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 41588
cld_latency: 2
edge-cache-tag: 182255570050932969032962609141180898325,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 649c4c868228fec579b68232cbc950c2
cld_by: cache-iad-kiad7000129-IAD
x-served-by: cache-iad-kiad7000129-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705878694.026442,VS0,VE2
etag: "d86d708835ec76a3c6d5279691959d16"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Sun, 21 Jan 2024 23:11:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 182255570050932969032962609141180898325,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 22006
x-xss-protection: 1; mode=block
x-request-id: 649c4c868228fec579b68232cbc950c2
last-modified: Sun, 21 Jan 2024 23:10:55 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=22006,owidth=3000,oheight=2000,obytes=868999,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9dfb35f0ecc31d70d4b911e131043e75.cf.jpg
s.yimg.com/uu/api/res/1.2/obD_qv02AxdxUIUFaESR3g--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/ny_post_articles_869/ 22 KB
22 KB 45ms
44ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/obD_qv02AxdxUIUFaESR3g--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/ny_post_articles_869/9dfb35f0ecc31d70d4b911e131043e75.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0a6370ef5a28dcf1e56238f380baac9940b231c5f1650a46709942cd60cf665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 00:23:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 123671
cld_latency: 3
edge-cache-tag: 217412888012357860552976272240099170564,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 217412888012357860552976272240099170564,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sat, 20 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 22209
x-xss-protection: 1; mode=block
cld_by: cache-lga21927-LGA
x-served-by: cache-lga21927-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 00:11:09 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=22209,owidth=2000,oheight=1333,obytes=175620,ef=(1,13,17,23,30)
x-timer: S1705796609.595429,VS0,VE3
etag: "e2a4bce2a43bb977ccd6ba47cbae4d6e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 13279179c6cbbce8b660293b03f0fdb6.cf.jpg
s.yimg.com/uu/api/res/1.2/4JoQ6TNOYOIzewCFvqWpdw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/thewrap.com/ 26 KB
27 KB 46ms
45ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/4JoQ6TNOYOIzewCFvqWpdw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/thewrap.com/13279179c6cbbce8b660293b03f0fdb6.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3917ca224353d369d6dc3800c8f09e9969dca85890e2081fd453db17f58a2600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 22:55:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 42528
cld_latency: 2
edge-cache-tag: 412995304366384406561587419953202983846,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 412995304366384406561587419953202983846,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sat, 20 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 26721
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100052-IAD
x-served-by: cache-iad-kjyo7100052-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 22:34:29 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=26721,owidth=1024,oheight=576,obytes=117480,ef=(1,13,17,23,30)
x-timer: S1705877752.771184,VS0,VE2
etag: "26f194dc9031367e15cc683c1f32181e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 cb8d54c9887be0d9cd266ef25aae09ad.cf.jpg
s.yimg.com/uu/api/res/1.2/BxOTymCnas9yEwf1a3S91w--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/rutgers_wire_usa_today_articles_171/ 33 KB
34 KB 46ms
46ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/BxOTymCnas9yEwf1a3S91w--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/rutgers_wire_usa_today_articles_171/cb8d54c9887be0d9cd266ef25aae09ad.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

69696bf9e928c2d133ad9611dc60476505737b3a6bd0f62a74608b8722398be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 03:03:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 27669
edge-cache-tag: 181327411351242966515122383277884560084,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 181327411351242966515122383277884560084,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sun, 21 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 33961
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100042-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jan 2024 03:02:39 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=33961,owidth=2540,oheight=1693,obytes=1234615,ef=(1,13,17,23,30)
x-timer: S1705892611.586152,VS0,VE1
etag: "3da2f2f89ba4dd06ac0f7659fff72cf6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 __rapid-worker-1.2.js
yahoo.com/ 1 MB
238 KB 406ms
406ms Other
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/__rapid-worker-1.2.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

b8393bfbed51a060bea18b4d709e5b514b523f73f1cef6112ecface402558d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: aUrEy6ImnyGV-DWfXrBFu_rY9BhjjrPuC_FIamhgqX5OqWFqAG4qDA==
expires: -1

GET
H2 200 cs_1.5.1.js Show response
s.yimg.com/aaq/vzm/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/vzm/cs_1.5.1.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1ae0492d9fbac257db08c85f493a6f37f7a1b432315b2850e8682e41fe3fd833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 05:34:16 GMT
x-amz-version-id: kNkmKOe52Bavmn2ePx9bBmv8ukXmrtvT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AM9WZTFFYFATBY7F
age: 18625
x-amz-server-side-encryption: AES256
content-length: 745
x-amz-id-2: zing5dNs2CIRuiyLMe/FNRiKwcsyFr1cCzO4QKuQ6VTEx0k2h8pbQ2/Dvy0LoK0wn+fXryswe+U=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Sep 2023 22:24:21 GMT
server: ATS
etag: "79a0874b52c0c38add16385eb1a694e7-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 b
geo.yahoo.com/ 43 B
72 B 151ms
49ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?s=1197757129&t=1705920279920&err_url=https%3A%2F%2Fyahoo.com%2F%3F&err=&test=fsb

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 p
fsbcn.fp.yahoo.com/ 4 B
205 B 219ms
43ms Image
application/json 52.30.200.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsbcn.fp.yahoo.com/p?s=1197757129&t=1705920279920&err_url=https%3A%2F%2Fyahoo.com%2F%3F&err=&test=fsb
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.30.200.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-200-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
x-amzn-trace-id: Root=1-65ae4718-252ba99d5ff0773831879432;Sampled=0;lineage=63d44699:0
x-amzn-requestid: 5f864844-3ce6-4fa0-b8cf-92ba2d75902d
content-length: 4
x-amz-apigw-id: R8AL0GyODoEEQ_w=
content-type: application/json

GET
H2 200 script.js Show response
cadmus.script.ac/d1ccw66oyq8ex2/ 151 KB
53 KB 50ms
24ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5526a7dde539cc05ae816dcbe83d626610c6ea45b276eb1c931fe12b239ab41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:39 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2024 11:16:15 GMT
server: cloudflare
age: 0
etag: W/"4f4dbdce5e5c8e2524e8bc9d4b29d7252a3ff2eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 849733f5b90c6945-FRA

GET
H2 200 bidexchange.js Show response
hb.yahoo.net/ 488 KB
129 KB 122ms
84ms Script
text/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/bidexchange.js?cid=8YHBJ3BJ0&version=12.1&dn=yahoo.com&ysection=main&yregion=US&ylang=en-US&ysite=fp&ydevice=desktop

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9ceb098ae2eaf5dccbe54f9430862aaf79f1af15c70ba0f10023c987b496e6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 10:44:40 GMT
server: Apache
etag: 14004885402056373108
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
link: <https://c2shb-oao.ssp.yahoo.com>;rel="preconnect",<https://m.hb.yahoo.net>;rel="preconnect",<https://hb.yahoo.net/ucreative.php?cv=1>;rel="prefetch";as=script,<https://rtb-cache.hb.yahoo.net>;rel="preconnect",<https://hb.yahoo.net/ss/nes/player.js>;rel="prefetch";as="script"
expires: Mon, 22 Jan 2024 11:14:40 GMT

GET
H2 200 opus.js Show response
opus.analytics.yahoo.com/tag/ 13 KB
4 KB 77ms
18ms Script
application/javascript 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488A) /

Resource Hash

7c5bf1c17637f87d3c94a2fd2d57e9e5903cefb4fc696fcd2cf4bb0087754b76

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-encoding: gzip
date: Mon, 22 Jan 2024 10:44:39 GMT
last-modified: Mon, 11 Dec 2023 14:45:38 GMT
server: ECAcc (ama/488A)
age: 590253
x-amz-request-id: YK6HD922S71H8XB8
etag: "5769a8d5d32fd009934f5b7b74bffa2e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 3937
x-amz-id-2: /NXC41rppfkdJPbMPjm8QoaVFPm7deBH/5mgYwHQUtIx9g4wq2qUASdpotCoqc/Cbrh8OjnRNfY=

GET
H2 200 evplayer.js Show response
s.yimg.com/rx/ev/builds/1.2.16/ 296 KB
77 KB 15ms
15ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a5e68e1b81582cb7dbec2e4dc5b933929879cca255ba72a9db8eb80a0a62b49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 20:07:17 GMT
x-amz-version-id: 8kheEIET2CQdRKpoOaGZ4Lhuj.UnSkrh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 43AF7PAQC0HN4ZAY
age: 225443
x-amz-server-side-encryption: AES256
content-length: 78577
x-amz-id-2: t3jxDMe/ftAD6MovjX8C35lr07X6qUibC2Cf9QaVExIkYECO3C0xihn5wHlW5NdsXQqp2b7fC9k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Jan 2024 18:12:31 GMT
server: ATS
etag: "d80eb52dbc33182a1835e1da80b9c177-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 383ms
382ms Fetch
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=WeatherPreviewRefresh&lang=en-US&m_id=react-wafer-weather&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=weather&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 384ms
383ms Fetch
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=ScoresRefresh&lang=en-US&m_id=react-wafer-scores&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=scores&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 385ms
384ms Fetch
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=HoroscopeGridRefresh&lang=en-US&m_id=react-wafer-horoscope&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=horoscope&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 2 KB
2 KB 16ms
16ms Fetch
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: edge-mcdn.secure.yahoo.com
URL: https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 21:11:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: W85PB5YAP98JFXCK
age: 48785
x-amz-server-side-encryption: AES256
content-length: 1784
x-amz-id-2: VAvwMm6tEIV7zf9H7V3KJ60own9oJmk5I9drD4U5VGq1Nur7YC3qcSLV5DI9vSearl5rf1HIvhk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 17:20:56 GMT
server: ATS
etag: "877792d86d801176269a36ac7b4e6e02"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 perf-vitals_3.2.0.js Show response
s.yimg.com/cx/pv/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cx/pv/perf-vitals_3.2.0.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jan 2024 04:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: T407HGECNR6T6RHW
age: 22113
x-amz-server-side-encryption: AES256
content-length: 3046
x-amz-id-2: zX549roQOHyQXZbZP+Sh1MYcI1rQP6ShrZpWvgvxcSrAGXy/8Un8luR7sKOItYWOphvzW07Alg8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 19:35:40 GMT
server: ATS
etag: "26831b6bd9ea430823f593b6a70c7375-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 / Show response
yahoo.com/caas/content/article/ 1 MB
238 KB 370ms
370ms Fetch
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/caas/content/article/?uuid=af5b2f4c-b864-3cd4-8d44-835d08b98726,8e2c5980-8354-4b8f-b6d6-d88d793061d3,659a3f96-fa58-337a-88f5-acffc1da9802,fd49b934-5e0d-3273-8fae-92136d8ee4d5,e84bd854-4eec-374a-9805-bfb2038185a9,3788134c-8351-36f2-8f87-29ab2c6ea23a&appid=news_web&device=desktop&lang=en-US&region=US&site=fp&partner=none&bucket=900,seamless&features=enableEVPlayer,enableOverrideSpaceId,contentFeedbackEnabled,enableAdFeedbackV2,enableInArticleAd,enableOpinionLabel,enableSingleSlotting,enableVideoDocking,outStream,showCommentsIconWithDynamicCount,enableCommentsCountInViewCommentsCta,enableRRAdsSlots,enableRRAdsSlotsWithJAC,newsModal,enableViewCommentsCTA,enableXrayInline,enableXrayMovieEntities,enableXrayNcp,enableXrayPeopleEntities,enableXrayTopicEntities,showCommentsIconInShareSec,enableAdSlotsNewMap,enableGAMAds,enableGAMAdsOnLoad,enableFinancePremiumTicker,enableAdLiteUpSellFeedback&rid=fs9nySqH

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

b8393bfbed51a060bea18b4d709e5b514b523f73f1cef6112ecface402558d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: vOEel6vT_PjrQ84m_iyn1axyNA5hi66qO__BtDNxZzGRqiiTB-h4YA==
expires: -1

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
301 B 83ms
38ms Image
image/gif 3.160.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=2023538075&c7=https%3A%2F%2Fwww.yahoo.com%2F&c14=-1&c8=Yahoo%20%7C%20Mail%2C%20Weather%2C%20Search%2C%20Politics%2C%20News%2C%20Finance%2C%20Sports%20%26%20Videos&c9=&gdpr=0&gdpr_consent=&cs_ucfr=0&ns_c=UTF-8&ns__t=1705920279952
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-68.mrs52.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
via: 1.1 266242db9b2c9428b93e6f2afa4051f2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: fBUlbJMQ1IXNx8-5KOgV6k889RREgZYmoXsPq3kMZVoKsPaQauMDeg==

GET
H2 200 reporting-observer
yahoo.com/_td_api/beacon/ 69 KB
69 KB 366ms
365ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%22ExpectCTHeader%22%2C%22message%22%3A%22The%20%60Expect-CT%60%20header%20is%20deprecated%20and%20will%20be%20removed.%20Chrome%20requires%20Certificate%20Transparency%20for%20all%20publicly%20trusted%20certificates%20issued%20after%20April%2030%2C%202018.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=279955&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=fp&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&hasWf=true&hasWfR=true

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: Rdg4b0QUrh4rQx0RnfYfpNliYJ2PpprGteKbntqL3RGaXjPB25VVvA==
expires: -1

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 92ms
49ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=LweFoe4g5rl2cfUD,0.9353895996798314&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22vp_fetch_duration%22%3A16.899999976158142%2C%22vp_fetch_end_time%22%3A1963.5%2C%22vp_fetch_start%22%3A1946.6000000238419%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705920279%04_ms%03976%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 evplayer.css
s.yimg.com/rx/ev/builds/1.2.16/ 3 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.css

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

623e67256353332b24a2074d8816abd4362594a04aa07cfebfc346a190bc710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 20 Jan 2024 07:55:04 GMT
x-amz-version-id: oECrOnoXCXEr3XSIC.l8C9DL7rAUturD
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: J3CZCQDA28XP0TKY
age: 182977
x-amz-server-side-encryption: AES256
content-length: 1571
x-amz-id-2: NK7WCWyrKKLG2OVatl29ZamLpZca/tjt8vwfyb8GUGjRSvwgWGDG7HhO+tvcC/Xr6MwEkbgx6Sg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Jan 2024 18:12:30 GMT
server: ATS
etag: "b6ecf40386a94dcf6f104b00d7c7f814-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H2 200 comscore-6.3.5-min.js Show response
s.yimg.com/rx/ev/lib/ 156 KB
43 KB 19ms
18ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/lib/comscore-6.3.5-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4fa81a2babd7ac6c723e36071474fdd0f043616d012053410a6afaec2d96513b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 19 Jan 2024 15:10:24 GMT
x-amz-version-id: .TVKYLW2EUyd_rP7dLtapLjw7X6rARlN
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 2BNHC4BFDVM2065W
age: 243257
x-amz-server-side-encryption: AES256
content-length: 43408
x-amz-id-2: fkkWrmIr1NuFusHyIrK1ND0yHCKEdV1JhfTqul7d1AkJVbdVEHlZVjwo9drGw9SOgiE1HpRqL1s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Oct 2023 19:33:03 GMT
server: ATS
etag: "d4437107af61d80fd90f57a0808fa483-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

POST
H2 200 p
bats.video.yahoo.com/ 0
0 147ms
138ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=p_init&t=0.8791346045792929&_sqno=0&ts=0&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=0&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=0x0&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=0&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=&continuousPlay=0&loop=0&videoRecommendations=0&ff_ad=1&percentViewable=NaN
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
366 B 52ms
48ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=meYtUHYizzvFEBQv,0.8145805974614713&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22perf_ttfb%22%3A1155%2C%22perf_ttfb_rating%22%3A%22needs-improvement%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705920280%04_ms%03007%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 pframe.html Show response
s.yimg.com/rx/ev/builds/1.2.16/ Frame C585 539 B
808 B 15ms
15ms Document
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9ca89731319743aabedc04e5fd134edb79ef0b3e761587958acbd9ba21d0093b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322031
ats-carp-promotion: 1 1
cache-control: public,max-age=536112000
content-length: 539
content-type: text/html
date: Thu, 18 Jan 2024 17:17:30 GMT
etag: "2aa7ef0b22f0b66cafbdaacff599771d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 17 Jan 2024 18:12:30 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin
x-amz-id-2: IZNvCBV2fdcAu2fjRqtpmxX76ZyFxs2Cnhed3hXUvQmtRFTmkS3l9d+gSzV3iDk+LajMrSncC8s=
x-amz-request-id: Y4EB50NNXV4MNGGJ
x-amz-server-side-encryption: AES256
x-amz-version-id: sqwmRNYTYJ9RGVa6lA2PSxSQIR2Zl3Kk
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 p
geo.yahoo.com/ 43 B
96 B 44ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=kzyk31hwjow8yYnj,0.5748761763870842&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22perf_fcp%22%3A1777%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705920280%04_ms%03026%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 99ms
99ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 153ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://yahoo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 22 Jan 2024 10:44:40 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pframe.js Show response
s.yimg.com/rx/ev/builds/1.2.16/ Frame C585 148 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8dcc19dfffaa89f538179885b29a4db1c3669f41fc93eade43b7ab86fc6e4457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 18 Jan 2024 17:17:31 GMT
x-amz-version-id: LHCIlHVqY4ayFwN7sivbmSMuOeUzMVn0
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4YQ3TEHXNATC4756
age: 322030
x-amz-server-side-encryption: AES256
content-length: 39205
x-amz-id-2: r9o8HONHPeY4W3MdJRzpgGrtjtLRPVGvBip0ItQgl90UREEYaFLZf7j8Gg1yEHOVDqGMTapJ17U=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Jan 2024 18:12:31 GMT
server: ATS
etag: "ba6b1d179fb990719832a03475eca506-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H2 200 ucreative.php
hb.yahoo.net/ 0
2 KB 17ms
17ms Other
application/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ucreative.php?cv=1

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 10:44:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
content-length: 2184
x-mnet-hl2: E
expires: Sat, 27 Jan 2024 10:44:40 GMT

GET
H2 200 player.js
hb.yahoo.net/ss/nes/ 0
73 KB 29ms
29ms Other
text/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/player.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: max-age=604800
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 10:44:40 GMT
etag: 8782330472086327949
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Mon, 22 Jan 2024 11:14:40 GMT

GET
H2 200 dfs Show response
hb.yahoo.net/ss/nes/ 8 KB
2 KB 37ms
37ms Script
text/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/dfs?itype=YHB&type=1&cid=8YHBJ3BJ0&dn=yahoo.com&cc=DE&ugd=desktop&callback=window.advBidxc.pf_rtd&algo=exploitation

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

c976bb619f60bfe8ac8bba9ccb5b3e040315feedfaacf9b85774f0986040bf9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800, max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: gzip
strict-transport-security: max-age=604800, max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 2055
expires: Mon, 22 Jan 2024 10:44:40 GMT

GET
H2 200 tcb.js Show response
hb.yahoo.net/ 50 B
237 B 16ms
15ms Script
text/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/tcb.js?&cb=window.advBidxc.multiBidTemplatefetch&v=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5448674d9c501af62f8516de42d5efff4b6f25b02f7e081c924dc290efdc7d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 10:44:40 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 50
expires: Wed, 24 Jan 2024 10:44:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 106ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8af0ac43a64e3a17ff589a8e342504e12ff2994cafd1d2ddac84b09c04daa551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29431
x-xss-protection: 0
server: cafe
etag: 355 / 19744 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:40 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 195ms
195ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=v_request&t=0.9297870893834137&_sqno=0&ts=0&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.77&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=0&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 75e32068-922f-366e-a1ac-812558168e2c Show response
video-api.yql.yahoo.com/v1/video/sapi/streams/ 6 KB
7 KB 105ms
78ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://video-api.yql.yahoo.com/v1/video/sapi/streams/75e32068-922f-366e-a1ac-812558168e2c?srid=3226242103&protocol=http&format=m3u8%2Cmp4%2Cwebm&rt=html&devtype=desktop&offnetwork=false&plid=c88a06af-107c-4eee-8d15-10169d1affee&region=US&site=frontpage&expb=900%2Cseamless&expn=advstrmvideo&bckt=Treatment_Oath_Player&lang=en-US&width=401&height=226&resize=true&ps=cc77oxik&autoplay=false&image_sizes=&excludePS=true&isDockable=0&acctid=&synd=&pspid=2023538075&plidl=&topic=&pver=1.2.16&try=1&failover_count=0&ads=ima&nad=0&aver=5.1.1&ad.pl=up&ad.pd=&ad.pt=home&ad.pct=&evp=bcp&hlspre=false&ad.plseq=1&pblob=lu%3A0%3Bpt%3Ahome%3Bver%3Amegastrm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ae85d071924864ae9c5a0f62be8d5ffb34daf9f2eae7cbac1b91c925de2d3edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 1
x-envoy-upstream-service-time: 29
content-length: 6326
x-yahoo-request-id: 1d60s8tiqshoo
x-request-id: b867a4d6-337e-4071-a115-d864a56816a0
x-xss-protection: 1; mode=block
ps: cc77oxik
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://yahoo.com
access-control-expose-headers: Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Length, SKT
cache-control: private
access-control-allow-credentials: true
y-rid: 1d60s8tiqshoo
timing-allow-origin: *
access-control-allow-headers: Content-Type

POST
H2 200 p
bats.video.yahoo.com/ 0
0 129ms
129ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=v_api&t=0.9532488408767696&_sqno=1&ts=112&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.77&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=&url=https%3A%2F%2Fvideo-api.yql.yahoo.com%2Fv1%2Fvideo%2Fsapi%2Fstreams%2F75e32068-922f-366e-a1ac-812558168e2c%3Fsrid%3D3226242103%26protocol%3Dhttp%26format%3Dm3u8%252Cmp4%252Cwebm%26rt%3Dhtml%26devtype%3Ddesktop%26offnetwork%3Dfalse%26plid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26region%3DUS%26site%3Dfrontpage%26expb%3D900%252Cseamless%26expn%3Dadvstrmvideo%26bckt%3DTreatment_Oath_Player%26lang%3Den-US%26width%3D401%26height%3D226%26resize%3Dtrue%26ps%3Dcc77oxik%26autoplay%3Dfalse%26image_sizes%3D%26excludePS%3Dtrue%26isDockable%3D0%26acctid%3D%26synd%3D%26pspid%3D2023538075%26plidl%3D%26topic%3D%26pver%3D1.2.16%26try%3D1%26failover_count%3D0%26ads%3Dima%26nad%3D0%26aver%3D5.1.1%26ad.pl%3Dup%26ad.pd%3D%26ad.pt%3Dhome%26ad.pct%3D%26evp%3Dbcp%26hlspre%3Dfalse%26ad.plseq%3D1%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/6415665815001/8tDK7OitG_default/ Frame C585 1 MB
303 KB 89ms
29ms Script
application/javascript 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1b69126902be4d29d6506312471c95a2ce1a7fe10d409b5b90ac913e6e1d73a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: P9i.IE63EnENK2WRr9nBqmhI4U_gxlid
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: B4VNKKXMH9NBVXF9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 309433
x-amz-id-2: ydwAY+l+iZHxQH7Z52B1WfYNftlUFMq5dGnmQPgknPB2D9ZqCgdRHnObnTuxVuFp2jH+2gQBEBkGyeZH4MnlpoMxj99UBec6Sew3Zjdsaio=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21037-AMS
Last-Modified: Tue, 05 Dec 2023 21:45:04 GMT
Server: AmazonS3
X-Timer: S1701969491.460879,VS0,VE1088
ETag: "f52cf74df8aed9a1fdea56eb493f4f06"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=263
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 bcplayer.css
s.yimg.com/rx/ev/builds/1.2.16/ Frame C585 18 KB
6 KB 16ms
15ms Stylesheet
text/css 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.16/bcplayer.css

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7593240bc1e57ebc09a1a550d91c67481784b8de8e9208ba96a6b38a0251a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 18 Jan 2024 17:17:34 GMT
x-amz-version-id: KEm7SdaDfzxNsHy9Sq7rKSr1EAJ4ZJcz
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: S0JYB8TX79XFA5D9
age: 322027
x-amz-server-side-encryption: AES256
content-length: 6285
x-amz-id-2: 7Eh7jqYxV/0sDqZ2p2XEyOADxybEr0Ghqu5mqkFvznkHLsLJAhjkwJ+syPE4sqSxID/x52praqnNBhdbjUDukA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Jan 2024 18:12:31 GMT
server: ATS
etag: "b28b3924c41f1841c568a81dedc9c0d5-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H/1.1 200
OK videojs-bc-playlist-ui.css
players.brightcove.net/videojs-bc-playlist-ui/5.1.1/ Frame C585 8 KB
3 KB 86ms
35ms Stylesheet
text/css 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-bc-playlist-ui/5.1.1/videojs-bc-playlist-ui.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3475e4684f17b66b538a727fcc9a92a40eaa4b23a314aed8093752dce944a41c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: IMrwufBK2uLPc2XlF_9cd2uqaBzgQ8ej
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: 6AZ4J34KXMPRXD1H
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1895
x-amz-id-2: Uct9caQn0W503grNckJ0AUXFBZaCWsqU2Q2mfsCvLt7fqRvfAHjL11NNorsoik/vuIZRTAguxCUSUifvYB9PM6lxkPpxfYHaYgIA4yNxQiU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21040-AMS
Last-Modified: Tue, 14 Nov 2023 21:11:44 GMT
Server: AmazonS3
X-Timer: S1701278364.483412,VS0,VE376
ETag: "72532ae716008fcd89700b170128d1b7"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=72
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK videojs-bc-playlist-ui.min.js Show response
players.brightcove.net/videojs-bc-playlist-ui/5.1.1/ Frame C585 25 KB
8 KB 86ms
27ms Script
application/javascript 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-bc-playlist-ui/5.1.1/videojs-bc-playlist-ui.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a11ea647f95a0f0afed52714b759929c5c8cbfd789a4f1b6b55d7d75a46433e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: TWTaGVoMkeKvwlZj_SUH5GItBEJKD4_C
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: 50C8W0G6ZFF4GHD2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 7387
x-amz-id-2: qHXVLc/cygcmuYCVabQiCKBMol7DImwpBs+J9CM0RJXxW+pamffi11phr6UhRdyDExL9NaU+oCR1o53iwaJGhEZTwKqN52OphBnaGHFvCAU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-eddf8230090-FRA
Last-Modified: Tue, 14 Nov 2023 21:11:44 GMT
Server: AmazonS3
X-Timer: S1701278349.377555,VS0,VE494
ETag: "c167cc2c7c7ec850a0a7092688ff129d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK videojs-overlay.css
players.brightcove.net/videojs-overlay/3.0.0/ Frame C585 993 B
1016 B 84ms
34ms Stylesheet
text/css 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-overlay/3.0.0/videojs-overlay.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3395510d2bef53e87b963da4321117796e85faefd7edc25b9eecbe203248177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Vnz.rHwG9UspmRWPV3EwO_Xfxi3T65DZ
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: PW89Q6PD3PFGAQ38
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 316
x-amz-id-2: 0BMgUtW60Iv53/7Td88UONLtXty/xZIkXXDDSSra7RPQ4Oy8EcFKI+bEI/UWe+a4wqxTnQp7HdE=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21065-AMS
Last-Modified: Fri, 16 Dec 2022 19:15:31 GMT
Server: AmazonS3
X-Timer: S1692199919.119329,VS0,VE1
ETag: "b45bc946a2261e63dcdfc3faca752ff3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=65
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs-overlay.min.js Show response
players.brightcove.net/videojs-overlay/3.0.0/ Frame C585 4 KB
2 KB 170ms
118ms Script
application/javascript 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-overlay/3.0.0/videojs-overlay.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e1897197c32be441c5c75426c1df80241eafceb7b8a3027cd40a148a809870ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: mqhErnWRj12JjZ2wiGk38OF9o59uFZ.i
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: 4AKNN9JSDDVTE4JS
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1682
x-amz-id-2: zbLmwfhMVf5LfYOl7Vvzc4fJ+OpOszkdbE/UdA/LvoUbrgrUC7YTjipwj7L1votdMm+WwGGIpnB32GxHfDzxEQ==
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220077-FRA
Last-Modified: Fri, 16 Dec 2022 19:15:31 GMT
Server: AmazonS3
X-Timer: S1682704732.747065,VS0,VE394
ETag: "cd0ad2d50a7e4a574b8d749f22e2ffb1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=179
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK videojs-ima3.css
players.brightcove.net/videojs-ima3/5.1.1/ Frame C585 4 KB
2 KB 168ms
117ms Stylesheet
text/css 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5ec914f3ecabd8480fed9df3ea1b4a3b4c06b9cab1a86c9dc0e82e5b1d3e1d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Zg.2vajbVTIvi6.F6nGiD1c7RIgflPlZ
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: 7Q46QY3RQX4B0PRF
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 934
x-amz-id-2: AQb8FabC3afgNQL4kv94n8HI/X0vAcqhUoy79d1hsKe6hKmhoqe2iUUZsQx4poM/ix2TtkR1its=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220115-FRA
Last-Modified: Thu, 20 Jul 2023 13:40:45 GMT
Server: AmazonS3
X-Timer: S1690305496.315688,VS0,VE1
ETag: "adb4f1aa4ce48dda9b9d5a73be75bdb6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=52
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs-ima3.min.js Show response
players.brightcove.net/videojs-ima3/5.1.1/ Frame C585 72 KB
21 KB 31ms
30ms Script
application/javascript 2.19.106.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.142 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b39773b31bd6055e7913146773b90be87f11b993b51f86ad5c408df4d79d1ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: HIHVvovF0OzA1H_JkXYASiGeft_YhO9k
Content-Encoding: gzip
Date: Mon, 22 Jan 2024 10:44:40 GMT
x-amz-request-id: R73EPE1VBBH9X5ZS
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20450
x-amz-id-2: xUfVN2AMLykW8FXxRIfVxJlnefhO26QcA/I4pCUrgnKhrf3iNIxUqLjcWUDE3EFAAXILQExsT2kjDDUSiWwPo2mtHqNiQrbUWL4Ojys3edw=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21047-AMS
Last-Modified: Thu, 20 Jul 2023 13:40:45 GMT
Server: AmazonS3
X-Timer: S1690305549.205477,VS0,VE564
ETag: "e5e3368fd59e7d68f90ae518254e630d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=65
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63857
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 Jan 2025 17:00:23 GMT

GET
H2 404 px.gif
www.yahoo.com/ 0
0 127ms
104ms Image
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=1&rn=6.981170319237795
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 404 px.gif
www.yahoo.com/ 0
0 69ms
46ms Image
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=2&rn=6.981170319237795
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
96 B 44ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=7PYFxhLF4VMSAGWu,0.6951385581361909&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_pfb%031155%04A_pbp%03655%04A_psr%03820%04A_pdi%031939%04A_psh%03161%04A_psc%03322%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705920280%04_ms%03299%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 2
content-length: 43

GET
H2 200 voiceSearch1x-1620383531565.min.png
s.yimg.com/pv/static/img/ 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/voiceSearch1x-1620383531565.min.png

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 13:14:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BND84Z0YCXREC0D8
age: 1027831
x-amz-server-side-encryption: AES256
content-length: 2986
x-amz-id-2: 4U0Pa8+rNt3LvneUsib0As6mEwahD9K1/M1gMug20QURuU30EH1KyKc1ne/zN1YPrj5zzh5rboc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 May 2021 10:32:24 GMT
server: ATS
etag: "c2396079060a7028fa898a73b72aa592"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=315360000
accept-ranges: bytes

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
276 B 100ms
81ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705920280391&yhlClientVer=3.53.38&yhlRnd=9QQEHyj8GPvmMn4V&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
46 B 93ms
85ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705920280402&yhlClientVer=3.53.38&yhlRnd=Awdfn0qrmXxjAExZ&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
expires: -1

POST
H2 999 error
yahoo.com/_td_api/beacon/ 16 B
46 B 242ms
242ms Ping
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fs9nySqH

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 error
yahoo.com/_td_api/beacon/ 16 B
46 B 243ms
242ms Ping
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

GET
H2 200 __rapid-worker-1.2.js
yahoo.com/ 1 MB
238 KB 241ms
241ms Other
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/__rapid-worker-1.2.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

b8393bfbed51a060bea18b4d709e5b514b523f73f1cef6112ecface402558d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: HCjpj_DXGpvNxMOdHpw7nkkBfRM2kiFbA_RkOd6x2PTR-yz1KjHqmw==
expires: -1

GET
H2 206 voice-start-202105050733.wav
s.yimg.com/pv/static/misc/ 185 KB
185 KB 15ms
15ms Media
binary/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-start-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Tue, 09 Jan 2024 13:43:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EED9NASJ566PM092
age: 1112493
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-189159/189160
Content-Length: 189160
x-amz-id-2: sm6Vmht2vBXgLMk1qIG+hYsgr/PASX5OCf3BSmSi7UyxAw6BjjTLaLPN0Vm4jqkAPug4WoTgfLVN1u+HxKfbgQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:16 GMT
server: ATS
etag: "8abfe6dfa7b0d9a5a4b7268155054740"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:14 GMT

GET
H2 206 voice-result-202105050733.wav
s.yimg.com/pv/static/misc/ 78 KB
79 KB 21ms
17ms Media
binary/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-result-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1
date: Sat, 20 Jan 2024 18:07:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: HR8AHP1Y3M4MJ69Y
age: 146255
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-80335/80336
Content-Length: 80336
x-amz-id-2: TcoYHr2dhwClBwdxR6gGYSSr8U5pmRwsU92ZbwiqTS/1UHChOEXI0dn0FRjihY/KImnuFikk9xc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:25 GMT
server: ATS
etag: "f536e8f265fbbd76a5f7b9fc0ea0ad69"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:23 GMT

GET
H2 206 voice-error-202105050733.wav
s.yimg.com/pv/static/misc/ 83 KB
84 KB 21ms
18ms Media
binary/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-error-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1
date: Sun, 21 Jan 2024 16:06:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NWTZAJNQQ01A7KY4
age: 67071
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-85335/85336
Content-Length: 85336
x-amz-id-2: 3ulhT0W5HD59wdBji0T2OW8G86U3bThVQfvSe8EqFF01hT4KpobEvoWPhoKsAO6f0Z1DmkIUzWI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:41 GMT
server: ATS
etag: "f35ad0c20d2f7e02b99e4866a98989d1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:40 GMT

GET
H2 206 voice-close-202105050733.wav
s.yimg.com/pv/static/misc/ 146 KB
146 KB 20ms
19ms Media
binary/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-close-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Mon, 15 Jan 2024 08:16:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NWGYZ2E59VHMS2ED
age: 613690
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-149335/149336
Content-Length: 149336
x-amz-id-2: SeQ0nFiYp6fy1JgRMntYSC/0xsp92vKLk3JhYPoNxbdSKFfElSiy8vzNpTg9P8MmoPlI3Fzi5go=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:34 GMT
server: ATS
etag: "8f1c7f5187e8e78fdb31a5e6c688e803"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:32 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 58ms
58ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705920280437&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fs9nySqH&pd=unknown&pt=home&A_utm=%7B%22GAM_READY_TIME%22%3A2454%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 hbc Show response
hb.yahoo.net/ss/nes/ 67 B
295 B 14ms
13ms Script
text/javascript 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/hbc?callback=window.advBidxc.cobrandConfig&cobrand=none

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

36eeae28af31fe42af6c3c03695665d8b0415a3d9f460c40c06bfa01d2c9ff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800, max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: max-age=604800
date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: gzip
strict-transport-security: max-age=604800, max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800, post-check=1800
content-length: 91
expires: Mon, 22 Jan 2024 11:14:40 GMT

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 79ms
27ms Image
image/gif 23.48.23.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=362&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yang-b5c558f59-jfp2l&svr=267_94_104_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705920280123029970147844316&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-12.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 10:44:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
35 KB 366ms
366ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=799466616960666&correlator=1446080914111360&eid=31079956%2C31080257%2C31080526%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_right%2Cus_yhp_main_dt_as_mid_right_a%2Cus_yhp_main_dt_top_center%2Cus_yhp_main_dt_as_mid_right_b%2Cus_yhp_main_dt_as_mid_right_c&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9&prev_iu_szs=300x250%7C300x600%2C300x250%2C970x250%7C3x1%7C728x90%2C300x250%2C300x600%7C300x250&ifi=1&sfv=1-0-40&fsfs=1%2C1%2C1%2C1%2C1&fsbs=1%2C1%2C1%2C1%2C1&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1705920280486&adxs=1132%2C1132%2C315%2C1132%2C-9&adys=1012%2C1302%2C129%2C1322%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=300x1588%7C300x600%7C1600x110%7C300x600%7C0x-1&msz=300x600%7C300x250%7C1600x110%7C300x0%7C0x-1&fws=4%2C4%2C4%2C4%2C2&ohw=1600%2C300%2C1600%2C300%2C0&ga_vid=1664230946.1705920280&ga_sid=1705920280&ga_hid=1434146791&ga_fc=false&dlt=1705920279141&idt=1285&prev_scp=loc%3Dtop_right%7Cloc%3Dmid_right_a%7Cloc%3Dtop_center%7Cloc%3Dmid_right_b%7Cloc%3Dmid_right_c%26noads%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3Dfs9nySqH%26y_bx%3D1%26y_ldp%3D1&adks=1481106528%2C3064630007%2C3690920304%2C3845938001%2C1006816889&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

995f9c28e236239b454ed5544e1c188fdabe8c49633e7e4d1e6caea418263c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35859
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2717 6 KB
3 KB 88ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 p.gif
yahoo.com/ 128 KB
128 KB 309ms
308ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DWeatherPreviewRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-weather%26m_mode%3Djson%26region%3DUS%26rid%3Dfs9nySqH%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dweather%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: OZeeRjppk8D48ufoSLrnYuE6RDMBvGrWrfpPIhnrJWUXGqjOl9lpwA==
expires: -1

GET
H2 200 p.gif
yahoo.com/ 128 KB
128 KB 309ms
309ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DScoresRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-scores%26m_mode%3Djson%26region%3DUS%26rid%3Dfs9nySqH%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dscores%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: GTckpTGBUWCkdJfWkMmftXvVoMCMsVPvQxs5mE9hx4TF-CKPLUBb5Q==
expires: -1

GET
H2 200 p.gif
yahoo.com/ 162 KB
162 KB 309ms
309ms Image
text/html 2001:4998:24:120d::1:1
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DHoroscopeGridRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-horoscope%26m_mode%3Djson%26region%3DUS%26rid%3Dfs9nySqH%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dhoroscope%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A10%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:1 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243933
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: CFWC36OlJKNJaGtloRUUVczuw-y5ODF3eMgGsQka1IiZCG8AvRDBgQ==
expires: -1

GET
DATA 200
OK truncated
/ Frame C585 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin: https://s.yimg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 tracker
metrics.brightcove.com/v2/ Frame C585 35 B
295 B 59ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Mon, 22 Jan 2024 10:44:40 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 43ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=nEVdsoDhBiS3YpMX,0.7374113102413973&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBBhHrmUCEMY5qZB74Rl6UFtBoM7iaVEFEgABAf-Kr2W3ZeAJyiMAAAAAgA%26S%3DAQAAAozRdzEUaKVTuLOWOWWmqcQ%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04ns_ready%03%04dcl_ready%03%04_E%03saready%04_ts%031705920280%04_ms%03799%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C585 377 KB
130 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132425
x-xss-protection: 0
expires: Mon, 22 Jan 2024 10:44:40 GMT

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
22 B 47ms
47ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705920280848&yhlClientVer=3.53.38&yhlRnd=EduUeg9FMfZHzTZP&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
expires: -1

GET
H2 200 tracker
metrics.brightcove.com/v2/ Frame C585 35 B
88 B 23ms
21ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=600c69e5211cb55dae19ebdd&account=6415665815001&destination=https%3A%2F%2Fyahoo.com%2F%3F&platform_version=7.14.0&player=players.brightcove.com%2F6415665815001%2F8tDK7OitG_default&player_name=EVPlayer%3A1.2&autoplay=false&ads_enabled=true&usage=thumbnails!2.0.0&usage=qualityLevels!3.0.0&usage=qualityMenu!3.0.0&usage=bc-used-as-getter&usage=bcPlaylistUi!5.1.1&usage=ads!7.3.2&usage=contribAds6Shim!&usage=ima3!5.1.1&usage=inpage-embed&event=player_load&time=1705920280862&qos.events.content.volumechange=1705920280834&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=21700000&qos.performance.memory.totalJSHeapSize=27600000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1705920280132&qos.performance.timing.loadEventStart=1705920280132&qos.performance.timing.domComplete=1705920280132&qos.performance.timing.domContentLoadedEventEnd=1705920280132&qos.performance.timing.domContentLoadedEventStart=1705920280132&qos.performance.timing.domInteractive=1705920280132&qos.performance.timing.domLoading=1705920280050&qos.performance.timing.responseEnd=1705920280037&qos.performance.timing.responseStart=1705920280037&qos.performance.timing.requestStart=1705920280022&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1705920280021&qos.performance.timing.connectStart=1705920280021&qos.performance.timing.domainLookupEnd=1705920280021&qos.performance.timing.domainLookupStart=1705920280021&qos.performance.timing.fetchStart=1705920280021&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1705920280021&qos.player.dimensions=%5B%5B1705920280862%2C%220x0%22%2C%22401x226%22%5D%5D&qos.player.pixelratio=%5B%5B1705920280862%2C1%5D%5D&qos.player.screendimensions=%5B%5B1705920280862%2C%221600x1200%22%5D%5D&seq=1

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Mon, 22 Jan 2024 10:44:40 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 checksync.php Show response
hb.yahoo.net/ Frame AA32 22 KB
8 KB 33ms
33ms Document
text/html 104.124.11.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/checksync.php?cid=8YHBJ3BJ0&cs=1&cv=37&hb=1&vsSync=1&prvid=25014&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.124.11.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-124-11-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2964a5a8e918295b28e02bac3e18ca50cc14d9f88a99d9bef428fc730a12eebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-length: 8254
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Mon, 22 Jan 2024 10:44:40 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
52ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbedf99d632997c7330c51ce00c984f96174d701e30cd398b23158addf7d5923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12102
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 51ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920280954&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MON2-iframe&isRefresh=false&loc=mid_right_c&renderCount=0&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 50ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920280955&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&errorMessage=Failed%20ad%20with%20no%20fallback&id=sda-MON2-iframe&loc=mid_right_c&renderCount=0&sourceType=native&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA3B 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A973 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C50 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F14 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 52ms
52ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281143&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=1&ads_refresh_total=0&ads_slot_right_failure=0&ads_slot_right_total=1&ads_slot_top_failure=0&ads_slot_top_total=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 52ms
52ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281143&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC-iframe&isRefresh=false&loc=top_right&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
95 B 50ms
50ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281144&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC3-iframe&isRefresh=false&loc=mid_right_a&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 52ms
52ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281144&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=1&ads_refresh_total=0&ads_slot_right_failure=0&ads_slot_right_total=0&ads_slot_top_failure=0&ads_slot_top_total=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 52ms
51ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281144&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MAST-iframe&isRefresh=false&loc=top_center&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 51ms
50ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920281144&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC4-iframe&isRefresh=false&loc=mid_right_b&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 107ms
84ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H2 200 bridge3.613.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame ADC6 753 KB
241 KB 10ms
9ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 289539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246576
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 02:19:02 GMT
expires: Sat, 18 Jan 2025 02:19:02 GMT
last-modified: Wed, 17 Jan 2024 19:16:10 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C585 44 KB
17 KB 84ms
57ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1875 40 KB
14 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 11:02:01 GMT

OPTIONS
H2 200 6345284262112
edge-auth.api.brightcove.com/playback/v1/accounts/6415665815001/videos/ Frame 0
0 46ms
7ms Preflight
application/json 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge-auth.api.brightcove.com/playback/v1/accounts/6415665815001/videos/6345284262112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://s.yimg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,*
access-control-allow-origin: *
bcov-request-id: epa-7abe0a7a4173, epa-7abe0a7a4173-d
cache-control: no-store, must-revalidate
content-length: 66
content-type: application/json
date: Mon, 22 Jan 2024 10:44:41 GMT
retry-after: 0
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230071-FRA

GET
H2 200 6345284262112 Show response
edge-auth.api.brightcove.com/playback/v1/accounts/6415665815001/videos/ Frame C585 5 KB
5 KB 9ms
9ms XHR
application/json 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge-auth.api.brightcove.com/playback/v1/accounts/6415665815001/videos/6345284262112
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4be3a41686c1d3d032842fbaefd3c4135aff5f9a74bf2a6f1368b9e73cb79bed

Request headers

Accept: application/json
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 7
date: Mon, 22 Jan 2024 10:44:41 GMT
powered-from: eu-central-1a
bcov-request-id: epa-c64cbdd736f6, epa-1f413a522318-cr, epa-8f7fc7609bf1-d
expires: Mon, 22 Jan 2024 10:51:55 GMT
policy-key-accountid
x-cache: HIT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, must-revalidate
account-status: APPROVED
x-has-manifest-url-ttl: true
powered-by: BC
access-control-allow-headers: Authorization,*
x-served-by: cache-fra-eddf8230071-FRA

GET
H3 200 tracker
metrics.brightcove.com/v2/ Frame C585 35 B
52 B 23ms
23ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Mon, 22 Jan 2024 10:44:41 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 p
bats.video.yahoo.com/ 0
0 149ms
148ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.6440939727775703&_sqno=2&ts=1172&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.77&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&ad_evt=ima3-ready&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE96 499 B
789 B 79ms
52ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMYifix0AEwAQ&v=APEucNW7NUWKGrDTvBMr-UJ08eAFCOIuIJ5yxltuaKYNPUVCU2sSpCQh26Fe9Mp4yvKwamklbPTEOOHtKTooRBrrSNX0CPj6SJrDYDw8vPuVzwfmSG_NbEo

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:41 GMT
expires: Mon, 22 Jan 2024 10:44:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DA3B 89 KB
31 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA3B 42 B
63 B 91ms
89ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTunxJDVUVNWa9CUBQ6BMmKT5QmRrkADZ-uNl4O6EJnfoBbj-6NazPhEFLlcieK8DyG0NiYITbD-qwtwv78c0L10L2sk80pqMB46GucpskyGsWZIE

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame DA3B 24 KB
10 KB 165ms
21ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534224
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq%2FM3U9saRxexEnMMr8q%2BooyK3hzXsaMKtx4wpMTK1%2BKRGqtk1fKcekc9Uioia8hmA%2BQxukl6DzGeSjGVVU44xUchs9PbrVJ8KlBEl5qdxA1e3LumGyU0If%2BbT994v6Q2Z5aLNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 849733ff5f2d9a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DA3B 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:41:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DA3B 20 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA3B 206 KB
66 KB 87ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 94D9 499 B
466 B 49ms
45ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUjJqQo8WfkgAp52LMUbjdZta35iuT47Mau2a1Zr6rTinsgK6xZ46w8B4oavcIs_9JIylpiZd_s4rTAWzDcXYLUJlwmvZhYNRYFNOww6427PUaP9js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:41 GMT
expires: Mon, 22 Jan 2024 10:44:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A973 89 KB
31 KB 169ms
169ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A973 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUnVsmKvRfBl96dOM-6E5ci0paWl_3qQJiN8ivrHMvJirofZoVzcaI55H1AES7q7GOE2xwK8Rgmrzs8fw1BMs-OYGQdDzt_nGRjsnOlizQDHXIUt8

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A973 24 KB
9 KB 131ms
22ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534224
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn9JnDu5SzC5%2Fy4I53ZnpGyY0yYEdZSxLjMvL%2BVD22Pr9I07BpDKI6wGpVjLp4mHpCW%2F%2BvszCbpmGfTwhfBvgjailReG2XErY54hW6ZRkcVv2iC7lwryTokqT0UkPtgg0iKuEs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 849733ff5f2e9a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A973 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:41:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A973 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A973 206 KB
65 KB 108ms
106ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 5C50 196 KB
56 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 13:43:44 GMT
age: 75657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 Jan 2025 13:43:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5C50 15 KB
5 KB 58ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:19:24 GMT
age: 462317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:19:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5C50 95 KB
28 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:12:39 GMT
age: 498722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 16:12:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5C50 5 KB
2 KB 57ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:31:34 GMT
age: 461587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:31:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5C50 40 KB
13 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 21:00:52 GMT
age: 481429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 21:00:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5C50 6 KB
1 KB 59ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 09:27:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5C50 2 KB
2 KB 20ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 82286
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 22 Jan 2024 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5C50 295 B
319 B 20ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 62409
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 98CD 499 B
246 B 47ms
47ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUZBmOXbZBkN4ixi7WlbMmmPdICPaWVnzFudwszav2gzXv41JVBfxXjnpGdwuHtQBNYheWIJJvsh2qNyZeCEtyPqjVAKkvTyUKjIATkje8ebnlHyok

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F14 89 KB
31 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F14 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkKgkLgDGmhpzDPD0bQPA0tiZJJ4BpQ0LDJNFA9OVUzXAGvkREinLLB8JBrYmF1BS0LU2E7kR2yOSHme0fYIHoiQi1j9jhD5ppcJRjiCw9F_8YpTk

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7F14 24 KB
9 KB 51ms
22ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534224
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXNX1rh5W4XnWVtkx5cRfTI4iYiWdc5ubWR%2FfrwqetKPvrDuDfZPbe59o5wpxe41NkWT4NmbTPeGssjNNpgUBKuiZVWjjV8IHuDBgHSITHsH9ndZJZhoYXqTyf3TTvPZRq8qCuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 849733ff5f309a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7F14 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:41:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7F14 20 KB
8 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F14 206 KB
65 KB 56ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:44:41 GMT

GET
H3 200 tracker
metrics.brightcove.com/v2/ Frame C585 35 B
52 B 24ms
24ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Mon, 22 Jan 2024 10:44:41 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bb2aeaba286e33fa0614bc42f361daf0
s.yimg.com/uu/api/res/1.2/MqFZwGyEZhGZg1Fz9zEbFA--~B/Zmk9c3RyaW07aD0yMjY7dz00MDE7c209MTthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/video.fbc.news.com/ Frame C585 13 KB
13 KB 15ms
14ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/MqFZwGyEZhGZg1Fz9zEbFA--~B/Zmk9c3RyaW07aD0yMjY7dz00MDE7c209MTthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/video.fbc.news.com/bb2aeaba286e33fa0614bc42f361daf0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

11a42828637bc11c2d02278318bce6f5ef1ba0292a8d480121f648443ec65cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 21 Jan 2024 04:26:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 109114
edge-cache-tag: 220293775509817479168388080127239729297,331942344099275996819332356816593656212,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 220293775509817479168388080127239729297,331942344099275996819332356816593656212,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Sat, 20 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 13332
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000096-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2024 04:25:59 GMT
server: ATS
surrogate-reporting: width=401,height=226,bytes=13332,owidth=1280,oheight=720,obytes=95664,ef=(1,13,17,23,30)
x-timer: S1705811168.790389,VS0,VE1
etag: "c398fbf2f0274dfa45772ffab4a55a87"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 404 performance
www.yahoo.com/_td_api/beacon/ 0
0 78ms
76ms Image
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/_td_api/beacon/performance?ybar-sticky_0=0.3999999761581421&ybar-init_0=0.19999992847442627&ybar-mod-sidenav_0=15.700000047683716&ybar-mod-logo_0=0.2999999523162842&ybar-mod-searchbox_0=3.8000000715255737&ybar-mod-assistjs_0=5&ybar-mod-adaptivenav_0=0.3999999761581421&ybar-account-init_0=27.700000047683716&ybar-mail-init_0=1.2000000476837158&ybar-mod-navigation_0=4.399999976158142&ybar-mod-notification_0=0.3999999761581421&src=ybar&_rdn=281549&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 404 performance
www.yahoo.com/_td_api/beacon/ 0
0 79ms
77ms Image
text/html 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/_td_api/beacon/performance?ybar-sticky_0=0.3999999761581421&ybar-init_0=0.19999992847442627&ybar-mod-sidenav_0=15.700000047683716&ybar-mod-logo_0=0.2999999523162842&ybar-mod-searchbox_0=3.8000000715255737&ybar-mod-assistjs_0=5&ybar-mod-adaptivenav_0=0.3999999761581421&ybar-account-init_0=27.700000047683716&ybar-mail-init_0=1.2000000476837158&ybar-mod-navigation_0=4.399999976158142&ybar-mod-notification_0=0.3999999761581421&src=ybar&_rdn=281550&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame AE96 170 B
232 B 73ms
30ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMYifix0AEwAQ&v=APEucNW7NUWKGrDTvBMr-UJ08eAFCOIuIJ5yxltuaKYNPUVCU2sSpCQh26Fe9Mp4yvKwamklbPTEOOHtKTooRBrrSNX0CPj6SJrDYDw8vPuVzwfmSG_NbEo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AE96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

43 B
328 B

29ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMYifix0AEwAQ&v=APEucNW7NUWKGrDTvBMr-UJ08eAFCOIuIJ5yxltuaKYNPUVCU2sSpCQh26Fe9Mp4yvKwamklbPTEOOHtKTooRBrrSNX0CPj6SJrDYDw8vPuVzwfmSG_NbEo
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0OOOI%2Fp5%2B5mntQTP2y6Y0yNkNJ6qp67wHBneVIK9DeCQoVNC3e4wI0bIWI8cazCIzet162rowhcZnQkrB381M9uW08CbdoEs7GVlBT2k%2BUDeTO6F%2FISmx%2FxddTlKCEvhaMWNvZkdttShQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84973400ab4c19b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5g5BKQ3yU4xB6lji%2BEEyIzNoDbKt5pmwPpf4IzCSoF7kV6Vdb8soc9TPcTxN1zl3ev%2B2aeL3dmI3Dgii7VuEQTcEaljCkxmN7Z4IhvL7vxN2MDK%2BOg6vTvLJPRLWNxjKDqYPRNZRgkqrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 849734004ad919b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE96
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

43 B
730 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMYifix0AEwAQ&v=APEucNW7NUWKGrDTvBMr-UJ08eAFCOIuIJ5yxltuaKYNPUVCU2sSpCQh26Fe9Mp4yvKwamklbPTEOOHtKTooRBrrSNX0CPj6SJrDYDw8vPuVzwfmSG_NbEo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08rvoIYRYZq0sYKw2Hz5v0lDJgA%2BY8K275ikr7K3zxkGraOoPmIv39HBcBwtBsv9x40RhUUjHyn%2BHHGa73RSjgC9FrtonV64pskDME%2FCF4gonfWX0rl1J9BTevscrCbvOP04ewT5ZS0oZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 849734011f78bb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 94D9 170 B
409 B 60ms
19ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUjJqQo8WfkgAp52LMUbjdZta35iuT47Mau2a1Zr6rTinsgK6xZ46w8B4oavcIs_9JIylpiZd_s4rTAWzDcXYLUJlwmvZhYNRYFNOww6427PUaP9js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 94D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

43 B
448 B

30ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUjJqQo8WfkgAp52LMUbjdZta35iuT47Mau2a1Zr6rTinsgK6xZ46w8B4oavcIs_9JIylpiZd_s4rTAWzDcXYLUJlwmvZhYNRYFNOww6427PUaP9js
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hp68fDRkk2raLAYqO%2BHTqIKosZNSmtgMHho2zXKfTRfh%2FVVog1%2FF%2F4rgOdNfTGcZa2JU1ljKd2ZWiHpz5en4HtQPw5XLvhOohXgAy0JX5EWMdULaA1HoAcyNl62arE8svy0eECBExqPqOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84973400ab4a19b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeokYNeN%2BIGKPCjQc6%2FlTZ6Kg35ArcsegIDZOjvMVZxQcR1FwyhjZMczxYjj9GrsekxjNOty%2B9uOMDHX0m%2BmjoVZifBMYWPfxHyyZBq7NsqfcNvo%2FS6ghUUgg1S74nBqKtHSIDuvlOityA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 849734004ad819b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 94D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

43 B
776 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUjJqQo8WfkgAp52LMUbjdZta35iuT47Mau2a1Zr6rTinsgK6xZ46w8B4oavcIs_9JIylpiZd_s4rTAWzDcXYLUJlwmvZhYNRYFNOww6427PUaP9js
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saMLpA2%2F%2Frp8b%2FNBStWOi3%2FuX5lMDZN9WJb1f5n2K4NHUlPo7icOZjckXvcX91kX1%2FhYVh1H%2BhVqZ23m%2F6noEGThS4zmF93huSuw%2FjB0Q5qMUG16q7JKpO4K8Yb%2FedokvNIaqMtzA6CwFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 849734011f7bbb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 98CD 170 B
232 B 57ms
29ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUZBmOXbZBkN4ixi7WlbMmmPdICPaWVnzFudwszav2gzXv41JVBfxXjnpGdwuHtQBNYheWIJJvsh2qNyZeCEtyPqjVAKkvTyUKjIATkje8ebnlHyok

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 98CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1

43 B
339 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUZBmOXbZBkN4ixi7WlbMmmPdICPaWVnzFudwszav2gzXv41JVBfxXjnpGdwuHtQBNYheWIJJvsh2qNyZeCEtyPqjVAKkvTyUKjIATkje8ebnlHyok
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0ZFyM5Iv3cbu3W5y2nUBQLNfb%2FNCx7h%2FcrCDqeeoPxyTO9EcwZ5RRrEuXRvJGo4yFT9HNg6PkQ5ZAkO9nQ077Q8pnKnAQuNyuD3jgc7eRbZTSn%2B0Iv%2FQNMXtj4aJpZfHQtQSqj4Uooo9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84973400ab4b19b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq%2BpPyT15NtSix4zqiA3zKAooJ5Mp%2FSNhTLQ2ypeNbzBR0W2pqqyoWbrDeHRSmdBk5VmVHt18VDUzwc%2FYoTjwMLl69E3UEiadrCQ7T4XyGAjL4K7QrdOyt3jao6ZYStMJT7HOxA7mhrXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 849734004acd19b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 98CD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za5HGbBBxHeV4Eq3O6EtgQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0

43 B
728 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNUZBmOXbZBkN4ixi7WlbMmmPdICPaWVnzFudwszav2gzXv41JVBfxXjnpGdwuHtQBNYheWIJJvsh2qNyZeCEtyPqjVAKkvTyUKjIATkje8ebnlHyok
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9gQJ8rQe1hvNMAgpIIFJTFMurgkYbRdkofWl7htkQ5xmH5TH%2BiAK0ejaLubYPE3Ko3bSvJoPLo2rSwgr9jTz5QXsCUh9O8rmcCkougYpCBYyqUc1CtKjWHTen8CawI8ujrTUsfZRVcInw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 849734011f7dbb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi54B9LQmNpZ1EUgsZZWnk&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14612763272446492391/ Frame 5C50 34 KB
34 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14612763272446492391/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1b81c3036be7f654008a75648efb68bfda81d352ab5eb969fe63417aea931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 02:29:53 GMT
date: Wed, 17 Jan 2024 02:29:53 GMT
x-content-type-options: nosniff
age: 461688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34707
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:42:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5C50 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec7797cac9e9d1a316b0177c7341eaa29684ea48cde19350ec982ea53aea816c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C50 15 KB
16 KB 40ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 419193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C50 15 KB
15 KB 51ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:30:09 GMT
x-content-type-options: nosniff
age: 436472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 09:30:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5C50 15 KB
15 KB 41ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 462648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/6s/ Frame C585 11 KB
11 KB 49ms
48ms XHR
application/x-mpegurl 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/6s/master.m3u8?fastly_token=NjVhZTU1MjlfMjBiODU4MjM2NjkyMDBjMDZmNGVmMTU5YTQ5Yzg3OGY0MWVkMjI2NmM2ZDY3NzM2YjYxYzQ4NGFlYTkyZGVmMA%3D%3D&bcov_auth=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 2e6ce4ff81e8cda136e37ffc705757cf6b2273deba1df208cc443877429c4b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.609817,VS0,VE39
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/ Frame C585 11 KB
11 KB 10ms
10ms XHR
text/vtt 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/thumbnail.webvtt?fastly_token=NjVhZTU1MjlfZmYzMTUzNDYxYTM0MGIxZjAyNDI1MWNjNTdkOGU1M2U2OGI0NjAwYWE5YTJlZTQ4MWE5ZjdhZDU1M2M4NjM1Zg%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 2436fa31b895585317eafece5829744711419765a05ee7ed07a2fe79bd52deb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
via: 1.1 varnish
age: 10560
x-powered-by: BC
x-cache: HIT
content-length: 10958
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.611312,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CEC 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:41:53 GMT
expires: Tue, 21 Jan 2025 09:41:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F251 829 B
1 KB 42ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c39400d6201db1ef7295390b7a961c9d374e06c1733ea506ace06dacab2bbedb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0wipZf5YazP9-XiKyNXbPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0wipZf5YazP9-XiKyNXbPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:41 GMT
expires: Mon, 22 Jan 2024 10:44:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA3B 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8076592533791&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA3B 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8076592533791&version=m202309260101&ct=77&x=1&cor=1009315367529966100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DA3B 20 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaD0JW0WqxIt3yX7J9yAxWlMrwPfSFt5uacP7Vhlc3zbM5mbJ4sgeBEbxrMqic7ndCyqQ_KgEDOcv2cLXnLscWyCvi2Ax4XkBdqhk0UPmndSzliHVuQmaj_-RLrjBBUpXMwLfml-STmXYonV9VX7jazCXbBIsjodMVCSalAg_boMqWZI4&cry=1&dbm_d=AKAmf-DNvsFNmM3ORJCFysl1RyLojHThirliaPTOlxJ2ZmCaAZk7CmhqRjW1fKVtEX69lybAfSGQ6Jr15AbCUV3VRHJzd9yPRLLhT1RNOKcwpFQ0_PY210DrSjb_jtb206W7gxgogFuyPJj6tU2rkbOBycEauJFKvLmBAatPjYBnZE-PdVaiyZ8lkW4_pm7QseWP-LuN9utOjJFApnSWnTq_3riHv27_n4A8CrRLnQAtcZxOhsxtbEjsc9MkToEg67Dk4sYyuZBJFYdsFATTNHSO5Qr5BH7etHk2yuYneP2JdJLxSZCj3p7aTHVK7Md1Lk4Xjj4FxsqTXtT9r6Jzj78BaaLeD9D3RKHtu_TgO9ZrfkH8rEKbYDeY2Sq2MkDjVb9OnoUxQ6kvYBnKj0Q0qBBe1NhOXYs63ap_MHBiOYPct-FxC6P1S5GfS-MPp5MYHFipWh-UfzNu9woJnlfcYz7x2lmR0WN2WreoQPncuAi-HDkzlL6cZgQ09mQE0ml9OkbPBVBJLEleNWNBVTX5tZroVjbo_G1B7B96MbXaj-OWm2U8U79uncJ1F5wuCNKPSY6SSbTaIc6kIwEX_xNVAj13cRQOFhNavbMcnnHDv2WqY_P-S9O1GYMpWY_f9m0RvU_KlBIaqzyAq_gkHaHhC3037TPPL4Yp4Xu_zAUe7JwAi_966orORic3XglWTjZMQYtHWfEsXhWiakLzu5QvCKHm4tg5-aCXuTQDZMzXblluWwnFkMnQQ1Y9lkBQ8civdQTLdwTGt1vwA7cqAvPxhjyWGNbyGUTZlW_ccnVN-hc-THXJYraC9VCqQNQhV0QpRXFwJJH4FSjXroOnBSx_whp8_ZWxJqRI94dfPb37_Rzg1Lauw8JQAivVTir_Oz43V98St6aWokivTo5X8cI9QT4LI-0u6sVwc9DCmkYz5fDiSLp0pdk9TsCZQqFGMBLMvA9tDBfGOBndiOHWn1RKVSg4NR3GH2uPhSZeBavE4B1CwzQP52E19WSCBoZGliD2EEKV_TG2fyvcHwF9kKo8QUAVKLXH1rNP34_5DGo9-qsUFBPfHHYtKFL9tM0-ZIY3kN16o6e5uFGjf6ws3P9TTlp2Xhmkv9zMjDCxDneRCJ88dp0mDL47BuOwr9jub_r0Sskrgz-VHHBn2Pxx4CgrfNObutrs4nM6jEG4hPr72pETcKMMQFyQgWTyolmQRxtx3o27-HFxt2wIUmQOqvYN0vuRlRH_eYs4MKfkrqn9IRzF7trjM59lZ8dFCLNky-luvPwbpcy35QivxGfuAP0ggdRmVyt6_2s5KPpGl18cIY1SLkAvW08YRqmZe3IbuD8c2Q9QL7JX_ev8fSkPtZmMR9tK4h1-scOqp5XSz8wv056y5Bgl6I-4O_kUS4Nx0nykEcJG23o2fG3VTq0YW0DLQe05fYKv1h7hUMLSgINPKB7LdlMzfUXRu4aLIC084-Fjbe6Ru5MCgVArC6YvQDV7YrnD4pv1QPCmFWzl23wocY6E4S5q8lfft77teFBd-PUcg1s8jcMehEg_fNserD7lZpG48L8fVNHtO-3MAW6yHfqS9Oa-DOEajKProSXKT36e_aDaz-5brMGMcmV_8IIfBWHI96xjqXj2zFToO9S0UhAr1O8l04oHC5mSp28bg4YC8owYbeiaho3XjtSLy-1JPgOq7_5jXCEao7c0q_LldTRebJF9bbVeeiZEzyKHeYvWcm3Z-9F1azeNAjj-3T3noStx_YbbwdfhKdh1WLkHRA9X2AfCch7UUrHzNGXDNg_-oeQXHReCDLuhcjr_QVrdiE3A0-EXBWtwusb1QyuqrBd3ppDMiOAot6djIlDVeTrEv8iUwB4ZWrSVp-oNywcCh6KvW3eRH4sCsPXQ80OjEMJQYiP5UpRNhxxeWhqP98J0jU-z0ZNFhvVKZ2yWPh83vpC-2oaiWzXKYMn0tYrcsoS0xlnmqCtQLGoIGmtGDqhh3TQn6nG00E1hKh77yNNiIvbIK6i5QMPTzhmSCF_-8cXfB-oOEkUQpADv6FyPryK4VIEuEM5X27Kp9YljDdN2fPcH8xvm44wbDUcYmtCwlzL49YYunKs9cYtC_KQL9-8VhP_D3jC2sC7VEsLXE9PcRlGhnqMdezR2J4onGLTuKkGDy8D7FZhWzI44OhMKT11aZLCAab2tyXQZ1Lo-dxSmYT8kRf7X6czrgEk5YcCUEHz8Rx9BR9qo7PeBKAZSWaZox-S9js570Y-CF79bPycWuDLOxDVhrbFAjGQpLmXOydM9tzBGMEMikBmh_tvAOPTQAXx5fISEwKYT65cYmSkC7Pxz-qo4zOfXkBWbXq2eQOkL52ywJQrtzyKksZEDnZohgamscjewiJD4-XWXSRIcrdhLMyBL7izLsvPuyK1wVGnfg_ssP1ihx_rbqqD5xMS2sDE4Yntm-13LGeXJZo7Rpi6UThxJgeSfNZqjB17Pj9I7r-xxp5FKspdtMT8Qd1yzgqtCrjIR3kJAPGNORfo5u1kUFrGev_C2WsNbufOGY4bGeQcHEQR1HPBE4r4sbEnNvt3kl0DFhNU7RpCHiWFUtnqxVUzXYtWVjDNfC_zJKZdwlekIY3TDS5lrlBQPyyUqZ4_AEFE60GWgGXw0SIfb8xvTX7EnNTgPyeaCTn14J1-gDCy9FlnkyW4-NcuguDlCOyx-Kts86TOIj6mhMCJU6SLjzv65yhdhuO6DF3xzl1NtN32qxD1BfYF9w_1A7RtTqBBxauElXjAojuHmQF2jlsw2snNN1pIWHbJfpa5U0lwaHAYgMjrSK8S0wt9aaABpDEno2JDjPDIOdID8C1w8E7tLgfZx0RXA3TOWmodxZDVJM8Detrkr2F2MUwLhF8AlBXGuM5Nh0UNiAVDiFgrEpvsqowkxLpbJKg4WTE1aitwohqqg4jhm7bVCSncXky8uqwd06RyiFmmyYBUMo1Kg8MO41IXhnhA8U_gimiwR4UzRx7Wfpfg9nH4bPvNdD1q8DpeqzMSp-dCJvZtRmhMJOA4DsCPLnS77ARPa1NosU9-mhh8S4Raj1GKuA4ozbVE7wLGv6U0LVwKT4ULd-CppBYB6GG0gW2N4MIx8rHCXPo5qy7GwSMxtM2AMCgLlb7dJGe1mHY-GGiwYrRDHT8PuHi2HcbhF8fVfVYeaRua--iyrY-jCImJc1m5w7mYNzKvT2Xdl7oNVxdOArOIO8P8L-wL_hcijJY3Przhl1cahL9MvqM1Vv6gBo4gN9L4vuEN8MNUcrhudfYJvnXQu62K1goQJGr1Migk-XDukJE1HLuXGB2kS6QDsJBnWBn_HsodoBRQOQCEmEHWx4KNGyfV-AuTUxlPAQwhlrKLEt2DN632l6DqhiKhfQcRJtTb6w4O7EFTuzHsSdenZfi6oNF1hlDNtmkoRbV4ZyQHzWG6HHWqaisgyxTBmiSUJ0YO2a4V-ZKn6NgSWGwhuCMopZk3v_2hz-MaGhfX5NFzRSHMvcSSXWAGJBKt4z4IOU3hYxNP46hBdwdOx9T3wsW-DcfD4wUVHFESsc3TjUXsBcjYaCUSXd7lj6BMPqNXmGUjdtg_-RbR7RKW9rC-BYJ_jrsFRaRoxZvbFFurLqgbYeGRbJppYrRwP3U0Vyz2W1RNE-nU8X-NIDJs6fkz89ejAun_V6sGuVbonCqqMaPYQHiuX3b_R2kmCln2bbvVBFjdDDhdXmpJLbDSzq_JM6_rxuTIzDV7oeB7Sp3lfhy35VL8LF0C-TC0MatzV58g&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=1009315367529966100&adk=3047537734&idt=132&cac=0&dtd=43

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ed569fb126c32012a8da2f6b11637ecb274f40ab1dc42e42c23ddba6605fbdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 3c0646cb-b76c-47bb-8270-04797fd5935f
https://s.yimg.com/ Frame C585 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s.yimg.com/3c0646cb-b76c-47bb-8270-04797fd5935f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09eba46ad0bad3ab012904e73a490a10b25510fef3ced986f87581a2d18d07a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 5496
Content-Type: application/javascript

GET
BLOB 200
OK 589483fa-51db-48ce-8de7-6d4f9a45af7a
https://s.yimg.com/ Frame C585 90 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s.yimg.com/589483fa-51db-48ce-8de7-6d4f9a45af7a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cc5b5f2355383e734c7758fe4baf1818edc823f35388a84e640d6630b47d98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 91962
Content-Type: application/javascript

GET
BLOB 200
OK c1081daa-df91-4534-9186-ce7742756295
https://s.yimg.com/ Frame C585 90 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s.yimg.com/c1081daa-df91-4534-9186-ce7742756295
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cc5b5f2355383e734c7758fe4baf1818edc823f35388a84e640d6630b47d98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 91962
Content-Type: application/javascript

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F14 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7270727233826&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F14 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7270727233826&version=m202309260101&ct=77&x=1&cor=2861003522062535700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F14 20 KB
13 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIwFUgaG7O4EnXwxcnbaTraqtHeRBw9WoFVj7mV57cK_9CTZwpnefGNAYYQjZj27PdHJp-TY0RnjkhhOgWPNHYfHRHmCRQJ0z4I35mxJ8NLnBjqy652iT1xtz8tL_QIFzyWqUtsHh4Es4c1c3DypsAtlu790oEVjL7qjBi73hwV_JsqHw&cry=1&dbm_d=AKAmf-C_VnXI8FRBqKCCHuFb6vPaB-ZfH7STVZLl-rUwT9YXvXxS0koZ2IPlYmdUksbwrNwBKW84fE7TiVKIW3-zAs25QKsRTCu7K6ICTqWZ5JqWdsDnPBBB-DhNMN8YatZ-51h_0Uc5FLaMpzjVdhGUUh8CjL_cBODD4WVHQZBRP-297YZUTu1WGyZcvdZybIK3sfn4Wnx2pAYC2_vGGwAH5OwcWFQtdwxHVI_sZHgRIvU78IjBw8QjjYzz7pr3_MOFm38GTo9Pt4orycQmtr4fCq8x6BWeE-pFn9VqQ5n0p3y01ZaUVjsz_3ao5z9ha-NuCONFmBOeKZDi8k9O_elOGCMx7Bf4QmK3nr93GEo05GEi62k6okErLXP2oEw0w5HTqFC1E5K6vE6_mNKnltyKkpNh8h4EyaGZoPTqjGhATh5kAJUNxbFAr878v2vmmFS6MHgNaxJzqe5HOAAV4c2NHA6eXwvGCalKk84KOGgY0ZjZqoUUMA4eOz5sxoj2IpDwA-oJxpcAoUUN34AtPLbhr_cZerQlSQQeS8tSBQvVfNYc4VfeANAN4dAZyVpDP74CgFGHlwiDN1ffV40l6hGcGRo2iAsNmcAR2VVIpTbaRtToeO1OLdO5rR1HfpKvqavO5DGUByr-LzMcJ8o1Kr2uNCRjCW159OMNjm5mmgWsGQd0-ELso9xbfy-FlGfsq3H9OM9X9QC3y9wpOWQWKGpZ9TmgHiHouEZTuyNwhtmrKv_H1DRDgE-6eC73anyJ1cEFMBAk2a1CgXbf5r4-TyP5X9luiZNO4QHagwhNAuzQ5PxkFRwiseF-9ktmZLziNpr2NPOLhxP9VsUIwrP9l0a2t9-95JtTl5BDyOIAdpCKkvjptv9lMcVAhInHvC65sxOLmdHMsa5i0y_MVCT97NEJo3JC7e5WMNQ7xLeqmNuYPWSZ-TM4bW5dxQyFUAdBVVapXkDmjVOmCM05yIj5J8KTdEC7oKGXD0nTkBerZKHwfz9lLensvYgoViE3zxBqCp4hdHjm_OxLFN7baWSg6QzwRbuEMFOkih6hYaA3_VWrsaY_nuYMHIK0tUHrr6kZ94rL5ZXiMK7xn4itCw4sjy7JyvuMBcBlam0GcQ6nQVBB8BcZYPZ5xORLlK4OdIcw61X7HWGsMu3nBo2zyI0fElJRPUc6DCz6OmgrT4-k1EINiLhRuxjA8LWk5v4iRb_STu2JCoIGNzlqo2aWdVwC983AVwreVlQHw1ImYDpCdLlenUO9Rh2aW1iiQP3EvlyRwU8iDqvGfun4jF1MhU9rIM1OXNjjrqW697C2iZip0U3w9AyUsuhW0veDhaP-PvrrlDt4J26HuwEQhReZe-w8hlLVpsDyvFLgymbpp92TAtww-Qqai-LS2i8OpelAOmyBU0eobS5BEZcpXPfn9PqtorKlfi7u8jov__l271hqwv33C4s5WoVqKST4SRITY1lrvR39PgANu7IyueLoNU018kuNg9UrKfHT5nWAbWAzNOTO5-uzsFDeGXm9j4KppyNIkJyFJvg15Oj0A7wxSNKwrBmamH_8BSnxOgfujW7pfDQf5ch3Iv6Unhiqw9jiNGrXlEpjAQwCOaHr9CcmGlI7Ek1qxu5_Cily0Y1pDn-FOmvS_nMWufj1gTpzvDNsT0AsFG3nLVABB2KFXXlO2RfKhKZ8rI79yE-GEjn0HmeeKrfbGQKiVC7ln7Ybni9NkR7QNeVNbbspyg8td4OYnclHdN-GAK8GiAw5rCIhmmsqxwWI5IdjzFWypO31hnLLkK4YPIQRP-AgkPAOWizR82_hgxVhKiWMu4Lf5BXseyGoOzELRWatmiadfhL5vc_VJCfjxy29c0VW1RqL8EPRvN6WmhNlc4wtA6rNCqW0iPWZXRPWkmrP-xSqL9d2O87msGIz5ttbuUxunJxGuIA7pwrwY0A_b4LjPq86G_rLGPB19w6KMLCfT47LwqEkeqUy6C5jHemPRLY0Jruv8Vy5pEjw5fr845kY4ccN1-NEVy6PbQDD3bl7G1TwR_268j1NP9e7iwhwd0MmvtT6qIbJyzHKWTA-0KBTlFznA4do3Zr2oaqi41HTz33h07oonjmsKCKgVvrBMFd_6_VV9W-eMtzSuRsAFecTPUgpr74zDNhB1pFTJQx2obKSOJTXGWUrl6gvRgrTVhZMu5_BOsdXt9HjPJzYglLIzr78uqY5Rc5mti6a5YLy5yXBQj6SdWSgPzfrpzZm3dahz9KpREhAlQx5vnf7Kb69qRkAUF6gMU-gap970TyQwgqfnBo9KjcvbDT4O4TvlUcakp2QfLoQBvaFwsaC4uuGhdFCJ_HVsHnxrJLqrBJQJHtwU4DWESVaNZnBvgGxr0bAhpcB_9CsawD0EHeKOHdKS9H9TU-H1_24elqRzV-6scFMOiqhMyaSNzc6xPmqQdrm9nLkiVgNf7sA50xwM4p-rKff0E2VBZ8C1nups2mmd94ONei5ktAdYstkxnjRCERDatfEiUVl2YgOe6LbucUcYBH-728-K50dhoRAt2tX9_nXRukF7L7GileDEV6pzHBmlWI5YGzDf8P9qZ0HXH1LPWX9ojU7k1bERJY1YmTqEntK0MtgiYL2P18z9BL8tX888vGwqzbe1ldgOCcscV3UFBJpbOOgjsfw6hTadROOj-qbC5HHD1ri-cwm-qGKy7yR5tkeHIv-w08unkY5Ti4C5asx8ckBEVhausrQE7rLtq4SScLMGjId0pWiyPBRX_uARDzeMUGW4H7BxVtSkkmKdwYCjUKQYczO_woc49tMuS3yc6Kk-XiPwGUglPjBpLsgr4BOBTLV5ZznAsf1gG4K8UFoO7upySR2xN_ZKHA9x2o1FdlTNkVB2Co7a5CILjgA1I5uiHFnAz_TQmO45prhAcb5ljqqrgwMlGD_ir1tILGH2wyZlVMZ71yo54So5SUTaimBCtOW-gM_OmS3Zmhqh5ymS5tiZ30_gF4OJiMHpkQOE0O4746hjWNpdNckDRDdOEhhc00uGeB48dqyqZs2pIoROAqmFaYpQaCjWp1n8vyDtweXLfyTmOkUboI3IZP-HOdJUYx6oSRKoE_U-4tVdkUmGEQsOLR45JAWdYlVIe4qoz7PYTdOweowcMYh1cRHEJ7ldNEiMooqXjx3sC44fqa6zgUvMSgni1drb4cgxRJccrXMr1maJItbVTVSFa6gNLh1lf3J1mffDgT2yiU-H_2uDwZRH_FXnzxD_ppI2OM2QJeMY5mf3QB8ukkTt9_Mkg4J1Xww4IhPAzLhBC4bt-qprBWZKHi2beq7WXvHgGrH0XN7TR6nKSTK8oAVf6Ol4cOnf3Jz1yEMetWNtMnXut-JgBUQlwJlYGvSlSK-KBh2ZHXejpzMtGAzYuaCt5KhkqE60zjpeJUgNHvo5F8HjOtBNkKf6kXf9tqfXno7WAR5j_h_MBriBZgfUQIcaIoAgIWoVdHIcXP-eA61AK2MkJCu0ZQrqZhWnlb4GtqEYSoSfge2SE0VYzm36eoZpPiOGEiuVRJigmaOF4Cub7HoA0tsaiOOPmWWDXmvmqdf4LFUVUeAKm2ckWK7c86tRpt9AnkPvwI2n3T-M3imRf3GjD1FxUYTAahQTo3czhLY6fP1XI-LpnRZbBYnPY-VaEMz5hxf5Abyo9bf8oNc1jRJivbCUsU906HjA4coXDWDf9NlOSVuB1KW-pCCpyWFm8oybt4GeGY8Z_Ob5DcyYhoXkkynNz3BU4Y_sty6tW5BJW2P7ScfSbnZN2QsT0ysS8zqmSwl&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=2861003522062535700&adk=3944675603&idt=91&cac=0&dtd=5

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b52d60c852a03a8688acabeb000c5a3b57ff32e7b69ea61a7c884505889dde50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13553
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A973 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9620565032337&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A973 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9620565032337&version=m202309260101&ct=77&x=1&cor=6613571749176795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A973 19 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dnpy5ohT9cX6eVFzJY_Y0-okXvQodciMN-PTX6U98bza466hLp_bCEh7zdi3kCzGDVGNYZ0Dll9Y85SCipYXHLz5AHIDCN9aAGWwE-zy5zSps5KhKjqxiWjlYJBysbtk4WhZciSRZLV2sYPtKCTBfqS4EQtOuiGEtjwqzGV0Xj0P2KNFE&cry=1&dbm_d=AKAmf-ByIDOLi-e6rCa4SW3DlYAErYTExHYIA-qIBXykH8SElXVVhUY17szeLYv7mboC39R6F8lj35pDr9j-XPTecwtdhjVO10m48f-rJR32CzN9-KKCMlb_6FPbCnTVdbELit2trkwUYVtVjDuH_dXQT9pQA1kTx193hV3O09OoCRZqxtpdULakbZvcI6vaEoLYZXz4eU-r1V9Z_3tlS5z6KiUxB4NlSYBl5ZGqoH2R-OIW3gW9GYI7DtjmowmGWabj6RiTbw6omydzaTp4Uc339S9FvN3XvTb19U-jISQs8yOj_P20dNUunyW_5mTPIp0pWNNJUulW7WyAHCW826CDKnBkUZf-YeSsKVmMgObZ2-qULzGqyVlP1R4mq2glt64soELq9bDnHjpYTfJY8i3ETXksgyJLNXiN1dnLfW2xWayqTRXdTe7vovzX__aW-X9EcYCgQQ93c_WnrYPAhPAstGzJYvYu2S-knyR_OXcvc9gDjuiS3w0xepG2wMII6OJvJF2134p87J9WZXGv9LzS_wL0nmYde8RrYuepdJub1ifAhV5gDOWWDVW_bvHa2C-nWQ5aNuZ_IuxRyIhSx-S4f4C3bFyLrhLl2VPTRRv9fDAD7Lb7rbIVEwnlh5j4iY5_VpaNnhmrRHCzY1lUxm10Ea_3B07XXGm7Ay5d5vQgrcLlH0_wh8e0gfk7Ik8kt5puWSToYx3FiHQNTGnnzOkRKwmzz2jqOrj9QtJyxkyyhTz8AMykGMzh4mt6kV97-w4ZcrBvcT5_qUL_vVcfsBPfpk_9wgfOfrJcauVCCYce0ckNo7lgCqPDrrm8qq-mg-Rilu8xHz6Mn1RKDv7wVoo3f-IKt-cvDjAkURrsI_w0LdKr1XsRUenJJ4w8xOht1sHdcLnmlYZ14qhk3qyt-6gAgN6WEbCg5-2H-y_Wz-36yUsv0YdB2rGoO3GDA1gA17axoIrohy2EFcRbfi7pMNGtrfgkPNjE83XBqwjK4H0NKvFxF58MDaJa2Jr9WIS-iFW7ZLjAA3thIigHUr_fiodL7Yn7hKvdZFGjA-9lx6uZ_kJzj0Yf02wirNVfKVw_M43cQFG5WYf2Hjv9WKXnmPELcJHk7MASSHWdFi_kqjSSKz8tA11K4dshELpA5nkwM2ny-VoetMrvXk-z2tIsFtRMLB9axW5rhm-FH8p0WbhOMaUgGxacNXUFq8xC5HcaMDY8qHvHtC-CkOgxpQjc3z6wrtnEe9dw0jfuuPkzHWEZEXwzD6zjK50hlBrB4M4k9Atf5ogJenhmyTe2OKcGngFsR5_jl2RbsY_7bbgqcwdntM_DIUHi5VZSBb51BUDyU1cuISRMwyWDIOcBz9oXISuHSd47Nx3GGWCdse__rs4v5DN6wfXiUfC-lmi1XaXtyNjZEl9QhLyLol6xo8iBawYec1JtxCTkf2O-uyxmkwKiWKtqGuf0rPqxjXwIMaszJCsXYogk_CIHMfNMaSMiaajtaMDSqTHGqd3NyzO6ysXVX_s-u7Q6kWruENb81rkI0yki8mYjpM1UPwA0y1Cv49H2QNr1Yv3iPmj9vqaJ1GJ6puUFXIv7sbkZMXbbprvTlc-nvhl2_oOfutrFHDNSxk-BObi7_jfrtAli1oO6FQUZi1UiXewNE0526fPTqTh1LXOuvtDevaI5VMKv3eKcwWXm5b6XbEFDxsUi9frqkLTef88pSyNVjfZLlucvO5TPwpNB-VlZOeXlireK9N5IpKlSNrffCswpmLFfeHLkcuhSYNHf4Fvr1LpRVnKo4nNLIv3PTzYarX9opt1FZI_0spBriGdW742oUYRqJaf-kuwbSGMoqfDYSxTsYNVo0UPO587Kc7DKSKIptH18kK1kIvURaTqf0ocIBDpAQR_nkwGfkru3vpiRUvMLjwgL0Q5ohiCeMMUrmvl2328sV9oiwBAMNgJFQ5M8Jn_xd_WJk_b_MDOebA770-0fOCKRfbIE4fXWn1lQUoodVZuGITeqQ9rYx-eILAH_MMvHNhhCfP4XqeJiHjj0npuJB5CvphbI9wy9W0Bx5xxYaAk2UHDto8r7GsEHzmCs9tHUYSScACbw-JjGNt4QyWzd7RascBId_Cb7d0kUsE_snVOw0ClycbUExLc6YlKujMmvECSoUlaAFnTk0J13x7AVnlxXdpJhMe2yzZJ_DRDcdKlBee-eXZwmy4pQ23THu2MMNExobwDcDOiNMYZAT5HsflsgvbZwQAn9fjRC_xlakp_UARWQ1QKVJRVo_vgcUlSsglCsvFiPGHfPx6LVp4qJ_-yA5SKTzSMDJtnR7DRtRfY2ReAL65zDFNZlp-x-hjhyfh1M5H6BfeTTL2tpltJ9Xf9nztRvXAmy4JySIHEPkRu53T0jHXtshGd78q4-6CgipTrlom4aXAh4NXNv4YlI-Q2_0yrJb41FHUZj-WmF6J2q3afyHeB_jmeLG6xMFuY7ivWuLTblm34jgevD8fmM65wbQFfKyK1BTznoFOtRfjEF8yP89-uG8AsBr6Xq5q7ZsIQXnTQhFZsEfcF7aqsjySLh7tzoyrn41C-nNkK5uRPoJ9zEgGgUXrPRZa7dbKkrwMFAVWu15aTN5iloXuqVtQtVdmM8WVxW2EycIez3x2DsKdoSmBNrYBj8SD5wXvni2UUl9uCNzLYtzRIDhU-3dPAYIJzjfF0AKU1VPvnSYOp4zt3fEPL2k07NsQxGeAHyp9uXjKJHdK2dqH9XtpjUWZ8e_lMf5cjScKWAhFYj9D1LBsZ1Z7QqtOo3lO_zwDlh0TSO_Bipn4rQq0YbCC2oChuiOmmA8ray6zwKeBfVROfRvSfoe8Clrkx21iR3satR6BKxIfFq6txhqcghQ70zd6w2uqwcb5AXRzE6StfDliM3TqTLojrMohFW0y4DgsRWC-tGhY-pHUPrzhSrQlFJCTWotURnc0My0keFQI_TXejr3RTDXW2dyYdWqcb61D31AdblAxkEDIgxiGHWDBYurrMc6zRtpYomu6Iw-VmC843B67Fjb4rhBAmCk4Brec1XmEMmGq9lBebxrh2YrACiHjvAjIr8_KAUO7xeJiaI3ACERdXesbcJ-D7T4EHv59uR9EGurQAcB11XfnZEJIk3OiI4GNlvcv1SicKC_gv51I4KfHf6qQl5R54chv0RkX5bzh6NWD11RuUM8q_CzBHXID61F-F-JSKpraLJ1l0d54nfhpLgW0PzuQsD8hUTPD1Fcrax6r2r8aNAQw65PxI3GHX2BKr4JTx5EnffOSmYgTj1WyiAQNuyM_NJlEnjUWFBMqQ2b12HbLMCu6uFNTsFZzF-zABsHFrBFvHx7AuJYn07rQYKWAbuGNfSJbLm12UUSMHW-f2rTidh6ApvitaHOrJMZ3paP8E18EBnDD_eFXKihyq7ZtfZfuk7lU8x-Kh-l5CJVeRmhmIVpYEQu82EBZ_ckcZ2KsQ4VT98L_o3p1K8GQcJqYs7WckfSnGaJ3NbZxK0leBbXDeM3JSfa0IS32SSwFiV1YqvenAvnPIkij8ZJTw2z04o-2zPdGfka-DEE8PqzsArSd7ycT4UImsno9f8MXmIBVcE5SeJJt4czotClrO2OG_C-GkDytq7CThqUIB93_a8OHKj2bK2otKPIxyK9_0FRtgvgJVBuZLr-eP72teIVqrSeIJuRzBMWMcaFaulKxO_0BTgzIk_QxLjv4YL72I9fMhlx1nQhlLIl2MbDm0fiaQDFU61aPUve5P4_6kMMOOLtehFd0P0e8Aa9SvN1sakdK9ygLVCILGL&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=6613571749176795000&adk=2857193499&idt=175&cac=0&dtd=5

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21dfea8ce511b531beb51047990f255a04c260abd9cf34f38084cc97601f1f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/6s/ Frame C585 12 KB
13 KB 230ms
230ms XHR
application/x-mpegurl 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/6s/rendition.m3u8?fastly_token=NjVhZTlmYTdfZmIxZGZlODA3Njk5N2U0MzhkMjkxMjE2MzM5YmRkMjdkOTc2ZTU2YmQ2NmIwNTFiNGNiYWU1MDZlZTlhMjI3ZA%3D%3D&bcov_auth=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: db16cf0044e601542e9d9403bce5b24d26c9b04332ff517f53a968153f42b8f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.806016,VS0,VE220
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DA3B 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTcyMTc3NQogIHNlcnZlcl9pcDogMTM5ODAzMTU3CiAgcHJvY2Vzc19pZDogMzYwNzU2NTg2OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQz...
ad.doubleclick.net/ddm/activity/ Frame DA3B 0
870 B 81ms
42ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTcyMTc3NQogIHNlcnZlcl9pcDogMTM5ODAzMTU3CiAgcHJvY2Vzc19pZDogMzYwNzU2NTg2OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQzOAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTE3Mzc1Njk2NjczMzg0MjYyOTEKZGVidWdfa2V5OiAxNDM2OTMyMjI1MDc5NzM5MzgzMgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjI4MTQzOAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM0MjMzMjU3NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTAwMzYzOTU4MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNzg2NTkwMDk0NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQzNzAyNTgwMQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmVlbmV0LW1vYmlsZnVuay5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x74e8132b4f8e8e450000000000000000","13":"0xa8b5733b6c49d75a0000000000000000","14":"0x4da6d1e52d3704a10000000000000000","15":"0xbecf34460fac465d0000000000000000"},"debug_key":"14369322250797393832","debug_reporting":true,"destination":"https://freenet-mobilfunk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12281438"]},"priority":"0","source_event_id":"11737569667338426291"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F14 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTc1Mjc5NAogIHNlcnZlcl9pcDogMTI2MDU5MTkzCiAgcHJvY2Vzc19pZDogMTU2MDI4MjA4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQz...
ad.doubleclick.net/ddm/activity/ Frame 7F14 0
509 B 78ms
42ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTc1Mjc5NAogIHNlcnZlcl9pcDogMTI2MDU5MTkzCiAgcHJvY2Vzc19pZDogMTU2MDI4MjA4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQzOAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogODI4NTQ4MTk1MDE1OTg0OTY2MApkZWJ1Z19rZXk6IDEwNzA2NjU5MzA1NzkwODcwNTQzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEyMjgxNDM4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzQyMzI0MTc5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMDAzNjM5NTgzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE3ODY1OTAwOTQ3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM3MDI4NTkzCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZyZWVuZXQtbW9iaWxmdW5rLmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x74e8132b4f8e8e450000000000000000","13":"0xa8b5733b6c49d75a0000000000000000","14":"0x4da6d1e52d3704a10000000000000000","15":"0xa4b7cb0641dae50d0000000000000000"},"debug_key":"10706659305790870543","debug_reporting":true,"destination":"https://freenet-mobilfunk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12281438"]},"priority":"0","source_event_id":"8285481950159849660"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 42ms
42ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705920281903&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fs9nySqH&pd=unknown&pt=home&A_utm=%7B%22GAM_TOP_CENTER_BRSTIME%22%3A1966%2C%22GAM_TOP_CENTER_FTIME%22%3A2514%2C%22GAM_TOP_CENTER_RTIME%22%3A3920%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A973 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTgwMTc0NAogIHNlcnZlcl9pcDogMTM0MDU0NDkwCiAgcHJvY2Vzc19pZDogMzE3MTEwMDM3NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQz...
ad.doubleclick.net/ddm/activity/ Frame A973 0
508 B 64ms
47ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTkyMDI4MTgwMTc0NAogIHNlcnZlcl9pcDogMTM0MDU0NDkwCiAgcHJvY2Vzc19pZDogMzE3MTEwMDM3NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQzOAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTc1MDA1NDg4MDAzMjI2Mzk0NzcKZGVidWdfa2V5OiAxMTg0MjE0Njc4NDk4Nzc5NTI4MAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjI4MTQzOAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM0MjMyNDE3OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTAwMzYzOTU4MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNzg2NTkwMDk0NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQzNzAyODU5MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmVlbmV0LW1vYmlsZnVuay5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x74e8132b4f8e8e450000000000000000","13":"0xa8b5733b6c49d75a0000000000000000","14":"0x4da6d1e52d3704a10000000000000000","15":"0xa4b7cb0641dae50d0000000000000000"},"debug_key":"11842146784987795280","debug_reporting":true,"destination":"https://freenet-mobilfunk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12281438"]},"priority":"0","source_event_id":"17500548800322639477"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asset Show response
tb.video.yahoo.com/v1/evp/ 2 KB
1 KB 59ms
58ms Fetch
application/xml 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://tb.video.yahoo.com/v1/evp/asset?bcid=5afc769f7239855a15fcee15&pid=5afc75ea3a04293dad9f1a1f&secure=true&rssId=75e32068-922f-366e-a1ac-812558168e2c&firstVideo=true&height=226&width=401&sid=c88a06af-107c-4eee-8d15-10169d1affee&pblob=lu%3A0%3Bpt%3Ahome%3Bver%3Amegastrm&show_name=Fox+News&site=frontpage&region=US&lang=en-US&space_id=2023538075&experience=advstrmvideo&expn=advstrmvideo&expb=900%2Cseamless&licensor_id=a0770000002lmbdAAA&isDockable=false&m.type=VOD&device=desktop&v=1&f=json&s2s=true&content_len=145&content_title=Trump+responds+as+protester+interrupts+New+Hampshire+rally%3A+%26%2339%3BGet+out+of+here%26%2339%3B&content_id=6345282681112&pver=1.2.16&aver=5.1.1&country=DE&state=Baden-Wurttemberg&ad.plseq=1&ad.pl=up&ad.pt=home&pos=preroll&evp=bcp&fmt=vmap&ps=cc77oxik&r=https%3A%2F%2Fyahoo.com%2F&givn=[GOOGLE_INSTREAM_VIDEO_NONCE]&pbckt=Treatment_Oath_Player&npa=1&ltd=0&ppid=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

120fd2257e5479a0c306d535a7bcfccec53614e55123770abce688551d6c27c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:41 GMT
content-encoding: gzip
x-envoy-decorator-operation: thunderball--production-ir2.video--thunderball-server-k8s.svc.yahoo.local:4080/*
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 0
x-envoy-upstream-service-time: 11
content-length: 1009
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: POST,OPTIONS
content-type: application/xml
access-control-allow-origin: https://yahoo.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ Frame DA3B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63395fcd2e313a72dc41f59fb6d46597cb70d3b976d578d2a119e04c3c1ac9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tracker
metrics.brightcove.com/v2/ Frame C585 35 B
52 B 23ms
23ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=600c69e5211cb55dae19ebdd&account=6415665815001&destination=https%3A%2F%2Fyahoo.com%2F%3F&platform_version=7.14.0&player=players.brightcove.com%2F6415665815001%2F8tDK7OitG_default&player_name=EVPlayer%3A1.2&autoplay=false&ads_enabled=true&media_type=video&time=1705920281833&event=video_impression&video=6345284262112&video_name=Trump%20responds%20as%20protester%20interrupts%20New%20Hampshire%20rally%3A%20%27Get%20out%20of%20here%27&reference_id=75e32068-922f-366e-a1ac-812558168e2c&custom_fields=&video_data=&video_ads_supported=true&&video_duration=145&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Faes128%2F6415665815001%2Ffbea3e2d-5b27-4cd1-af56-2e46c605f5f0%2F6s%2Fmaster.m3u8%3Ffastly_token%3DNjVhZTU1MjlfMjBiODU4MjM2NjkyMDBjMDZmNGVmMTU5YTQ5Yzg3OGY0MWVkMjI2NmM2ZDY3NzM2YjYxYzQ4NGFlYTkyZGVmMA%253D%253D%26bcov_auth%3DeyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%225.1.1%22%2C%22requestMode%22%3A%22onload%22%2C%22timeout%22%3A10000%7D&preload=metadata

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Mon, 22 Jan 2024 10:44:41 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 7F14 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91d566017ef722918df9e6880b1bdf9d9ad0184f700963eb20bef680ba2f1d28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F251 0
0 39ms
39ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=799466616960666&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A973 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fc083ec610063ee88c6d62210c36d8466c6db80ac3a958552f23cbdf0013a95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 r62eglto.js
ad4m.at/ Frame DA3B 24 KB
9 KB 23ms
22ms Other
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534225
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxTyuNO9%2FAUrV5wJaqiSn9teP7ldrcSd1AuYiH1xq2TuhQXddAeGymat35Mx%2FWjRKo4LPOs6jMooESXTiPsqofJg8tkFO0BpQkp3C%2FT2nI2BJiC933y58i7jM02huVEZZMKz1RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84973402aa7e9a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 r62eglto.js
ad4m.at/ Frame 7F14 24 KB
9 KB 22ms
22ms Other
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534225
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t7P4BgWCvBCVe0eaI5jjMPaoI%2B6E8kYF9U2wVBqvacRWWfJJ9srJObjrdqUNIAIlmFRltPW%2B5Dcw%2BkrM2%2FmrKOv2UOKXnyPJFAJevKld34EQCdvsLjSXok7TgMhfBtwK%2Fa6WaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84973402aa829a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 r62eglto.js
ad4m.at/ Frame A973 24 KB
9 KB 24ms
24ms Other
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 534225
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk2m%2F63YsfvAulaknSNVYN9H7bKIFDru8rsRja3oNesXaNPy2K43SDy0uhAoIcp9CxQZhA6mOvpAGe2VaUoy1bGmrZMai1eCXmGpDfr%2FPI0crP8SovQ1flriCM47MslzBgoohnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84973402ba8c9a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C509 38 KB
13 KB 10ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FAB7 38 KB
13 KB 10ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CEC 39 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 10:08:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5C50 0
0 45ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3LO-GEeuZfXwILf09u8P66qi2AuWmfeWdbnR3YKlEOTLmrOrMBABIMGCi5oBYJWCoIKwB6ABjPvZ-QLIAQmpAp2Ka-hlSLI-4AIAqAMByAMKqgS8Ak_QpFR72lMp5bNb5sDgj_CmXek4o5IVTqzAdqdCxdn0bu97eTfvlsgwqJJgfGlK-UxHgB0Joul6EyJtJjiOC8Scc947fCGbqWokeheDTj3ZflkWFWGi_ZUO1iRhQRClNpzud0p-S_Su_35yEibRn92Z7kkwMj4a_fFEcsAG9i9Yi6as7Aof_SHyhrEge560kQLCZmFl_t-Ry1SPQpiAhnLbQWr7OUrVCixQQ0ztovCxGZmspvF8Kc86XqwVyJMFr353pBBscoHSyzVgJszcGITWnh-72Pdq0OMatDftJ5_w5Y5Fw1SlNYqEA6dncNCzi_SPlN2DvH9N4jJGveTzwUm9PLagpKLd1LhMlZKIZ1Zw3JbpmDWc9VjOjljX8X6x17tAnn23cZxtIpqn7yht2o7HKLkIRWUWEw4ySKLABMXbybL9A-AEAYgFrvWMwUCgBi6AB4i31pEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQh8oe0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljP5tai6PCDA5oJEGh0dHBzOi8vbWV3YS5kZS-ACgPICwHiDRMIvKbXoujwgwMVN7r9Bx1rlQi7uBPkA9gTA4gUFtAVAYAXAbIXHwodCAASFHB1Yi0yNzI2OTg0NjY0NjU1MjEwGJqrkAE&sigh=_BMBvQmLsWk&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/c503e0a9-2d38-422f-9a9e-154d6aab07ea/6s/ Frame C585 12 KB
13 KB 161ms
161ms XHR
application/x-mpegurl 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/c503e0a9-2d38-422f-9a9e-154d6aab07ea/6s/rendition.m3u8?fastly_token=NjVhZTlmYTdfYjllMTQwMDE0MzQ5M2FjZDJkMTZjMDUzNGJiYWM2NGI1ZWJmOTM3Mjk0Y2I0YWM3ZjUxYTFiZDMwN2EyYWExOA%3D%3D&bcov_auth=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: cd76916c20ddadb008254acd4f3fd599c4056f2c6e054f1d03519837e71db568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.066444,VS0,VE155
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 3BB3 2 KB
2 KB 28ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2056934
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84973402efcc4d94-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBdq%2F6OFCO7AlWbVnhTCxcOFN5nJmun0miOw3FrrpI%2BIrAJ%2BL1K8AbMd0cvGvuJ%2BLfHaIHUAAwqrRAlcNxLubAz7%2F6hty2nnVhkl0Uf5dDAXVu1z8LisuxZODHF%2BYa0QxDVc1Ks%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3999 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
bats.video.yahoo.com/ 0
0 134ms
132ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_tb&t=0.10583766480716306&_sqno=3&ts=1938&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.78&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&adTag=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&latency=160&status=200
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame ADB4 2 KB
1 KB 19ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2056934
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 849734030fe54d94-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqcRRdet4SB6VAwZD7z%2Fypi8OSZIWkTHrZi%2BVIZlznmZfX3N0%2B03v08uK1cskg%2BNVSVYjhXvtEe0Q3DLi%2Bdf1XFTphUu114NFTgDDRk%2FDF6tC184mB%2Bw6idmblHDWPeApnJ5c9A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame AEAB 2 KB
1 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2056934
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 849734030fe74d94-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu5W8L25YkYRTo8lcCJmihM8TySbaii50JrSHsxsa8i7%2Fk6XbP%2FVVNT9RKUTgE2EGLoGP1OycMihG5OAqAIXa8Gu7Bvn9kh6EmKgSpu7189Nh4JNo3NOgoFsxh5ClvboMRwbK9k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 eda50213-6f03-4447-aa33-a5b4e29add91 Show response
manifest.prod.boltdns.net/license/v1/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/ Frame C585 16 B
214 B 166ms
166ms XHR
application/octet-stream 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/eda50213-6f03-4447-aa33-a5b4e29add91?fastly_token=NjVhZTlmYThfNGQwYjBlNjM1YjUzNDI3NmNmMjViYTBjZDlhM2NhYzNiMzQ1OTQ1MzA4NjI1ODUzMTI3ZWRhZTdlNjZiNWMwMw%3D%3D&bcov_auth=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 516c60cb2912b8a0e062f8994c1212fc423c4365d2e7fea88968de6a99a2c9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 varnish
bcov-request-id: 5b48971e-bdc7-4309-88d7-8add4efe35d3
x-powered-by: BC
bcov-jwt-validity: success
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.092891,VS0,VE160
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=290
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/eda50213-6f03-4447-aa33-a5b4e29add91/3x/ Frame C585 235 KB
236 KB 64ms
8ms XHR
video/mp2t 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/eda50213-6f03-4447-aa33-a5b4e29add91/3x/segment0.ts?akamai_token=exp=1705942951~acl=/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/dac70eb3-da2f-432f-a106-4ac98f7e5ae8/eda50213-6f03-4447-aa33-a5b4e29add91/*~hmac=21609636416efc914527cab03a491942f58098bcec6373ed38c4aa7f01facd95
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: f7b7249d7720da6c2e659b427739a6a811e7d2f0bed3346a387143958d6dc4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Amz-Cf-Pop: ORD56-P8
X-Powered-By: BC
Backend-IP: 3.162.159.218
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 241024
Fastly-Restarts: 1
X-Served-By: cache-chi-klot8100124-CHI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811159.560451,VS0,VE178
X-Powered-From: gantry
ETag: "63a1210b9a19877f6a150dc02853a058"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31426941
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: nkSYpb6Cy9hRLMwWJPAKTWgoRMFpkGkw2023DsSbjydH8NwK-xXDFQ==
Expires: Mon, 20 Jan 2025 04:27:03 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 153ms
152ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=ad_tag_passed&t=0.643339719460243&_sqno=4&ts=1985&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.78&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&adTag=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame C509 50 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame FAB7 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 10:08:32 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 148ms
148ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.3643009527209531&_sqno=5&ts=2054&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.78&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&client=&crid=&ad_evt=ads-request&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
95 B 43ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705920282199&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fs9nySqH&pd=unknown&pt=home&A_utm=%7B%22GAM_TOP_RIGHT_BRSTIME%22%3A1966%2C%22GAM_TOP_RIGHT_FTIME%22%3A2513%2C%22GAM_TOP_RIGHT_RTIME%22%3A4216%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3999 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 10:08:32 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705920282212&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fs9nySqH&pd=unknown&pt=home&A_utm=%7B%22GAM_MID_RIGHT_B_BRSTIME%22%3A1966%2C%22GAM_MID_RIGHT_B_FTIME%22%3A2514%2C%22GAM_MID_RIGHT_B_RTIME%22%3A4229%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705920282215&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fs9nySqH&pd=unknown&pt=home&A_utm=%7B%22GAM_MID_RIGHT_A_BRSTIME%22%3A1966%2C%22GAM_MID_RIGHT_A_FTIME%22%3A2513%2C%22GAM_MID_RIGHT_A_RTIME%22%3A4232%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 eda50213-6f03-4447-aa33-a5b4e29add91 Show response
manifest.prod.boltdns.net/license/v1/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/ Frame C585 16 B
119 B 309ms
308ms XHR
application/octet-stream 2a04:4e42:400::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/eda50213-6f03-4447-aa33-a5b4e29add91?fastly_token=NjVhZTlmYThfNGQwYjBlNjM1YjUzNDI3NmNmMjViYTBjZDlhM2NhYzNiMzQ1OTQ1MzA4NjI1ODUzMTI3ZWRhZTdlNjZiNWMwMw%3D%3D&bcov_auth=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOlsicGxheWJhY2suYXBpLmJyaWdodGNvdmUuY29tIl0sImFjY2lkIjoiNjQxNTY2NTgxNTAwMSIsInBraWQiOiI5MjE4NDMyMC04ZmYzLTQ1ZTktYjYwMC05OTBmODIyYzg2NjciLCJleHAiOjE3MDU5MjA1ODAsImlhdCI6MTcwNTkyMDI4MH0.Std2OBl8o2ZLzhYyfSJCMin0wd0Gw0D7u6KJIhGm5KxC5TLeWt8rwbO1CjQmfJNxl47qriL-cwXLbOG_6bXGklA0VHWbmsEIoGc0f4FzgfXafZj0QvbtVuo-XVsCNv4cv3yLjwUaYmFXyBLMuBVyPeADVLhxaA8pd6t8PXX-elSjZXrEOWYIJVKZKNP98cnbBVncGOkE2-XPEfdOKA4A2HxqkvYa_UdqRHnjcNVvfOgR6ZP0Fn0Ee32MyXATx_Pd29tQvKodQ7KHsQpY_n5uimT-Ar0sNoWHOt56za3mRaGKPgdhG1LJOn86dVOUeBVbYb1zDp55YO4KgTHlHkg-5w
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 516c60cb2912b8a0e062f8994c1212fc423c4365d2e7fea88968de6a99a2c9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 varnish
bcov-request-id: ab3617b7-0574-45b0-ae65-9eac431ddbff
x-powered-by: BC
bcov-jwt-validity: success
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-fra-eddf8230071-FRA
x-device-group: desktop-chrome
x-timer: S1705920282.405296,VS0,VE302
x-powered-from: eu-west-1b
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=290
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/c503e0a9-2d38-422f-9a9e-154d6aab07ea/eda50213-6f03-4447-aa33-a5b4e29add91/3x/ Frame C585 103 KB
104 KB 9ms
8ms XHR
video/mp2t 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/c503e0a9-2d38-422f-9a9e-154d6aab07ea/eda50213-6f03-4447-aa33-a5b4e29add91/3x/segment0.ts?akamai_token=exp=1705942952~acl=/media/v1/hls/v4/aes128/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/c503e0a9-2d38-422f-9a9e-154d6aab07ea/eda50213-6f03-4447-aa33-a5b4e29add91/*~hmac=91d64fc876adb716de886b217cf75856286c15eeca609d1297b6acaf1a4d57a9
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: b3a8db814c4be401fd18eb319d45ff278e7afebc45fcf911ad4663c0d63391db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Amz-Cf-Pop: ORD56-P8
X-Powered-By: BC
Backend-IP: 3.162.159.218
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 105664
Fastly-Restarts: 1
X-Served-By: cache-chi-klot8100049-CHI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811158.496339,VS0,VE250
X-Powered-From: gantry
ETag: "52950f705279180bc7678b0286653050"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31426816
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: WjCBWc5DUU6RIrz3bXo0pbit0xQ8VG8-03kjGDj5Yqy2MCZ2SwG-_g==
Expires: Mon, 20 Jan 2025 04:24:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2CEC 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8pw2hQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
33ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84973405a8c63641-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 10:44:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETtC1TtpwvH4uY7KmV8jlRebX2dWf5SXJ3xtlcTgTVOj2wa3w42ZTpU5gqvVB7w%2FbSH9pW3gy%2F6AhQZS1P%2BDkuSagSDsOGcjEGhnySKFOHwgzeBp8dAFjogAKndwdrC8F9B8u8k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7b5s

POST
H3 200 rs Show response
ad4m.at/ Frame DA3B 2 KB
2 KB 36ms
35ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fdab4185fc60a5ab82cb4789cdde99749b279af459e4851f50a0a48537223a7

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb9DHZxn0hb%2Fert6clky%2BX8Jpd8zt6inBGkU07D%2FEr376dIQ0A%2BW9I9xlSmVB6QtsnenQBwKi7%2FVG9M%2BgaAGdW9cBynvGnbmXnWMuOhLFsjrwO4kLaQ0br9ir%2B7YkFEVj%2BdKvN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 84973405d9193641-FRA
x-backend-server: aa-reachservice-group-europe-west1-7b5s
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
33ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84973405a8c53641-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 10:44:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkXy5XY2g1N7pQFU2vvAyqpfp55vtbocAGY%2BD5DkgjrHQmJ7ldj7gjfsep12hMZTB8y0Lp6tSvbOReHhUKuu0ZqUgOi9TrfO6V3dFczxcyHDb2YJoav86bRyKp%2BUDMEFWnoPcH0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-zmm7

POST
H3 200 rs Show response
ad4m.at/ Frame 7F14 2 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f92c1a2989bd6094ccd72a2c40f1468440bef1a56abf8152e9e9bc901f7c97

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uifZl%2FnZjjzGTjfpTY85uEbQ%2FV1O4ctKCxgG23yzuFBsYW6P1WT4AYGfSGb6fkeNmQD0aVc54ggYjPAz4227rXxUbMCH%2Fr24R54PDXEWdJ6RMjUoCzmvr48PWfH4CoZ42Mk6Cv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 84973405d91e3641-FRA
x-backend-server: aa-reachservice-group-europe-west1-zmm7
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
31ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84973405a8c13641-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 10:44:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B6L4q1vJEvUIRyZks9yzPfVVMzyBHTl%2FnQb3EqOIaPCRLq%2Bme9b%2B%2Fifemag3b4QM8b8YUmRoOkTvVA8oMWwgC2bOJ%2FZ9PqtdmTxw3X6l4ME7Yc1Li%2BkFefwgPs92F17Xaf5Jj0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7b5s

POST
H3 200 rs Show response
ad4m.at/ Frame A973 2 KB
2 KB 36ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35df2b295e371a9fc88394d49996e312ee65ad82cb23e5f7017b98e6487d442

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPsmKGECdySu8xvCvRaXcw7HUGzz4g179%2BV5a%2FpmBQeVYjIhRNM9m1KlwiJ30R6Z5ItX7OV1tYmkMucKCd6LEt98SVkJI901a4OiC6Vt0rC3%2B58UJ9kqSvn3%2FGbYb91ifta923I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 84973405d9153641-FRA
x-backend-server: aa-reachservice-group-europe-west1-zmm7
alt-svc: h3=":443"; ma=86400

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C438 3 KB
2 KB 45ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=0c11b454dd0e906fb5ad5af74e79ef07%2F11166614406115260581&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282542&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCW_KxGEeuZfTwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9BH02udZLc9RdL7-6qZVlFwb5qNuf2G1PWEBemEGppTxbqdLThuHT2_HIKXB1gij0qy4rnvWO3ZVNrH3rzBPQRsgC0lxrqQVKhfgvwUQovLaZtFJ9OCrceqh41NpFVlPPaHZnfFdqW3pRZwdixlJ6zeYZfMRonDUyNCqV9dX8dJRz0n9IFDVh9TU6uLYz0gBeQ-mPCdhia-1tc0sedfyAjmrQVWu_eMSOOTDJKypXD4-weQsLD_DifRXOIVxmLDnBVpDcUscgRhMTfOahlAZOFQIXpiQ3v1Su2hw1WFVC7tCaEKEPvSRl7Uh1JYv6UW-4b7ivf0QMMRA7TBqK2O7UkGfSdOR1kxopUw3uWoUPxiJXb_3uPABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi7ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_2pejBwPMTDVs6HE7ohoqkxQiWHxw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-C0wP0CisB3jyMptCKHtqNvDTe6sy8XEeq_9Dr9dFmNoFAvM75FyZ49SUIKgYtAyHY3zYnngq7FHfzeV0qIX2WinsJfqkF8H45vlmw-PyUHQ92kBYDzMiC0jWikfXKgqM35ugzXIteUKFb4AwiCLeCx5p4Ho0o3j0jdHoZsys_vg1g4EWk%2526cry%253D1%2526dbm_d%253DAKAmf-DBhovvvoziDOHjQrC2VegwZA6gYJQo6sI-sxCnQXhYpBkPISdKzL67ifue04LZQgIjT0w3feYCfAcAa2WAbc2opqW9-um4rZ4ZwUsbuu__ElggfSGrlyM_xULiqSqzr67gkQCgriRwz4IoaV-xRr03dHxX-OSJq1_OfH1Msvgb1zRcFuViw1D4CJatYgORnZWXiOC5qdwGiBYURBjlnEeqAStO9YQd3snT2iKwQoHtx7NGVfzVwWx9VFaa6Gk6DwI9wmo5aWkGecjqkwlgI7FLxzVxcVi-i1AmlJTTeSW7mtiusqMNwyWoaMQI_02iETR3_HLkNOcIYwL2bF0zFqutxNWCEQeJhQvsfnk1ozBeq2v6LdNRHvGjaXCWM3AEaNKO8qdiXarprNvXL-C0h3EOkDNfrnyCzsfNi8aNOqIG-YmWM4aD0VGruu5UmMlwonaLmCK-5dQkTLS44cPdbHdP8Buzxw3sB4vmWDjYBveubGBbmQ78ih0L7_htobxGFBjRLEKl0VNjXp8zrvhOfks4diz9bvIaVbWHYxIXDiCPwXpPSKoZ0Vsp2XxtlKmGDvsd71FH%2526adurl%253D&y=1&s=&z=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fd6e164d4f71ec57f27b4b279564746fb9a779988d2cc4b05df0bcf456cdef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849734064e9d9a15-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame DE3F 3 KB
3 KB 37ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=490606&b=RxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6q&f=QxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgG&c=300&d=600&e=&g=73df1c6d8e19a92533bb34f8e3fb0d6d%2F14284877538674441755&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282558&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC2c-xGEeuZfPwILf09u8P66qi2Au_yZq1b5qYmuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJACT9CE8KCRgd0_B0IBcu8JMiHkh7oFuSCVSSlixm5wZZCKWzWj8oO_rQenezz0Im9WDhBk8w1o4_xJEY1nYZHDbruYuIUsKBbaa5UJagxu2hZ65uwwGgO8LzqkbWwYKADr-XdXWfeKT8YugOKqu6aXBGS2XH2mC7mATUThMLFlPJtsgpSW3o0d7tchPsts0J4umxwQmGNVK2KTY2tsCZF0nrcGCFjecj-p7f1Y01Yi2CWb3BChqXKUpE_Klb9MJQo97Lg62kl0kTHE0tTiKU7_AJljRnza1fwHo62ICiScWjD96K0nn_VBxrAxEyuDjBvXSUqV31QUq9h822voxwJP0M5VwYfT7PnF2n8DvsgfGGTABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi6ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_0DsZy4fkZ_oxnvXAYZgU83pKknIQ%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-AfKLXJkt97ElfIM2LLfOAw6UwY2V_GfVg6r_Vc_0eC70IXuhSu1AH6jod0ZhxonYF06ZIzMsp_BI55jEQ_8CjUcleeC6bKmzu2NdotQOA2Fzy9pEdik6UjzY0Ny9ranIAeQqJfG53KhYCKhUETUOUlfSFcggw4wM8huumFvitDNAFXcEI%2526cry%253D1%2526dbm_d%253DAKAmf-ByS26LkW3bvSFCsxzur-OTnQRG_smsdcT7LaaYIqsnwyCHExoNQNanBr2EZKgNp2g5hXgzcLFyH-YP5sthYOQDIBI9Q6l39dAhZgxK0wKCuCkZiilm0CFg6r4eOE2t2RgiBr5LIsi2I9Dx480ENGGJs4GvSi1GB6dh2zwGY3RGhxiQIYzDjlJQmod3ZyBfqXaF5Hye8TCqtIC9dkiRtluDyUZ__1VT-cpQThtidAKYfJ6XXTDEzNHpf5QKsdgGgmUeA9ajBSc7KTxlroVc4Y18feNOTJ5XfvY_V6cUfe8kQL_V_lMQQVNXJ0wWGEyix1ECrEqZtTI-gdSjx4rZonLrTxtVWN-zRhuMFdJUGWQnFYpQxa_tJOHWBj-YqWNFGy9A9_2qLpMa1XkmlhHLTZeClT67Kxgf6but4UrDQKEMSv5UshaKPBZs-AwsTwSjrJOAHsPNoNZ9gb_TYMvnKc4RDQy3Vc5rgmm2oqiItSj-OXb4JZrMVGsVNeOVIsQKVWY_U06kWmUIQGJH8nTKCaejOHrhAmxTbFA_NJ1740lsJhcGJTdjQ-T2kGt1WlcViBqtDDV-%2526adurl%253D&y=1&s=&z=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1573d8df10cd4440d5d782afc380eaea4f4c369d23d945a603116b403ac65a68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849734064e9b9a15-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame AE1E 3 KB
2 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb98948b3850846c4c9c6d887124a7ee7f1357d9cbba566eb79b8f66407c8b1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849734064eaa9a15-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:42 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DE3F 115 KB
14 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490606&b=RxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6q&f=QxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgG&c=300&d=600&e=&g=73df1c6d8e19a92533bb34f8e3fb0d6d%2F14284877538674441755&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282558&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC2c-xGEeuZfPwILf09u8P66qi2Au_yZq1b5qYmuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJACT9CE8KCRgd0_B0IBcu8JMiHkh7oFuSCVSSlixm5wZZCKWzWj8oO_rQenezz0Im9WDhBk8w1o4_xJEY1nYZHDbruYuIUsKBbaa5UJagxu2hZ65uwwGgO8LzqkbWwYKADr-XdXWfeKT8YugOKqu6aXBGS2XH2mC7mATUThMLFlPJtsgpSW3o0d7tchPsts0J4umxwQmGNVK2KTY2tsCZF0nrcGCFjecj-p7f1Y01Yi2CWb3BChqXKUpE_Klb9MJQo97Lg62kl0kTHE0tTiKU7_AJljRnza1fwHo62ICiScWjD96K0nn_VBxrAxEyuDjBvXSUqV31QUq9h822voxwJP0M5VwYfT7PnF2n8DvsgfGGTABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi6ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_0DsZy4fkZ_oxnvXAYZgU83pKknIQ%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-AfKLXJkt97ElfIM2LLfOAw6UwY2V_GfVg6r_Vc_0eC70IXuhSu1AH6jod0ZhxonYF06ZIzMsp_BI55jEQ_8CjUcleeC6bKmzu2NdotQOA2Fzy9pEdik6UjzY0Ny9ranIAeQqJfG53KhYCKhUETUOUlfSFcggw4wM8huumFvitDNAFXcEI%2526cry%253D1%2526dbm_d%253DAKAmf-ByS26LkW3bvSFCsxzur-OTnQRG_smsdcT7LaaYIqsnwyCHExoNQNanBr2EZKgNp2g5hXgzcLFyH-YP5sthYOQDIBI9Q6l39dAhZgxK0wKCuCkZiilm0CFg6r4eOE2t2RgiBr5LIsi2I9Dx480ENGGJs4GvSi1GB6dh2zwGY3RGhxiQIYzDjlJQmod3ZyBfqXaF5Hye8TCqtIC9dkiRtluDyUZ__1VT-cpQThtidAKYfJ6XXTDEzNHpf5QKsdgGgmUeA9ajBSc7KTxlroVc4Y18feNOTJ5XfvY_V6cUfe8kQL_V_lMQQVNXJ0wWGEyix1ECrEqZtTI-gdSjx4rZonLrTxtVWN-zRhuMFdJUGWQnFYpQxa_tJOHWBj-YqWNFGy9A9_2qLpMa1XkmlhHLTZeClT67Kxgf6but4UrDQKEMSv5UshaKPBZs-AwsTwSjrJOAHsPNoNZ9gb_TYMvnKc4RDQy3Vc5rgmm2oqiItSj-OXb4JZrMVGsVNeOVIsQKVWY_U06kWmUIQGJH8nTKCaejOHrhAmxTbFA_NJ1740lsJhcGJTdjQ-T2kGt1WlcViBqtDDV-%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=490606&b=RxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6q&f=QxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgG&c=300&d=600&e=&g=73df1c6d8e19a92533bb34f8e3fb0d6d%2F14284877538674441755&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282558&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC2c-xGEeuZfPwILf09u8P66qi2Au_yZq1b5qYmuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJACT9CE8KCRgd0_B0IBcu8JMiHkh7oFuSCVSSlixm5wZZCKWzWj8oO_rQenezz0Im9WDhBk8w1o4_xJEY1nYZHDbruYuIUsKBbaa5UJagxu2hZ65uwwGgO8LzqkbWwYKADr-XdXWfeKT8YugOKqu6aXBGS2XH2mC7mATUThMLFlPJtsgpSW3o0d7tchPsts0J4umxwQmGNVK2KTY2tsCZF0nrcGCFjecj-p7f1Y01Yi2CWb3BChqXKUpE_Klb9MJQo97Lg62kl0kTHE0tTiKU7_AJljRnza1fwHo62ICiScWjD96K0nn_VBxrAxEyuDjBvXSUqV31QUq9h822voxwJP0M5VwYfT7PnF2n8DvsgfGGTABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi6ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_0DsZy4fkZ_oxnvXAYZgU83pKknIQ%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-AfKLXJkt97ElfIM2LLfOAw6UwY2V_GfVg6r_Vc_0eC70IXuhSu1AH6jod0ZhxonYF06ZIzMsp_BI55jEQ_8CjUcleeC6bKmzu2NdotQOA2Fzy9pEdik6UjzY0Ny9ranIAeQqJfG53KhYCKhUETUOUlfSFcggw4wM8huumFvitDNAFXcEI%2526cry%253D1%2526dbm_d%253DAKAmf-ByS26LkW3bvSFCsxzur-OTnQRG_smsdcT7LaaYIqsnwyCHExoNQNanBr2EZKgNp2g5hXgzcLFyH-YP5sthYOQDIBI9Q6l39dAhZgxK0wKCuCkZiilm0CFg6r4eOE2t2RgiBr5LIsi2I9Dx480ENGGJs4GvSi1GB6dh2zwGY3RGhxiQIYzDjlJQmod3ZyBfqXaF5Hye8TCqtIC9dkiRtluDyUZ__1VT-cpQThtidAKYfJ6XXTDEzNHpf5QKsdgGgmUeA9ajBSc7KTxlroVc4Y18feNOTJ5XfvY_V6cUfe8kQL_V_lMQQVNXJ0wWGEyix1ECrEqZtTI-gdSjx4rZonLrTxtVWN-zRhuMFdJUGWQnFYpQxa_tJOHWBj-YqWNFGy9A9_2qLpMa1XkmlhHLTZeClT67Kxgf6but4UrDQKEMSv5UshaKPBZs-AwsTwSjrJOAHsPNoNZ9gb_TYMvnKc4RDQy3Vc5rgmm2oqiItSj-OXb4JZrMVGsVNeOVIsQKVWY_U06kWmUIQGJH8nTKCaejOHrhAmxTbFA_NJ1740lsJhcGJTdjQ-T2kGt1WlcViBqtDDV-%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2006482
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxyzcRjnfv1MrJv5m%2FY%2FFSFfn3axLzYHFNvOBwupJGH6AzZ9CPPFVZnitw%2BvRvxM%2BZspqejGzAydaFTWZ5VOkDC%2FIuHYXeO1pbujZvYwQwpp7xk0xniWTaVA82OV%2BN4nATI%2FepgSwXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 849734068cf94d94-FRA
expires: Tue, 23 Jan 2024 10:44:42 GMT

GET
H/1.1 200
OK oneidQxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgGoneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0
ndirect.ppro.de/image/e1K2/ Frame DE3F 26 KB
27 KB 74ms
19ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1K2/oneidQxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgGoneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490606&b=RxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6q&f=QxZt4fjfB7xVtxH8tbu9Cp33c6S4T6eFEKgG&c=300&d=600&e=&g=73df1c6d8e19a92533bb34f8e3fb0d6d%2F14284877538674441755&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282558&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC2c-xGEeuZfPwILf09u8P66qi2Au_yZq1b5qYmuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJACT9CE8KCRgd0_B0IBcu8JMiHkh7oFuSCVSSlixm5wZZCKWzWj8oO_rQenezz0Im9WDhBk8w1o4_xJEY1nYZHDbruYuIUsKBbaa5UJagxu2hZ65uwwGgO8LzqkbWwYKADr-XdXWfeKT8YugOKqu6aXBGS2XH2mC7mATUThMLFlPJtsgpSW3o0d7tchPsts0J4umxwQmGNVK2KTY2tsCZF0nrcGCFjecj-p7f1Y01Yi2CWb3BChqXKUpE_Klb9MJQo97Lg62kl0kTHE0tTiKU7_AJljRnza1fwHo62ICiScWjD96K0nn_VBxrAxEyuDjBvXSUqV31QUq9h822voxwJP0M5VwYfT7PnF2n8DvsgfGGTABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi6ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_0DsZy4fkZ_oxnvXAYZgU83pKknIQ%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-AfKLXJkt97ElfIM2LLfOAw6UwY2V_GfVg6r_Vc_0eC70IXuhSu1AH6jod0ZhxonYF06ZIzMsp_BI55jEQ_8CjUcleeC6bKmzu2NdotQOA2Fzy9pEdik6UjzY0Ny9ranIAeQqJfG53KhYCKhUETUOUlfSFcggw4wM8huumFvitDNAFXcEI%2526cry%253D1%2526dbm_d%253DAKAmf-ByS26LkW3bvSFCsxzur-OTnQRG_smsdcT7LaaYIqsnwyCHExoNQNanBr2EZKgNp2g5hXgzcLFyH-YP5sthYOQDIBI9Q6l39dAhZgxK0wKCuCkZiilm0CFg6r4eOE2t2RgiBr5LIsi2I9Dx480ENGGJs4GvSi1GB6dh2zwGY3RGhxiQIYzDjlJQmod3ZyBfqXaF5Hye8TCqtIC9dkiRtluDyUZ__1VT-cpQThtidAKYfJ6XXTDEzNHpf5QKsdgGgmUeA9ajBSc7KTxlroVc4Y18feNOTJ5XfvY_V6cUfe8kQL_V_lMQQVNXJ0wWGEyix1ECrEqZtTI-gdSjx4rZonLrTxtVWN-zRhuMFdJUGWQnFYpQxa_tJOHWBj-YqWNFGy9A9_2qLpMa1XkmlhHLTZeClT67Kxgf6but4UrDQKEMSv5UshaKPBZs-AwsTwSjrJOAHsPNoNZ9gb_TYMvnKc4RDQy3Vc5rgmm2oqiItSj-OXb4JZrMVGsVNeOVIsQKVWY_U06kWmUIQGJH8nTKCaejOHrhAmxTbFA_NJ1740lsJhcGJTdjQ-T2kGt1WlcViBqtDDV-%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

fad7bd7eb6b6c1f80542792c33345d9150bda10753c58ee942e113a222dbe403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 26478
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame DE3F 1 KB
2 KB 72ms
17ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1K2&isimg=1&subId=oneidRxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6qoneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

a5de9120ae224e4c0c10a9965e846aa4d925f76e9b70381a8ab34f0f1710d9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK e1K2
ndirect.ppro.de/image/ Frame DE3F 26 KB
26 KB 80ms
19ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1K2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

fad7bd7eb6b6c1f80542792c33345d9150bda10753c58ee942e113a222dbe403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 26478
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame DE3F 998 B
2 KB 77ms
17ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1K2&isimg=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

106ba8dbd80fdec7e329a7073bd855f0b1cd91a78cff8f184bb635ddb99ef1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C438 115 KB
14 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=0c11b454dd0e906fb5ad5af74e79ef07%2F11166614406115260581&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282542&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCW_KxGEeuZfTwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9BH02udZLc9RdL7-6qZVlFwb5qNuf2G1PWEBemEGppTxbqdLThuHT2_HIKXB1gij0qy4rnvWO3ZVNrH3rzBPQRsgC0lxrqQVKhfgvwUQovLaZtFJ9OCrceqh41NpFVlPPaHZnfFdqW3pRZwdixlJ6zeYZfMRonDUyNCqV9dX8dJRz0n9IFDVh9TU6uLYz0gBeQ-mPCdhia-1tc0sedfyAjmrQVWu_eMSOOTDJKypXD4-weQsLD_DifRXOIVxmLDnBVpDcUscgRhMTfOahlAZOFQIXpiQ3v1Su2hw1WFVC7tCaEKEPvSRl7Uh1JYv6UW-4b7ivf0QMMRA7TBqK2O7UkGfSdOR1kxopUw3uWoUPxiJXb_3uPABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi7ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_2pejBwPMTDVs6HE7ohoqkxQiWHxw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-C0wP0CisB3jyMptCKHtqNvDTe6sy8XEeq_9Dr9dFmNoFAvM75FyZ49SUIKgYtAyHY3zYnngq7FHfzeV0qIX2WinsJfqkF8H45vlmw-PyUHQ92kBYDzMiC0jWikfXKgqM35ugzXIteUKFb4AwiCLeCx5p4Ho0o3j0jdHoZsys_vg1g4EWk%2526cry%253D1%2526dbm_d%253DAKAmf-DBhovvvoziDOHjQrC2VegwZA6gYJQo6sI-sxCnQXhYpBkPISdKzL67ifue04LZQgIjT0w3feYCfAcAa2WAbc2opqW9-um4rZ4ZwUsbuu__ElggfSGrlyM_xULiqSqzr67gkQCgriRwz4IoaV-xRr03dHxX-OSJq1_OfH1Msvgb1zRcFuViw1D4CJatYgORnZWXiOC5qdwGiBYURBjlnEeqAStO9YQd3snT2iKwQoHtx7NGVfzVwWx9VFaa6Gk6DwI9wmo5aWkGecjqkwlgI7FLxzVxcVi-i1AmlJTTeSW7mtiusqMNwyWoaMQI_02iETR3_HLkNOcIYwL2bF0zFqutxNWCEQeJhQvsfnk1ozBeq2v6LdNRHvGjaXCWM3AEaNKO8qdiXarprNvXL-C0h3EOkDNfrnyCzsfNi8aNOqIG-YmWM4aD0VGruu5UmMlwonaLmCK-5dQkTLS44cPdbHdP8Buzxw3sB4vmWDjYBveubGBbmQ78ih0L7_htobxGFBjRLEKl0VNjXp8zrvhOfks4diz9bvIaVbWHYxIXDiCPwXpPSKoZ0Vsp2XxtlKmGDvsd71FH%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=0c11b454dd0e906fb5ad5af74e79ef07%2F11166614406115260581&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282542&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCW_KxGEeuZfTwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9BH02udZLc9RdL7-6qZVlFwb5qNuf2G1PWEBemEGppTxbqdLThuHT2_HIKXB1gij0qy4rnvWO3ZVNrH3rzBPQRsgC0lxrqQVKhfgvwUQovLaZtFJ9OCrceqh41NpFVlPPaHZnfFdqW3pRZwdixlJ6zeYZfMRonDUyNCqV9dX8dJRz0n9IFDVh9TU6uLYz0gBeQ-mPCdhia-1tc0sedfyAjmrQVWu_eMSOOTDJKypXD4-weQsLD_DifRXOIVxmLDnBVpDcUscgRhMTfOahlAZOFQIXpiQ3v1Su2hw1WFVC7tCaEKEPvSRl7Uh1JYv6UW-4b7ivf0QMMRA7TBqK2O7UkGfSdOR1kxopUw3uWoUPxiJXb_3uPABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi7ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_2pejBwPMTDVs6HE7ohoqkxQiWHxw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-C0wP0CisB3jyMptCKHtqNvDTe6sy8XEeq_9Dr9dFmNoFAvM75FyZ49SUIKgYtAyHY3zYnngq7FHfzeV0qIX2WinsJfqkF8H45vlmw-PyUHQ92kBYDzMiC0jWikfXKgqM35ugzXIteUKFb4AwiCLeCx5p4Ho0o3j0jdHoZsys_vg1g4EWk%2526cry%253D1%2526dbm_d%253DAKAmf-DBhovvvoziDOHjQrC2VegwZA6gYJQo6sI-sxCnQXhYpBkPISdKzL67ifue04LZQgIjT0w3feYCfAcAa2WAbc2opqW9-um4rZ4ZwUsbuu__ElggfSGrlyM_xULiqSqzr67gkQCgriRwz4IoaV-xRr03dHxX-OSJq1_OfH1Msvgb1zRcFuViw1D4CJatYgORnZWXiOC5qdwGiBYURBjlnEeqAStO9YQd3snT2iKwQoHtx7NGVfzVwWx9VFaa6Gk6DwI9wmo5aWkGecjqkwlgI7FLxzVxcVi-i1AmlJTTeSW7mtiusqMNwyWoaMQI_02iETR3_HLkNOcIYwL2bF0zFqutxNWCEQeJhQvsfnk1ozBeq2v6LdNRHvGjaXCWM3AEaNKO8qdiXarprNvXL-C0h3EOkDNfrnyCzsfNi8aNOqIG-YmWM4aD0VGruu5UmMlwonaLmCK-5dQkTLS44cPdbHdP8Buzxw3sB4vmWDjYBveubGBbmQ78ih0L7_htobxGFBjRLEKl0VNjXp8zrvhOfks4diz9bvIaVbWHYxIXDiCPwXpPSKoZ0Vsp2XxtlKmGDvsd71FH%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2006482
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zjrbg%2FHo81vIsTLylHzNxZiZTxMqwpW6Yh8sjrWbIN6SltVao9icLgmAQsCTQv2n34sxJK%2FnttneTEDLnIztMEImZZ7rERj3MC%2F%2BqkHjimxv5%2FYYyvxXzSQdt4osAGe0MPJQNtA8ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 849734068cfe4d94-FRA
expires: Tue, 23 Jan 2024 10:44:42 GMT

GET
H/1.1 200
OK oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0
ndirect.ppro.de/image/e1JZ/ Frame C438 15 KB
16 KB 73ms
21ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1JZ/oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=0c11b454dd0e906fb5ad5af74e79ef07%2F11166614406115260581&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282542&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCW_KxGEeuZfTwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9BH02udZLc9RdL7-6qZVlFwb5qNuf2G1PWEBemEGppTxbqdLThuHT2_HIKXB1gij0qy4rnvWO3ZVNrH3rzBPQRsgC0lxrqQVKhfgvwUQovLaZtFJ9OCrceqh41NpFVlPPaHZnfFdqW3pRZwdixlJ6zeYZfMRonDUyNCqV9dX8dJRz0n9IFDVh9TU6uLYz0gBeQ-mPCdhia-1tc0sedfyAjmrQVWu_eMSOOTDJKypXD4-weQsLD_DifRXOIVxmLDnBVpDcUscgRhMTfOahlAZOFQIXpiQ3v1Su2hw1WFVC7tCaEKEPvSRl7Uh1JYv6UW-4b7ivf0QMMRA7TBqK2O7UkGfSdOR1kxopUw3uWoUPxiJXb_3uPABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi7ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_2pejBwPMTDVs6HE7ohoqkxQiWHxw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-C0wP0CisB3jyMptCKHtqNvDTe6sy8XEeq_9Dr9dFmNoFAvM75FyZ49SUIKgYtAyHY3zYnngq7FHfzeV0qIX2WinsJfqkF8H45vlmw-PyUHQ92kBYDzMiC0jWikfXKgqM35ugzXIteUKFb4AwiCLeCx5p4Ho0o3j0jdHoZsys_vg1g4EWk%2526cry%253D1%2526dbm_d%253DAKAmf-DBhovvvoziDOHjQrC2VegwZA6gYJQo6sI-sxCnQXhYpBkPISdKzL67ifue04LZQgIjT0w3feYCfAcAa2WAbc2opqW9-um4rZ4ZwUsbuu__ElggfSGrlyM_xULiqSqzr67gkQCgriRwz4IoaV-xRr03dHxX-OSJq1_OfH1Msvgb1zRcFuViw1D4CJatYgORnZWXiOC5qdwGiBYURBjlnEeqAStO9YQd3snT2iKwQoHtx7NGVfzVwWx9VFaa6Gk6DwI9wmo5aWkGecjqkwlgI7FLxzVxcVi-i1AmlJTTeSW7mtiusqMNwyWoaMQI_02iETR3_HLkNOcIYwL2bF0zFqutxNWCEQeJhQvsfnk1ozBeq2v6LdNRHvGjaXCWM3AEaNKO8qdiXarprNvXL-C0h3EOkDNfrnyCzsfNi8aNOqIG-YmWM4aD0VGruu5UmMlwonaLmCK-5dQkTLS44cPdbHdP8Buzxw3sB4vmWDjYBveubGBbmQ78ih0L7_htobxGFBjRLEKl0VNjXp8zrvhOfks4diz9bvIaVbWHYxIXDiCPwXpPSKoZ0Vsp2XxtlKmGDvsd71FH%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 15847
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame C438 1 KB
2 KB 70ms
17ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

a81d08cddd8d107e0cf6d67556558c6628064ab86ba8313cc8ed3ce76b4730db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AE1E 115 KB
14 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2006482
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPLhTSLI7hG0pJpMpIOWIO6%2FJIjacG%2Fq80VarJ8abWY6Ksxjv4AEXTcWhy6jrHfMqL4f2Ia5RVsCaFUWWjWHvdkIfXoSfOLBQQedqg7%2BtIT5Q2qZ348vILz8S4IlXSHegR6L7CJLHlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 849734069d004d94-FRA
expires: Tue, 23 Jan 2024 10:44:42 GMT

GET
H/1.1 200
OK oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0
ndirect.ppro.de/image/e1JZ/ Frame AE1E 15 KB
16 KB 85ms
23ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1JZ/oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 15847
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame AE1E 1 KB
2 KB 88ms
22ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=74ee62f4d594dd9a0243ef684759d85f%2F4323322236111954204&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705920282546&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3kcyGEeuZfbwILf09u8P66qi2Au_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBJYCT9CLvUuTg2eYtSN8sXg8duqdljnnbUmmM16QzfWc1Ha6PN6eb0qLmBN2Jmilxrv8e0cG3p3iR8KHuCupLF14WhSNP0HNaKpjjTPAey6ULhh2-btykjQG-vsS9sCOmuiiGKQTHeud94hKiRLd1oHOnF5fdrdY69GCuaCCq06v7isXx3kf-XjNv0nM8Fm0IT_qzZFw1WxD_ho3NDdJPtvgyj5cCn7QAlmQyZDnMfa-9RZoM6dKedPfGEjNEmQuUxsDO54_NHAXoncEB0AH98m1dR8m7BKLN8_vtwPA2iD5QfjQRSlY1lwguKXSB5NV1262cuonuz3Zws0NStESX5KnFbiJlh-nxtl4D_aZUo18VEDQ5WP1CWHABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYz-bWoujwgwOACgOYCwHICwGADAGqDQJEReINEwi9ptei6PCDAxU3uv0HHWuVCLuwE_vX9g_QEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB%2526sig%253DAOD64_14zq7_7mLOKEmVxXT2mIM1uobd4w%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DlO-V8ae5DOOzVNQhqQjXpNjlY1rw0bwiA0OA8vYyUjivwD5_jsKQGrjXLl51EB09XTRID3K4CL-sBP9j_e5q9n3R9IcDdGCwJbyzVMl37dYBhcLzlTFNKekkEiZRCZ0HR9y0Q85aVIJXYYnpS-tasTk427vBRmaigWjamvgsbnLe5--I%2526cry%253D1%2526dbm_d%253DAKAmf-B42cl54RHVg_ndBDqSV8l_KxGI4G1VVMdlMzQ0HjmqDAZQbif9qrtMM6cNYaLWMDKKHbwbiB2MBJ3w86ZfhkszXDupS0hbZhpvriAhZAj5qgZVDU4qVPKf6kimPSyY-9MkOI-PPksumhJjxvWilfftHKJ3GOtFr3TSoV340qu5-3BCXR_DZMOJ6YG5_K9vuNZ1-G5BCp0_0sIxYLL8lJ6qbE53H6XMPSKij258nbrXXmzBg-Mks6muc-HhBhk2nck4bCyL6BwP7BOoJw91REUIV6jZmSt6b7JMgqoX-U2sODvJqEEjEBR0CVa_VB4kC1juEAs1_H77pPrGZHWtCj7VHBG37fYNj6jZsNdtMQk6QWmxePJHLiu8Ne6GYsKmqvHblzS9yuX-C9ZWYCSSHNSVNCscwuUN8iGCW-RjPyMyWsBurSP5YNMj55WYSlBdJ9KwIsDDhb82VW2GlE77iAyWqSceG4FP29EiMkmdV0T3gJZWaN7nLNAtw_7U675vpRspWuH6h5VxNeGv10OvFUu1WZ-YNtACqNFTWA0YnoqdVx8V5VarajiYw5oVSqhNSaB51Wom%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

dc6e9d480983c7daa49524adc6f322039ef454b5731666ebc829fbbc8a95c11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:44:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAB7 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwVEwGUeuZZr5LbmFjuwP4oeA6AUAAAAAOAHgBAI&bg=!8fKl8r3NAAa8BdJLnAU7ADQBe5WfOKHG1j1XhfLlZ6E-915OIZQIdgFg4CjdJYshJzcXONpq6qES1-6xggGDOeccrvhOAgAAAXZSAAAAA2gBB5kC_GujWuSypO4Ef5ZooOudGF0kDmUBF3Shx8Hjj2EOiMBsNByFSwwnxeaJCZLeL96_u0scoeIkty-1CFtFG7brebWO62X6NFZWoZ-wDKcU1RtYY3rgJubD_NPzjsvGYGX3MnZg6I8Fl6Gd8lO3a_eaTMX3IZvNiMftof2e5s-HDfSpUvdApbkZamZdeN5ojAG8N1lFaBO78JXgBOW-nq5aZZ3VVfr7neHfUd6zSHuLkXt9H3L5mnXFGegQWiHg3NoGvUv2sMwEe9J8wDw-3v-UjlmyQ9U1u_R1CvXlmMGx7V-90MMuXIotgzl_WyESgnP7zu6TP1VuIUQlYW4lHJrUwpq3mkCzciE3XRVTuVmJEgrCdQ8TWk2En7O9zaiwBHCMfpOgc4ujxxQ-96XwNuwFFbtTlVnuaPulqBLg3o_DkLOqu3RwSEcrTREeXDi1RivapXzqEeKywSRDOyW1OOzqE42ewFqOGFAyY6cWziw9rGTC0r8eovcH54HH-CJBSGdKX60T2EKU3cK1Q_xlNdSI3KJmZcr-3lgCI-G-qObVyjwOE_UMCDBhIvIJtLZpmUYyBm0G82nTg_2fqysGJamfF0nIhCpH-DcEAEOfsxDz40TEC-97B_g3R0wUzU79_kUUT0NgtUExkP7djBSnmbvMmBVIkDtSNQKnmX_4YtmX-XlNYCg5m59rh7t7wksi-c3tD9EcF3JJviKY4GTBT3AVTVnfmlDH2bwOaDsOiFYFB-pd4kenCU5otWRPuZOS5Ubhe4UFMZCkgwepzeLUiaR_iEq4BxpWb7JZ2mMJyWGlNi_auHuViXz2wJO1mgUZxW1xKRBPco9coAfY2EvkpHTlzYELPowZ38MwdBbr4hQQbpd0sgZGnRkj9giAG95QnqgeMuJjF1QzcRBYw2RBdVsP2ZymmODcErQBBQniJGz_gjdqnXVy_obQvJVGc9b6AnoEmsr0COn5UjyJsWGZfb94KQszw9DpfKEiDbYlzfYJmUjQZWVucnclls9rGqWK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C509 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUKomGUeuZe-GLJX01PIPrKycuA0AAAAAOAHgBAI&bg=!dnWldTrNAAZVxkGXdcY7ADQBe5WfOEJN-BCEftbIPRJNzwzvIbmus0k3onomLSFAxHZsDYYD0AP9FyRBU0k8U2eE3iGJAgAAAZ5SAAAAAmgBB5kDBdjuKTIywCtuv95OE3FNJ2Sd5QVZ2C_n0PH3DBVdg89OBJaqHEsl0xm5CCcUtyk-GyljKNMZpj28uncIyXRnumpc18qdQFeGCNpLVw7d9qMwoLYGt6_lTIVTF1LxGZmQOaWjvsvDSD6wUHPpIw9ifJIqzLBzUc-eNJf9txfBnEoEaZyKPZL_tUphFiuokqi7j-xW6wjS2LG9za4iKjsG6Kw5WoDHFI0njsdkTaEf8hgsxVd-q0eirVYtK1whVYEWJLsaBZbphbBvgoY98nCFroxVc8oB-rj6n5qiwoQqb0EC9q6LgIK_3amox32kQjCCLP90IdBv8s7RK4wd52WDZxCq9pK9yKPqFQslCtvlpGQvT8TDDwUCYtUEom1sFvSVdeagd06PMguLtd7vfE8aPmOZe0aiRywjDdYlqvxUKUhuch0CIgayS7MD1AgHuG97GwchJyTvdo1YwV9wqVQhpQ1McCUKQlrPUm9yvRHwTvjeXsE70ebPggFvsLyqcBQ2cTkf7NUp6usYnDNOVyBdqL8eg-kPx3jxzgAJF-5ouoMxKIjvUs1BDpG0w4ZGT-1ddM_tdXghXRjRkLwaciUxZtfJuSwjrXcAOSQ255fLJeuUIg6PBzSeFM1_e3jspG7dWcDRC4mX8JJiHX1VZGeUvru-jeT-6KJHu0J19mMq0NAZzkS94Y5dtE98cTVqEszhIzuRFvT12_52sgumjBkbykLfl4lzmeSAus_rYhn6IuR-UwFrxHWhiuYboFq_FHfYVby4Q0_j6sl53UqVWZBMbeY1-yp-5TMihj2PrxAlSaJaDaoKEjo14P2BUYDxcKUsN3MM8olH5DAB4mL-vscFX6-kiS5FSX70nEQ720yvaCeQyOxspZ7UaEIlXj6yRYKVAu5n0ToISFNiELN59o_jltUdgn8Dlm5Yj5YAgXVAPmMrFz447eIPr8bV0kV96_diEMeZ_EW7uAgCy0sN7e2fMShP_lE7YrSmwtfSa9bQS_mYeUbCIrjyiLPq4FUUS-ksMIL_tLkE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3999 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY1-OGUeuZdD3MNqE9u8P1s2M6AsAAAAAOAHgBAI&bg=!AAOlA0zNAAa8BdJLnAU7ADQBe5WfOJaWQmUd2B4So75PSfnfivgMVjS5ZcqSfpnX54GUx8yuyHNeGef-lXw4i4i1BcpZAgAAATZSAAAAAmgBBwoAR6wd4kEJdVYAD0qZOmFvYr8rzU9LT520EQYLRa4HCekPXDmRGPg53dTd0z0lvJsZ02TdVqcVCkHz-hAAjPLUqjFM8Qcg4-53mQMDOpA8v0QSG4vD2XTQ-P5IW4c9efRILyTL5jPV5xwCQ53Q_1Fs6zFIdomNb-sMnF3cFuzSaSzbHqCNuW_PgD3FHaR0wvIafvJ-NjKx9_uwgao6tO4gzIAmLSW-uy1WfUDAUoMAVVqVw-R-xGiqtUWuKF2j42dm0icZ99t7PO8zZcdZLlYEoelwMQZkDzmRK22v4mVMRyTqjfmoPFtLMCsQ9TCnjraHDc0Z3jFjv8n05u9gpCh_gbGKCli-KNTKtcARO7xLzo0n11JW_QKq-eqqh9ZCC-FqsIkg0s2ckIdS4IvnKGxfvS_cenEu8yhp9qHw87kyESPvSZNAtnUVtM2cZDDvQG3o09NERt4EIiKVHptTsPJKd8Nq-LIJ87zbrC2SYxtMIaP5DhW4V4j4EQ_3dbMhVZDYsgcMVio9BKBc8jVNe5BO33prmEBv1jIR2ybQj65FP2Xd2hDtx_fCsULNQ27e8fwnVtOaRfBWKi8Knf-ni8btZfWWHa2TtjKhusyeDelPabWvB8tOtiB0cq9_1j_8Vd3IZiG2HgX80l_D9ddJpORUQmlmrhYb0dhbmBnVCF76Htm6Bqgxj85z8m_XgL3sVDjJPIhzVQLiFDre0fROZU2KuNycaEL2ePRaYmB3YhKdNrY7s2wAFY2-v5hwoiFzSc6iaaXQK-uIFI35DM46RwfZi7GArcGC0i_JgMhxqfsTlmpI-cZ9j5XbtpS60Pk232ln9xLN268m005KXs8d75LAhiUfVKLPhNCD7IE4TQiOCKzgiDhB8GIrJ2J0dGfLBH7JioUjhZTnjXSQJmV8AsyNXTLCNPxqIhzVHQuQ8p8ursgU3_9OtAJzQFYcKAQ3xaAdg3kL_2ovsBQTno8LT2ZGmlMV2EaiMBLzNb_HiSBIweRSk-33g2edxPGCCtBNrWZN5E9MYpCU-vZnyOT_SbwkCATCkDGzMqaDPMsyVmZ5pIkZKzAhD4Ay_sO86ZpGbuBoucLJwtS-eBfHAzn60bienJtJPYbHalj21k_AJ86n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame ADC6 2 KB
2 KB XHR
text/xml

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 120fd2257e5479a0c306d535a7bcfccec53614e55123770abce688551d6c27c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/xml

POST
H2 200 p
bats.video.yahoo.com/ 0
0 165ms
165ms Ping
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.583264520689373&_sqno=6&ts=2583&auto=false&bckt=none&ccode=mdsfb&cdn=bcp&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=a0770000002lmbdAAA&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=c88a06af-107c-4eee-8d15-10169d1affee&pltype=ev-desktop&pstaid=75e32068-922f-366e-a1ac-812558168e2c&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.16&_rid=fs9nySqH&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ar=1.78&ver=&vid=75e32068-922f-366e-a1ac-812558168e2c&vidPos=&vlng=145&vs=cc77oxik&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=https%3A%2F%2Ftb.video.yahoo.com%2Fv1%2Fevp%2Fasset%3Fbcid%3D5afc769f7239855a15fcee15%26pid%3D5afc75ea3a04293dad9f1a1f%26secure%3Dtrue%26rssId%3D75e32068-922f-366e-a1ac-812558168e2c%26firstVideo%3Dtrue%26height%3D226%26width%3D401%26sid%3Dc88a06af-107c-4eee-8d15-10169d1affee%26pblob%3Dlu%253A0%253Bpt%253Ahome%253Bver%253Amegastrm%26show_name%3DFox%2BNews%26site%3Dfrontpage%26region%3DUS%26lang%3Den-US%26space_id%3D2023538075%26experience%3Dadvstrmvideo%26expn%3Dadvstrmvideo%26expb%3D900%252Cseamless%26licensor_id%3Da0770000002lmbdAAA%26isDockable%3Dfalse%26m.type%3DVOD%26device%3Ddesktop%26v%3D1%26f%3Djson%26s2s%3Dtrue%26content_len%3D145%26content_title%3DTrump%2Bresponds%2Bas%2Bprotester%2Binterrupts%2BNew%2BHampshire%2Brally%253A%2B%2526%252339%253BGet%2Bout%2Bof%2Bhere%2526%252339%253B%26content_id%3D6345282681112%26pver%3D1.2.16%26aver%3D5.1.1%26country%3DDE%26state%3DBaden-Wurttemberg%26ad.plseq%3D1%26ad.pl%3Dup%26ad.pt%3Dhome%26pos%3Dpreroll%26evp%3Dbcp%26fmt%3Dvmap%26ps%3Dcc77oxik%26r%3Dhttps%253A%252F%252Fyahoo.com%252F%26givn%3D%5BGOOGLE_INSTREAM_VIDEO_NONCE%5D%26pbckt%3DTreatment_Oath_Player%26npa%3D1%26ltd%3D0%26ppid%3D&client=&crid=&ad_evt=ima3-ads-manager-loaded&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.16/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame EFD8 38 KB
15 KB 15ms
14ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=30cWLsWP1&vid=Q2loUzEwMUVLM2JFZzZENHRaczhXbTZuT3ZQZlFDRHphUjlLNXpHYmYxYlp0WWp5dzZmaE9HUldtVGpzSXJpYnd1bVpITG1IY3g4bjAwcXBqaTR6VGVjNUlLMnhPbmlxOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1K2&isimg=1&subId=oneidRxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6qoneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

97f41e2f2f46abb252d6e95ae4cc126171037ece31730ba1458f28c55493d007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 10:44:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame DE3F 43 B
667 B 110ms
65ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41100000&subvpid=97683241&eventid=Q2loUzEwMUVLM2JFZzZENHRaczhXbTZuT3ZQZlFDRHphUjlLNXpHYmYxYlp0WWp5dzZmaE9HUldtVGpzSXJpYnd1bVpITG1IY3g4bjAwcXBqaTR6VGVjNUlLMnhPbmlxOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 84973407486f0497-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame F3E7 38 KB
15 KB 30ms
18ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=30cWLsXh2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

f11f3d26d18792701bcf5341abdf3cc69c88bcd6da7a9bd7baf0e502c28b3873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 10:44:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame C438 43 B
419 B 107ms
66ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41100000&subvpid=97683241&eventid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8497340748730497-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/0s/match/ Frame C585 0
17 KB 39ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/0s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/0s/match/image.jpeg*~hmac=7db5302def870dcf8f82e2521742eafed70a4cc44bb42829d917513637ed1d39
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17138
X-Served-By: cache-iad-kjyo7100135-IAD, cache-dfw-kdfw8210027-DFW
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.881219,VS0,VE207
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426733
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:23:35 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/10s/match/ Frame C585 0
17 KB 39ms
8ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/10s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/10s/match/image.jpeg*~hmac=fbbf1caab824831d1377470157df92427daecfbaabac298cff946be259954d00
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17199
X-Served-By: cache-iad-kcgs7200089-IAD, cache-sjc10054-SJC
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.006813,VS0,VE304
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426930
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:26:52 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/20s/match/ Frame C585 0
17 KB 41ms
10ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/20s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/20s/match/image.jpeg*~hmac=97c6ec11c81d72e42cc49a76adb2ae5229bb1cb63702471089a7d2c880230551
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.163.151.140
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17060
X-Served-By: cache-iad-kjyo7100052-IAD, cache-dfw-kdfw8210136-DFW
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.857639,VS0,VE340
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426846
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:28 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/30s/match/ Frame C585 0
17 KB 40ms
10ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/30s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/30s/match/image.jpeg*~hmac=260e4dacc2c190357f72fe57125f3e63338d6bed7c1bd12f54fde69c92534410
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17208
X-Served-By: cache-iad-kiad7000132-IAD, cache-bur-kbur8200096-BUR
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.793129,VS0,VE419
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426877
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:59 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/40s/match/ Frame C585 0
19 KB 41ms
11ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/40s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/40s/match/image.jpeg*~hmac=76bb912ca61333ffb38d6d7fcbe374b030a49411acb38b9ec7fe6bb39ec414d2
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 18428
X-Served-By: cache-iad-kjyo7100032-IAD, cache-bur-kbur8200114-BUR
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.814620,VS0,VE315
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426838
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:20 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/50s/match/ Frame C585 0
21 KB 39ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/50s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/50s/match/image.jpeg*~hmac=bf4ba704e528bab88a60f0f93ff6ebc551b395f88550116dd00a9f86b40e9354
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 21249
X-Served-By: cache-iad-kjyo7100120-IAD, cache-dfw-kdfw8210049-DFW
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.813810,VS0,VE703
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426849
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:31 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m0s/match/ Frame C585 0
19 KB 10ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m0s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m0s/match/image.jpeg*~hmac=c8d64808a3a02526e914d4fba493a4e0b6d740504612d127074356f636bdeaa6
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.163.151.140
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 18834
X-Served-By: cache-iad-kcgs7200164-IAD, cache-sjc10054-SJC
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.265653,VS0,VE284
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426796
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:24:38 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m10s/match/ Frame C585 0
18 KB 9ms
8ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m10s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m10s/match/image.jpeg*~hmac=d9e63c8ede76210b46774a21e99ae93a15695f5f2b659682f3d0d069f2e1d1f5
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17571
X-Served-By: cache-iad-kiad7000174-IAD, cache-bur-kbur8200101-BUR
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.260065,VS0,VE311
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426917
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:26:39 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m20s/match/ Frame C585 0
18 KB 10ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m20s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m20s/match/image.jpeg*~hmac=f504b7a882e51015157464cc6558e682c81aa4232417cf8b5e16b89d743f2cb7
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17509
X-Served-By: cache-iad-kjyo7100179-IAD, cache-bfi-kbfi7400093-BFI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.386970,VS0,VE279
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426831
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:13 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m30s/match/ Frame C585 0
18 KB 10ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m30s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m30s/match/image.jpeg*~hmac=57adbd874597855d77a154d7e888d1a59024f94ce9e4415205f8224df27eb594
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17656
X-Served-By: cache-iad-kcgs7200072-IAD, cache-dfw-kdfw8210043-DFW
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.390250,VS0,VE249
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426889
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:26:11 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m40s/match/ Frame C585 0
18 KB 10ms
10ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m40s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m40s/match/image.jpeg*~hmac=10ee55ceb03131b67705271a7af330485021787aae9d897b70f79c3c2eca88b7
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.157.78.193
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17739
X-Served-By: cache-iad-kiad7000069-IAD, cache-bfi-kbfi7400049-BFI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811166.483763,VS0,VE450
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426869
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:51 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m50s/match/ Frame C585 0
18 KB 9ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m50s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/1m50s/match/image.jpeg*~hmac=afc4c9d0e9dc6d5c764456b3e17ed350c728b547b9cc25caa55c0f97eeea6e22
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17834
X-Served-By: cache-iad-kjyo7100171-IAD, cache-bfi-kbfi7400106-BFI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811167.635899,VS0,VE296
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426792
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:24:34 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m0s/match/ Frame C585 0
18 KB 9ms
8ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m0s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m0s/match/image.jpeg*~hmac=1e5dd7b81970d2b11b116f71d1957e1f83746d644523c8af133a59268b3aca79
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17750
X-Served-By: cache-iad-kiad7000034-IAD, cache-pdk-kfty2130026-PDK
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811167.703448,VS0,VE354
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426911
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:26:33 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m10s/match/ Frame C585 0
18 KB 9ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m10s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m10s/match/image.jpeg*~hmac=e3b3a686d51811c8eb87dcf75bf8de84167ceba83bc68ff6ef462af76cb75b9d
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 0, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.163.151.140
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17529
X-Served-By: cache-iad-kcgs7200163-IAD, cache-pdk-kfty2130052-PDK
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811167.722562,VS0,VE361
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426924
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:26:46 GMT

GET
H/1.1 200
OK image.jpeg
bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m20s/match/ Frame C585 0
18 KB 10ms
9ms Other
image/jpeg 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m20s/match/image.jpeg?akamai_token=exp=1705932390~acl=/image/v1/jit/6415665815001/fbea3e2d-5b27-4cd1-af56-2e46c605f5f0/main/480x270/2m20s/match/image.jpeg*~hmac=c5e8aab321fd0cc10fd5034087fe96d03b4ea4e3c9cce5ae19131e96c050bd9a
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.16/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-Cache-Hits: 1, 0
Date: Mon, 22 Jan 2024 10:44:42 GMT
X-Powered-By: BC
Backend-IP: 54.147.116.229
BC-MID: true
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1315351
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 17911
X-Served-By: cache-iad-kjyo7100095-IAD, cache-bfi-kbfi7400067-BFI
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1705811167.766048,VS0,VE290
X-Powered-From: gantry
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31426860
Accept-Ranges: bytes
Expires: Mon, 20 Jan 2025 04:25:42 GMT

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame C19A 38 KB
15 KB 14ms
13ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=30cWLsYv1&vid=Q2loUzEwMUVLM1lmdzNncEdXSlFEQT092.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1K2&isimg=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

5ede398508ea7a14b531f06a6008161a409334992c14a445d6c2e7cca56d7a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 10:44:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame DE3F 43 B
539 B 70ms
53ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41100000&subvpid=97683241&eventid=Q2loUzEwMUVLM1lmdzNncEdXSlFEQT092.

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8497340748750497-FRA
x-xss-protection: 1; mode=block

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame AE1E 43 B
1 KB 47ms
41ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:44:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8497340748740497-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame D297 38 KB
15 KB 19ms
19ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

77565c59aefd057fa2240a1ac53ff90dc658b13be8dff4de164678e36a24e12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 10:44:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA3B 42 B
174 B 164ms
161ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUTeb6BohteDh6rXV2iyq2aAFIgh-R9V8YeiuPyLp18bGEew8XF4heimO7mX2QzHuxEcEyevHw_qAbWXULpJzeL3OuWwlq_eWXFE1VdTOvhGy1D9KlAfEzIxb-BKGtmjaqEPlwMBY2xTE&sai=AMfl-YRk6W4Xzw2y3UcnYXExNca32kNwVCTUbCYpoWv1PUg8A1wxElDZjOXPRACmFY2tvCu2OV99Y5_vvA7AIEJ3bdRLuVGCcQ8XrjEc7ExCzRHezlNQr4MDTuRCQFW664qLT1_o101ZD32tgCOvu7RB&sig=Cg0ArKJSzA25t8y29GqEEAE&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&id=lidar2&mcvt=1000&p=572,1132,1172,1432&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1481106528&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705920281020&rpt=936&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5C50 42 B
64 B 163ms
161ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu63CaZX3SamqLa9aWaSc8Fxt55lFUM_RXThotT40RX5IrhgRPnsv1P4QAvPMiQLg080hFztPN9nzXDQctvOZDzimD2E1c2crcVscDrVzXKNlhu0Zqivr1WMzH94Bec0U2kF0bX-KSOwK9sgksfRE9L3JNRMQ-6uP89lY0rcNVF5gz99zFx5YmxIQdWZ7mGkKqVddPtxJnTXJF_JsOCBqL5DH9sfTIWTqbH68_UOHvFu3h9u0o7NEgCaEapoHftTXFDGzTjbSDT0fIj3qFxmDE_pDvGqd3uROngkMLKjrnKJssvGNS2m_Ut0l1z23OjR-SYxrzqWKUCS6VzBQYG9H30ZRCHm2rDVQtG3jn7MvPBZq6vkjnThricOs6igSbPqGn4D_NEQFskGA8fOoOQeJO4um3G_s4I4G5kfSPxBadm9ltRX1htQY6xRewdVgQVTvoggUyUNyRHMpUr4ElAPNZ5GP0yYIVxdqWk0eazofAj68q98KdvTsDOia0iPacatNvppHzP35ndBm5DZcykSxnIItsUQQnWnk9cZImB9ruLlWuyxVI6A1zOeOvkuY8ikySuvbvbWsA0-gfKw8qGDF7koC1TAxPUE2-AUe6hExhvsWjjHX238X8z0F7RZ_FYUlBHjPSPB5qJF-xqFpes73BSC2qanOs9Fr6iJpf1RroPnYIqofuZ7CuqTh0PH5cKadAVokaIyEpFFJWZxpNDDj7W26yiPPzKE9GzQOtHDYQQ5y4GpaRv82iNn-AFfB0ZI7Loj2jbs60rUfh8abfbopOfXcZFdJAHRmMVoyVz4Yui7P24-TP8l67Kegd6ambVl-RK6cDRRdhVaNN6uVIaX5Cf_wE5FNh9L1YQdp_vEAqXgVGB4XvGkNrPKRl3DmtlGp74cYCpooF6NOV1MlsQ7OOdrgmZT4yc5SJIviEeEyvWP-wmpjwCckhY-Kooqq9bkw_m9iuDSYqAlg-NDx7t-W0xSJxborlyUGzj3HrLMvI7fxdW7Pjo-IeAEtRh1Iqm_uj5OzQk81gUcr-ZFuecHfrULEho6FgGZKBVn8lKuGPDBtKWgfEjnkI4bqSNW_-nnfyv1PoD6qpU03-uT4FzPNBvCJMdYj3AvHGHiE2YFjoPZSJBT59UIJAUESMQq0kNd4I6cTRz_xK9TTseOJHQBokFrG_ROThbi_JdUXN11MdYK1Hgd8Ui5mXg9-lmYWbuvsYQrLSPqVBC2IRJ408WEhJprzK8d9u8limxi5BXl0oToTvxsZ8jPRJpiLyRoTmNouQbJZrAndaxR8q6TbFeeXtB9YFeShA&sai=AMfl-YTKb1jpJGEU8la54MMV8np6XjIpo6n7C98elAzs6boUz0Y5nhlayYOfC2UjFlNheNMdrsa6OYFGSa49CUn7JyFeW8rHZ4sRfIAqlqowEkPVgLtKCd4m2H5M3Ny5dJVBFC1KaUEpb8mWlRPNxtaitl1S14XFYpD-iiiDtQ&sig=Cg0ArKJSzM6XFtC8dKOyEAE&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&id=ampim&o=0,251&d=970,250&ss=1600,1200&bs=970,250&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=939&tls=1939&g=100&h=100&tt=1939&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=799466616960666&bg=!vL-lv_DNAAa8BdJLnAU7ADQBe5WfOJPU_ShZn4-N-ph-YH_0HFgWTZ9qhBGGqP02o1pYGHmNP1v_-jAJVQ1iZ6W6qvW-AgAAAYZSAAAAEGgBB5kCsiVTbS1fh_D5ubHdIzDu_25ulfi1xp66x9kpPdJzT-frtt2w9mtJH9WfYxu1euvV8Fux23MOynS2KtxDCiooElhrXsjfVasjbYCSsTz4rGyUF2lpV5_XKagtT0UU1yCaQVkn28d6f-Bifl7km-ycDbC4NL5jcFmz-tg6g9dYCIUIG7dzJsm9WIvD8_JRhMfreD6ZWjcvrrbdM7mttkzrxAlwwuMzQnAOf1KtJMVvNWZ6jf8l_2r1ylAvpGOM5s9uolA_63PT-QHgiFngyM94zExeO4yWdIO0RqBdria3otYqLRlC0BLfujE3PWf7cVaD4FHhgFeBVqN9LLaKEHNXbIbHEyQLCnHRYN1bVWt84b5xHFjmkmTWeVl1dR82N2d-eI3jjrbpDQcrpIgr4FeWIA5k9C7lra-GhE0XZAdloCpUZ7o4q4lqY7_E-nwzYYkBTywlmw-Yn6ig7aVELMrXy01Mz_ZzlzxbVsXLAerGyjnyCewz6DSVDjqxvzGJpboLXPStfUtY-Wlt3XuK0H9XvtLNF1brA0VUNmQNifUwHVvfa_Vdr5ja72I-I9QdTqnIyCyToMPVStkuaosfaCmRTtYbYloVfKXkW6I_7JbgcB1hz1Ot7xpdCpzyECr41xQVvC2kaIG02w2Zgi4VG9MTVgxkESRcpmFLnObdcBMJAp0w99MKTfk1pHzxS3Cu5wwmFDCtdjPP1hVJ3PcH-x1nkneE_fbMBjVsXuUZTnReSZJM8EClBs__2b39CEGVd3jpQ3lR-dTTNDSrCvenL3g3HcpqzMEdvInfoMrcWILHSeW2Kr8qqf28cqf--vcW5eQGufmmRgBje7oF87UwVonCjj83qdIbFxFSD06hdnKsqdJLl-4NxJGtMm3tVtm4RuBkfjah26lxJ5rdRt6N-JCKbkY4Yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA3B 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8076592533791&version=m202309260101&ct=77&x=1&cor=1009315367529966100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F14 0
20 B 39ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7270727233826&version=m202309260101&ct=77&x=1&cor=2861003522062535700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A973 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9620565032337&version=m202309260101&ct=77&x=1&cor=6613571749176795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame EFD8 43 B
466 B 17ms
17ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=30cWLsWP1&fp=8b7cbf990298e2e77cad6b0a6c02386c&adv=2&vid=e1K2.1RrRNg.oneidRxktgfQfr7ExakHjtDuQt7zza9SzT5RHBV6qoneid__dbmPros_Singlesite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=30cWLsWP1&vid=Q2loUzEwMUVLM2JFZzZENHRaczhXbTZuT3ZQZlFDRHphUjlLNXpHYmYxYlp0WWp5dzZmaE9HUldtVGpzSXJpYnd1bVpITG1IY3g4bjAwcXBqaTR6VGVjNUlLMnhPbmlxOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 10:44:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame F3E7 43 B
466 B 18ms
18ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=30cWLsXh2&fp=8b7cbf990298e2e77cad6b0a6c02386c&adv=2&vid=e1JZ.1RrRNg.oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=30cWLsXh2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 10:44:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame C19A 43 B
466 B 18ms
18ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=30cWLsYv1&fp=8b7cbf990298e2e77cad6b0a6c02386c&adv=2&vid=e1K2.1RrRNg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=30cWLsYv1&vid=Q2loUzEwMUVLM1lmdzNncEdXSlFEQT092.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 10:44:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame D297 43 B
466 B 19ms
18ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=30cWLsYQ2&fp=8b7cbf990298e2e77cad6b0a6c02386c&adv=2&vid=e1JZ.1RrRNg.oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 10:44:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
95 B 43ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=OzPlvie7Pumd125F,0.7104381186418245&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBBhHrmUCEMY5qZB74Rl6UFtBoM7iaVEFEgABAf-Kr2W3ZeAJyiMAAAAAgA%26S%3DAQAAAozRdzEUaKVTuLOWOWWmqcQ%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%038U4ab8jaQd2NytXC%04_w%03yahoo.com%2F%3F%04_rid%03fs9nySqH%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_cmi%03%7B%22AFT%22%3A1656%2C%22AFT1%22%3A1656%2C%22AFTNOAD%22%3A1656%2C%22STR%22%3A1513%2C%22VIC%22%3A1900%2C%22PLT%22%3A2933%2C%22DOMC%22%3A2070%2C%22HTTPC%22%3A150%2C%22CP%22%3A103%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705920283%04_ms%03601%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:44:43 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST activeview
pagead2.googlesyndication.com/pcs/ Frame 5C50 0
0

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 23ms
23ms Image
image/gif 23.48.23.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=22940&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yang-b5c558f59-jfp2l&svr=267_94_104_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705920280123029970147844316&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-12.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:03 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 10:45:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 94 KB
44 KB 834ms
833ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=799466616960666&correlator=1446080914111360&eid=31079956%2C31080257%2C31080526%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_center&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x250&ifi=6&sfv=1-0-40&fsfs=1&fsbs=1&eri=4&sc=1&cookie=ID%3D7c6e0b5b3bda658b%3AT%3D1705920280%3ART%3D1705920280%3AS%3DALNI_MZyfl0TmjUgQ7bIb54ecAi9-5F8Zw&gpic=UID%3D00000d4776f71bbf%3AT%3D1705920280%3ART%3D1705920280%3AS%3DALNI_MZnUuHUTjuJhDRYC2c1NRpb2pI7Jg&abxe=1&dt=1705920303050&adxs=315&adys=209&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=1600x270&msz=1600x270&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1664230946.1705920280&ga_sid=1705920280&ga_hid=1434146791&ga_fc=false&dlt=1705920279141&idt=1285&prev_scp=loc%3Dtop_center%26ri%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3Dfs9nySqH%26y_bx%3D1%26y_ldp%3D1&adks=2115072069&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e6b78c4c93afe932e7a84fb3e432a172082f726c4e4745e3d5c37fd7e651f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44515
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame DA3B 0
0

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 22ms
22ms Image
image/gif 23.48.23.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=23253&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yang-b5c558f59-jfp2l&svr=267_94_104_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705920280123029970147844316&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-12.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:03 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 10:45:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 718ms
717ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=799466616960666&correlator=1446080914111360&eid=31079956%2C31080257%2C31080526%2C31080564%2C31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_right&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600&ifi=7&sfv=1-0-40&fsfs=1&fsbs=1&eri=4&sc=1&cookie=ID%3D7c6e0b5b3bda658b%3AT%3D1705920280%3ART%3D1705920280%3AS%3DALNI_MZyfl0TmjUgQ7bIb54ecAi9-5F8Zw&gpic=UID%3D00000d4776f71bbf%3AT%3D1705920280%3ART%3D1705920280%3AS%3DALNI_MZnUuHUTjuJhDRYC2c1NRpb2pI7Jg&abxe=1&dt=1705920303357&adxs=1132&adys=572&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=300x1588&msz=300x600&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1664230946.1705920280&ga_sid=1705920280&ga_hid=1434146791&ga_fc=false&dlt=1705920279141&idt=1285&prev_scp=loc%3Dtop_right%26ri%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3Dfs9nySqH%26y_bx%3D1%26y_ldp%3D1&adks=3559193298&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eca78268e2e7932747623f53742dbf421f57105e5e4071136484a43fd843495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12041
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F8C 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
95 B 44ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920303986&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=0&ads_refresh_total=1&ads_slot_right_failure=0&ads_slot_right_total=0&ads_slot_top_failure=0&ads_slot_top_total=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 44ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920303986&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MAST-iframe&isRefresh=true&loc=top_center&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 053F 632 B
269 B 44ms
43ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEL7tuo0EGIXR4YICMAE&v=APEucNXMAI7iBCwCTyeArHLpWjtbx-Wucn_HJ6bkkPVwIc-B-AnpHYNLrSsA1NqbJ3ztaw8reCfqzLBu6HiZ6xBy1grWMI9zdTMwOAxkd5JzH9qwPujMHtk

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:45:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 5F8C 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:32:08 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 5F8C 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:37:48 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5F8C 0
0 51ms
50ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvkDe2dSsD_XwHraHEeqaWmffbv2-OC2ZNpr4WVFTSwis_Yjt0F1_qs_B0_sX1CnvyURqngRp0WrplI05wgUKypizPXctt0wKuiJakzHSfVr3eTKc252d3scF7d2FezV-oec28UD6Ovhq7WEPBtAJHd8mxES3YlzmfA-IjHXQei1b7KlDyGbpi4e_tqZfvXfucik36MoocNV-njmsSrC_aMVo1eu9Q88SvCr67OjiFrVBlLF3g1pvX9zceRZic_m4D0bUJ_NhqScwFdxE5pgzQRYN1f3dCyH_YKWnj9Rh78Whm6AKCOTOSP7IzyEgb1O_GqxASzTnbK0UYqmE0fUEVcQzDSFk3r3jknD3ovI4aqj_XiG0xNjALKU9AblRUjzpnxnc_8H8d0Cr-8edYQg7s340wn7W1D2sMhDB9sAKTrr2CNwfY-9RPdgdz0nNBSAVy3lJUUZJlMFHq8WQ5h8dIoTVb8bCxjcBNBAPLsGyH_35UmidT9D9Vn8B1ZWVCDHo35gfXP5SlwYu1ERl067JwIOKc7_GncUTz5Mwgng6r_iqFlD4liC8jK4eZhxsoh8jl9Cz3YlPoDk1cUYhkzvpx-ITQb-dUyGMaTeVezk7saw6gclM8Xn0QYLJ0Or6Sk8CHANy0WrRSyrkDzbd8SyH9fDXiVZEDVOy10bFif_a7EOqrDX0BzFDhYwVTpxM43JlyML1ryGnpSq28ePCj7A4ueKhJBPH7AT-FEkfAVDP33pkSGV_eFZ5LhYEjzOqYkDxVeAO4RLoWyKfdM2MHokWRuEdSjPECGYhEZZ71_woINktwv2dpfiy68e6Kot4ZaBGXFMrWmmM3Ew_42HUcM7I3P0AhS4xzbW-mfOMvVFMIyNhyzxbG9XF1Q69byg-okKYmtZC_QGjp-UAQ9yS8RDMWEmAvVFjO-59KCt3eMKOB6eSE5Nulo48uKVFqZe8xcBC2G9beDF9EyBUCnWiZ0vA76-8cRJw652kZ6hXbCInyD-SQWZmOQHBBiOTApNBJwkvb2nFvERRk7zk7tZY8u0ItlkhCYtsAYC4YYULTYKtw0shd5rAW83-R-6sK56EdxKebwUVo0-N2flGE45hXdkNvbYc-2wspqYYOdLZtQuBO8xj-Oj4b10TGJ2rOjwK16mXpYcvZOb1z4hpq6oac95wFWzt_wgGkZV9az5hGdH5Yk9zdIXg35yd3Xl0gwixSJ97QFlhH_n2T6ydWhUePG-CxCLN2X4VQNC9rcUj1cbiBiqfOWJ0O-9WRCMP9YkQ05VIDhiar6kofUT5HCqUbqJ3sIZKS9JCBn7Rd8cs7Mt7iFXWXdbroMQaKnuSTxXr9TwYkhyDCYCmbM6hW4uGD6HR7vZRiJZYJfiqCjZpdh1Pl4SfEaVhTRH8eYAcJcPRqUt03-gmavXfBDkDzDRlWf59wfqhhYBKRz3Vpub19FzLvRxGtbQVsdF8AUaR5Ep1Q&sai=AMfl-YRNSemdMcpWsMPH9Guqh1nBhShn9w_DcFx6NVKAwoWe81lIgOXxFeGw6F7T100SPIcqdIZqz4vPiX9j3Hdva0kPWIjP1w0BYjTOjs5ekO43N8cT9RHzoh7tNkaGSnt8nJEkIfMnrDC2azFnN1R_6OZG5gxwTuKKpxGKq333LGJHaLsknAcJ4Eh6aFj16Cl2PcM4_uE_ULduf-MaM4BgXTaxINaYO4yfCxBElhmW0zQlpW7Z337R68X4PXPqTsI_bhX0XDz4sk33sib-jrY48xU9u2N7WvW8xwHRZVGpA-NLYCY4xBvk0woWlKBccoXTwAWDDGz5fIeKGBdQ9swdqUdexj-QDdaZJxY1wYGmZ333jmQxDCP7944m7ryZ2LO89WD2tcjvmdnuI4hcbO7C_GFw-CiAAT_mbQxywMeK&sig=Cg0ArKJSzLDCG1HBDByiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWpvaG90ZWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240118.54071&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F8C 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5F8C 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:41:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED8A 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5F8C 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F8C 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqYAFmJenC1fZ7RqVzqNrjrsiERvTq-w5_HihCcxR0eXI5uv5_0KYQSCP_4kbsOmS2RPPECPI3w-03j2D9vFFDt8KiEe6NNNJNt1j0icEpPJ-qv2s

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F8C 206 KB
65 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:45:04 GMT

GET
H2 200 1067830244842370069
s0.2mdn.net/simgad/ Frame 5F8C 87 KB
87 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1067830244842370069

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7110b619f37f5678fd7a774c677194af6bdbf3f1ce2032fc44bd03f81d0a3e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 20:53:14 GMT
date: Tue, 16 Jan 2024 20:53:14 GMT
x-content-type-options: nosniff
age: 481910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89037
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 19:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CC6A 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F8C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 543e396355bd9ffb58790c882b01f528f1e91f38da6232acccc97bca25301942

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED8A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH2LSmEwuUZS71FukVDct_Q&google_push=AXcoOmT76JQw71ldktsfO-ij0NWbAERTeJRkApSrRJdCeDCUqHOfwsOoM8...

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH2LSmEwuUZS71FukVDct_Q&google_push=AXcoOmT76JQw71ldktsfO-ij0NWbAERTeJRkApSrRJdCeDCUqHOfwsOoM8AKwR3GwaOc14I7l9Tw6NkMZz5YzUvYi_LVqCgc-4fU

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230090-FRA
pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705920304.118342,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH2LSmEwuUZS71FukVDct_Q&google_push=AXcoOmT76JQw71ldktsfO-ij0NWbAERTeJRkApSrRJdCeDCUqHOfwsOoM8AKwR3GwaOc14I7l9Tw6NkMZz5YzUvYi_LVqCgc-4fU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED8A
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELl43ApDoGCxhXLY_Jyu8qw&google_cver=1&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5pJxLLC0wn4iGfsqDv

170 B
188 B

23ms
21ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5pJxLLC0wn4iGfsqDv

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNKw5UWwa8-qSQvk7vMa7Ilk8fp9GOH7P2rQIpSMG_qHHA4JqbjAlnr-Wzr41u22uLoNJqjF5JgP5pJxLLC0wn4iGfsqDv
Date: Mon, 22 Jan 2024 10:45:04 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame ED8A 42 B
233 B 280ms
90ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHbAF_vTAAzLZ0uQ76bcKk0&google_cver=1&google_push=AXcoOmQkLEdhjE4-6R7fCvFVhQPMaoG35ccSwrPJV3k27ZWDvMzP3-WS8x4yNcd3Hi0rhgdjQ_LSu5CeZ70hHFp2AjeHvObvT_HL
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 10:45:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame ED8A 0
238 B 86ms
42ms Image
text/plain 2600:9000:25e8:7600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEArFMvObpyUZkm8R2UrzZOY&google_cver=1&google_push=AXcoOmQmTAEHUqH7u5j9zQ-ecNP4ydLoxExIMQuuXjAgQi5tQcS8ZzpQmKQJKeixYDloP7AXNJGaNIpcCQEO4fC61VmLhWJBndo
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:7600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
cache-control: no-cache, must-revalidate
via: 1.1 6c43684b05a77c1925eb58e93105a976.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: TyXzz7LKu5YP666W9qQZS1LsgHBJS3t2QRpEHNgPYH7tvPuLFJUDRQ==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED8A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-9a9cf15b-a6aa-445f-bb0a-da659727f7f3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTSS6SyLYwYkv2GwQUtT...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&google_hm=A5qc8VumqkRfuwraZZcn9_M

170 B
188 B

20ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&google_hm=A5qc8VumqkRfuwraZZcn9_M

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTSS6SyLYwYkv2GwQUtTVBltNQpfPnrxdclYey-pW0xJ2AvkCZUOtjN8Ma_1ZrSMzQ52Lc0mlnKME_dTNDFe2iDvzBSXemQ&google_hm=A5qc8VumqkRfuwraZZcn9_M
date: Mon, 22 Jan 2024 10:45:04 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9a9cf15ba6aa445fbb0ada659727f7f3003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED8A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGV25VEv0vcBMTYv21BP6ts&google_cver=1&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36j...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmTgeJxzKyyYTu5g4RloQMKiyeV3Ao79ScCz6ClJjmbIvYyNv4fjFGsOn36jPl7GnyAUG-UjdYiphqepRXlfc6OCEQOBXPwk
date: Mon, 22 Jan 2024 10:45:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame ED8A
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESELMk1_9-zTnKgQ5P73h7c7w?ext-param=AXcoOmT6g15bbrUPrYx_h54mO6PwmSWTzCkNHvyBffAacKQSz0BX9Brb3oWpLlmPn8IjtXt8cN9johvgpVArTo2f_CZ07M_xX1La_g&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESELMk1_9-zTnKgQ5P73h7c7w?redir-setuniq=1&ext-param=AXcoOmT6g15bbrUPrYx_h54mO6PwmSWTzCkNHvyBffAacKQSz0BX9Brb3oWpLlmPn8IjtXt8cN9johvgpVArTo2f_CZ07M_xX1La_g&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELMk1_9-zTnKgQ5P73h7c7w&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

66ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 06 Jan 2025 10:45:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ED8A 0
12 B 16ms
16ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LF-z0jHvkpBHFDmbMSl7ZbRGAyzU1VBMME_RVC4Cz6-A6G5tSg-H9cbci7eb_dGKfNN7QzwQ

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 5F8C 0
0 41ms
41ms Fetch
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvkDe2dSsD_XwHraHEeqaWmffbv2-OC2ZNpr4WVFTSwis_Yjt0F1_qs_B0_sX1CnvyURqngRp0WrplI05wgUKypizPXctt0wKuiJakzHSfVr3eTKc252d3scF7d2FezV-oec28UD6Ovhq7WEPBtAJHd8mxES3YlzmfA-IjHXQei1b7KlDyGbpi4e_tqZfvXfucik36MoocNV-njmsSrC_aMVo1eu9Q88SvCr67OjiFrVBlLF3g1pvX9zceRZic_m4D0bUJ_NhqScwFdxE5pgzQRYN1f3dCyH_YKWnj9Rh78Whm6AKCOTOSP7IzyEgb1O_GqxASzTnbK0UYqmE0fUEVcQzDSFk3r3jknD3ovI4aqj_XiG0xNjALKU9AblRUjzpnxnc_8H8d0Cr-8edYQg7s340wn7W1D2sMhDB9sAKTrr2CNwfY-9RPdgdz0nNBSAVy3lJUUZJlMFHq8WQ5h8dIoTVb8bCxjcBNBAPLsGyH_35UmidT9D9Vn8B1ZWVCDHo35gfXP5SlwYu1ERl067JwIOKc7_GncUTz5Mwgng6r_iqFlD4liC8jK4eZhxsoh8jl9Cz3YlPoDk1cUYhkzvpx-ITQb-dUyGMaTeVezk7saw6gclM8Xn0QYLJ0Or6Sk8CHANy0WrRSyrkDzbd8SyH9fDXiVZEDVOy10bFif_a7EOqrDX0BzFDhYwVTpxM43JlyML1ryGnpSq28ePCj7A4ueKhJBPH7AT-FEkfAVDP33pkSGV_eFZ5LhYEjzOqYkDxVeAO4RLoWyKfdM2MHokWRuEdSjPECGYhEZZ71_woINktwv2dpfiy68e6Kot4ZaBGXFMrWmmM3Ew_42HUcM7I3P0AhS4xzbW-mfOMvVFMIyNhyzxbG9XF1Q69byg-okKYmtZC_QGjp-UAQ9yS8RDMWEmAvVFjO-59KCt3eMKOB6eSE5Nulo48uKVFqZe8xcBC2G9beDF9EyBUCnWiZ0vA76-8cRJw652kZ6hXbCInyD-SQWZmOQHBBiOTApNBJwkvb2nFvERRk7zk7tZY8u0ItlkhCYtsAYC4YYULTYKtw0shd5rAW83-R-6sK56EdxKebwUVo0-N2flGE45hXdkNvbYc-2wspqYYOdLZtQuBO8xj-Oj4b10TGJ2rOjwK16mXpYcvZOb1z4hpq6oac95wFWzt_wgGkZV9az5hGdH5Yk9zdIXg35yd3Xl0gwixSJ97QFlhH_n2T6ydWhUePG-CxCLN2X4VQNC9rcUj1cbiBiqfOWJ0O-9WRCMP9YkQ05VIDhiar6kofUT5HCqUbqJ3sIZKS9JCBn7Rd8cs7Mt7iFXWXdbroMQaKnuSTxXr9TwYkhyDCYCmbM6hW4uGD6HR7vZRiJZYJfiqCjZpdh1Pl4SfEaVhTRH8eYAcJcPRqUt03-gmavXfBDkDzDRlWf59wfqhhYBKRz3Vpub19FzLvRxGtbQVsdF8AUaR5Ep1Q&sai=AMfl-YRNSemdMcpWsMPH9Guqh1nBhShn9w_DcFx6NVKAwoWe81lIgOXxFeGw6F7T100SPIcqdIZqz4vPiX9j3Hdva0kPWIjP1w0BYjTOjs5ekO43N8cT9RHzoh7tNkaGSnt8nJEkIfMnrDC2azFnN1R_6OZG5gxwTuKKpxGKq333LGJHaLsknAcJ4Eh6aFj16Cl2PcM4_uE_ULduf-MaM4BgXTaxINaYO4yfCxBElhmW0zQlpW7Z337R68X4PXPqTsI_bhX0XDz4sk33sib-jrY48xU9u2N7WvW8xwHRZVGpA-NLYCY4xBvk0woWlKBccoXTwAWDDGz5fIeKGBdQ9swdqUdexj-QDdaZJxY1wYGmZ333jmQxDCP7944m7ryZ2LO89WD2tcjvmdnuI4hcbO7C_GFw-CiAAT_mbQxywMeK&sig=Cg0ArKJSzLDCG1HBDByiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWpvaG90ZWwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=32&vt=11&dtpt=30&dett=2&cstd=0&cisv=r20240118.54071&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

bounce
ib.adnxs.com/ Frame 053F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELUM2lPk9Nd0zvTrRVQE7p4%26google_cver%3D1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELUM2lPk9Nd0zvTrRVQE7p4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEL7tuo0EGIXR4YICMAE&v=APEucNXMAI7iBCwCTyeArHLpWjtbx-Wucn_HJ6bkkPVwIc-B-AnpHYNLrSsA1NqbJ3ztaw8reCfqzLBu6HiZ6xBy1grWMI9zdTMwOAxkd5JzH9qwPujMHtk

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
an-x-request-uuid: 827b30d6-9d4d-49a6-9534-355f5393009a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
an-x-request-uuid: 64defa0d-bc35-42ac-97df-4ab35370e361
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELUM2lPk9Nd0zvTrRVQE7p4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 053F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2Mzg0NDI4NDM0MDM1NjU4NA%3D%3D

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2Mzg0NDI4NDM0MDM1NjU4NA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
an-x-request-uuid: a2db28ca-4986-41f2-a117-5aa130a8dcac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2Mzg0NDI4NDM0MDM1NjU4NA%3D%3D
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 053F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0

43 B
61 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEL7tuo0EGIXR4YICMAE&v=APEucNXMAI7iBCwCTyeArHLpWjtbx-Wucn_HJ6bkkPVwIc-B-AnpHYNLrSsA1NqbJ3ztaw8reCfqzLBu6HiZ6xBy1grWMI9zdTMwOAxkd5JzH9qwPujMHtk
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0
date: Mon, 22 Jan 2024 10:45:04 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 053F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C58 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1ccw66oyq8ex2/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:44:40 GMT
expires: Tue, 21 Jan 2025 10:44:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 46ms
46ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920304123&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=0&ads_refresh_total=1&ads_slot_right_failure=0&ads_slot_right_total=1&ads_slot_top_failure=0&ads_slot_top_total=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 46ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705920304123&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fs9nySqH&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC-iframe&isRefresh=true&loc=top_right&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame CC6A 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF36 632 B
269 B 48ms
46ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWwIuGNwHblRJAF9gjEoPMEmSY2mJtd5PYP2RXbaBe_ogDzccO7omjmOrmRgnViOvp6YibxkDONGC9iRCg33wq1ONa6YXQ3yDixjSqM8BRnDyEYGIE

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:45:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9C58 89 KB
31 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:45:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C58 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dsv5AGF3pHmqPGy6QS6IsdaGyLBsqmWKTi8xTDq52NFr94kE-8G-ElxwQwMZbn22zIpUjpudvCqbk9845g8VKxQ4NYH45RXNkDPYg8Oq5_olm2JOo

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9C58 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 09:41:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9C58 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C58 0
0 17ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFBSZlY7IK-k4BLk66sAPw2FJZocPHovkvgp_mzfgfYXpoYlQvM5NxZNOndITAinI52iLGJRSYFdCL_ohjompnEu5fLQ
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C58 206 KB
65 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:45:04 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CF36
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1

43 B
1015 B

15ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWwIuGNwHblRJAF9gjEoPMEmSY2mJtd5PYP2RXbaBe_ogDzccO7omjmOrmRgnViOvp6YibxkDONGC9iRCg33wq1ONa6YXQ3yDixjSqM8BRnDyEYGIE

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
an-x-request-uuid: 64bf42bc-0e2f-4178-ae0b-9ceba5397c2d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELUM2lPk9Nd0zvTrRVQE7p4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF36
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEyODM0NDA4OTk1NzIwODg%3D

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEyODM0NDA4OTk1NzIwODg%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
an-x-request-uuid: 89697cf8-fe51-48cd-a961-42dfceb3a8ee
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEyODM0NDA4OTk1NzIwODg%3D
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame CF36
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0

43 B
61 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWwIuGNwHblRJAF9gjEoPMEmSY2mJtd5PYP2RXbaBe_ogDzccO7omjmOrmRgnViOvp6YibxkDONGC9iRCg33wq1ONa6YXQ3yDixjSqM8BRnDyEYGIE
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqkD5uPojWwUojIGcvRCgo&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF36
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

170 B
188 B

27ms
26ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1ODk1MTUtMjBmMi0yOWFiLWQ2ODMtZGU5NmRjZGM2NzJi
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C58 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9992799982347&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C58 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9992799982347&version=m202309260101&ct=76&x=1&cor=17336676165062175000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9C58 109 KB
41 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWVPZNJMg5xZYxU2aS4kbk0_ukQDIZdTUQpdLWVvnzLn_AQnlt5pf7PmGrSOgp8OqrE8aRXg-nY6kw8YdePtFa2BsBZwK6QTRdvLcdG7uMVcSxTsLZ9q8ZULNHsEN9QGnpOakDe_JPxBKB3witjOurcSIsWISovi9NmV3rj_6S8hPjWVY&dbm_d=AKAmf-DpQjz3MFc3jDQXISAkzIZL3hMygle9R4Fmq2Yr8BRyYnTkmv5_pXhJPsaizmlExwxjpZq4z1qU6bjDCNiLOoQltG8N27c2mumpK4IehpoZYCQ7bNE3-wAXXtim0F5jjbC1V6mxnq94BOuRawPkLdUYlh9vvSy5LOOrSuRzec6nkvYAm0dg2Q3-FktU66w2jxfiEdjbXZpKAbIV3fbz3zSuw13wamJo3-cRofS_gQ6Kfj7HhbimCj3amkDVhnnk0BiOzl0tQnLQLb8XMfktV8rJoT0YbXsD-J5IaacUrPNxQk87d464UCRgfcEz29Wi5Br_BJwiELGInPJc7hi5g13OUH11SNZnqyfnZJiFLBTFsLAb9GthMnDTQTGe5M615i_hE8WUAmyBiUcO129bOmwOi8bYMsNNaZ1anNI1Dp8T_G6dtabxRttBhGDX4S_-SzsObBf-o4YZ5983aW-gqyEbtBftv9ybTAls907JywLFzzGQjXWH6LBN5sN3DSi2dsUfb_HldROHVJrrYSfXDaRFYAcnUJw7dnqx5twTl_-jvipOkNoc5UaR8TvfzbDF3yVmSyv77vp2Z7EEd3RhwQfEWOhM_lPRk4P6t7_m5xWLeF2nq7AUTVHPfFf5gP1l42oAuwgEQRKuQ3HCJSfMomn3XWoXrFs-_6pZQ8Ly3t2C7_-2EM5JpgEiMGvLt5EYNH2qCtMVCnPZ4AYaeyA_AUdB6M8yVJZ_wU_Kz9taUgQGBHo6vZBWRvhy9ERmSghwBlFn-jyctsSsOPQLJxiemyROPB2Ff6eTu4rAimAKB0fwR_PrmpkZm-4JENChReHUu_tDbBg4sOOIINXR8T5UA55xpghtzVXIEC2O7vs_Unh6MGyufutr1__M_H9gGtF4NR7GjmyXITFAU0rYotV55a2jtvnSAbntRNPSxAO56tSJdCoSyAcIHc6YaLsophvvO3hR-4gDv7fmn6CohRcCyB54M-4QQ9yaVHTAxvFdcOmqV1NZ6cBiOZP3rk3SqQLjmDOjuY36vxCI9gr8Rm13APAl1w9vrdBk6SSBro7Q8TEhTsnlQ-KXCU_4we7HY6ZfUQeAAJqwVdQQjJHx7MkW7SHqnl7b846fq1D3jLQrRTsctE1PvYEXWbZfiQfHcvDBexg46jKcXok6TjBpR9YDvW2gCe26c5EPyhqkFd4uYOt6AMe-J_HucaQD_WOrkHK2y-CRfuHTBehOHjTI20BkxypTSZcg-8bj7thojl5V720q_krle0YiFKpe8qVocX5cBBKx7q0JQX_QKhmfQUQSbAIKLa9Dlfaf9pcY5gvpcu13-rwWMvN0BSdXFUCQkO2ai733blDqnKye6V5waucJkSYDEbTqaYrmzrCVCTzlL8QvqNPTsQjIEwsximC8cWj7wEYdStvzWkeix7RTR_QTzFyxONsVTdT3HrDbE8gbOqzszDk-LJC7c_wFS2tMZlKv9eXzDjPOulIhSvav9ncSnEnDCSNvdpVosxQe2NZAdda3nvuWoztAgYkkQ0_Q4Bk83pIjMspcI3_XAtALhVDopDyEp0oRzye-NCKB21NjIBSbSSEpMlN1Y5-TEyp05wlVA1c0fYvR2pg-2d10LAFVeQB7e5Vv_8NNPwGoJhJonD5hhVz8ZRLspctPMo1BCo8aRS18-lr_IxmDE7DtBYNDry4aiKexR9R1Hv-_FxbmyD93NCAN3fpskTchwl92Rc0aDGsoTZ1nv45LSOvMdyvZEvMitwUr1G8_tV23mVOWhv_QdZz8m9AVms8IJT99xuIg-e7HwI9q3nU2GyhYZWFIi5imPgD1scB2o1GZfE0p9ejxZxKshT0lOnDQQEwadWpXzGki9I2TMWDZeA4jf811H34lMEXJ3iDdOldwo_BZ9fXUjES-7t5E1-1gagRUyI1Y4K95XxAzvcXaTXuO4ys7a492a-7OWhojfvWU5wYETsOLz3gi0wVsF7UtE5zjf4qZNK4wfO9P30lbHT_IcnX6bBLTNhnMMgnhD6kXhVZ9cWEWSM1CJm0wpBRiw62mcZFbwZ7qItatbq1lw75j6S0tEyFVxUBj-buBTNS46NTSLUYxN1crW2O0rQwAFdHC-xblj8Vj50XG4OqsURDRrr1UPCmQGaxAzts_alhyKB2dC01uZE2Y_wDQlI0wq-ZgR63M39DD9QrZhFGB3xrGrtb7D_MR38Ue_OzBOadjZwrBDnhYBNeNXCk0IVInzYyJqcLcMWx0rIdMC7rc2Nm5lr8zXMcdtCe4zkpPGbivoqOG741Ac2_y7ZK31uV-EJE60gaXrbkK5Nt2-3h38HAtN6klpj_nwG5sNgDMfNEMdPfeb7dhoirEdg9K9MGBtBASln34KSkf4WgkDuzmWQffXDmykxX7s9i9eRbqS1VyGLhutWe0uYei5872q45D3mioDS6rffxelSn09dFj0QZswdCVxaegO_TqQXhKGap2ciE9EYgJH71F1HaS6TEy9PPIkBEtDctklDcZznwm_OFoX14-_AHk941csl4mLAk6nS9aUX2MXP0y0qv5k2krLvhOp8V8rsioYr10zRPWNb4hKCJP_qR31nJf9kZ1z5G6pznro9Yu0rPINhSlBYocf5GFwq8S8xOKlpmSBS_BSK5vOvlgzMf3VQX08NX6qYiKtoNnFf1MXPnq3UZmZAf_Dfzql-pn60TSHW_LiZtNeeobuuScX7qzn9Cqo3y45AVcl1i4SfLHwLFR8H21BqnuhvjkAl71u1HXyEmBPMxW_k_FI1slODiPppedkINpEUccQ03fIp3NM4i2ST0OLo4tQ9ZiQny5op678Ms4HkETWbVlGWch1W7dDfRRaie4BA46lRgPIGRGn5a_HwwtKXECEgPuDAQ5JuH24lce0hYNMFD10ZTEBx7zV4VdE_IKMMBNxTUEAtceB4cZl6Z6730enJPLxZm1XsjVWUq3N4-6yvHRFeTnPvoR8DvdI5eqbbCBmpzsQsIAqd_4APhgaEg5rgL_vuiHedrbg3kH4ZY6sJ5V4zx3k9K7VhqDnU2LA8mjRnynb9vV5FUw6FbTmPW3xvHFxhda_VvZyNzCwir8vD8Ww2T6C_yKAXzwyyXSfildo9skxK-7eXnSWh7k9NGVQjOffpw6zUVabBl9OvMBpH-Wxa2izvZa4dhlHM-zaieOc3AKIPOParm_Yt3VU-rch6otFhiYMElCmC_e1WXhqqXA7fhk0i7QT6L6II2c1pCbdE755BvxQXAsrErLNhyV2Qu2HoP6Q_n6zf7I24fte7bZwimiijsap_uIeZ6PEEbMj1Sb3wCzW-A2PVCO1oWSzDVvv7OhEHTqidSDS0KL-4IDcGkoOPDPQx3EowIQEWynCiKm8mTMU8kTyVXf2jDvUSIt5wwMylv73U0UA1mYktEvyMeqf1CmxYpnWcwGMgLoasNbkcelX3FTw5AXEVN-dcVM-h1UKC26ZS5LwXuCX8f7JLwvWLzCxwKDdmemFt6x7nRXvtnVRzIwLzI4C0W0-k3AVk2L2npEM_8H3SL4s7Mu3OE-MYclUdESU5i0p5PyubWAzVEqs6zUGXBltBYWGVBO4IVvkYkr0ynP1_0dXboPCqixLTQHRsa4Y45xtTRL8nsa7BWVEbACdnI-dWLRi5ypxCk-4d9G-wSzSPJj07hKyn-A9vwy5uvqmitGMGHouahrV7bUSxhnNjz9UjRP-Srw_ptC7RYqqJnqxrZg0dSlMeNQk-7tdOXE3XBHfCtp3GnaizW1bztntZq91LzApcdxBGBKrROWFP1MN3ABq6hbBjrPSbsPItjnlJnmc2CQCtngJSSlN7yq2Zs&cid=CAQSOwAvHhf_2dLJGNb-stlVC1v3AFF6ZSRkSGOLtr890KCVPEEzAEAjsm_v0SXTuTfvfaLVUFIXj0g8tGpqGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=17336676165062175000&adk=943508964&idt=112&cac=0&dtd=10

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8031f99bb857e70c4c3af89be5c1c9b3002a0c91a64f01ead491f8dbbddd885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC6A 0
20 B 54ms
47ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bx8JDL0euZdXeBfej7_UPk7qGuA8AAAAAOAHgBAI&bg=!bW6lbiHNAAZVxkGXdcY7ADQBe5WfOK-xACZMliqJWKcdAEEbi3HgN3E_G4BXrDbG5xSRfi_Ezedmbtko0F07wp2DRqbzAgAAAGhSAAAABmgBB5kDB0bl82BftOOhp0eRK_z_A_zngNuyVTby0PTUyH4S9VL-Tx4LPXZ8XxLhdJKklyLL5cicnvMu5drTFD5dIh_xBQXJeiVflSg8sedU2ni6YkcYhpsWUk4Cx2-ijOAC7iEXbm0c2COjiTRnKgC2qTp38tRdks5cebvHrKEz0FPJkhr_JyVMfeXYfwuwzBpnygTwjgKkyr1n_18NFH1KPgShhUyf9T07Jy2bH_XReYqi3xHVFeGaV_2ZT6u5cBj2E9qBLf_o0agdhz_ltT4YYw646x6BO5yv2SYyTfsnxOvuM9XG90UXV87ck5L2dK4dA8XRaAKbHCv0dCHHfvw-LPhA_iRGLZkAa0mqViWH6RvGrHIwvx4ru9k60UGxRpZp4_5JT_hILFvV7gsoR4FaK7hUawxXqr-HmA1-ELifAg_ugF5e2lpnAZCV4zwA05RY7-di3K32WsjDaeciz2R-CmMSRzvBc6DWOeY60i5e9nSMH3HpjsiY8poejpLNQZ9NpEoMfZPvR--1oVpTnozynpSuR6-XI9FO_sgCcu5emdvdTeTIS_-BFfMX6EZIbAwsC023vlVQqM7kNhXWNKnC1spHUd2aIu6lLA51M1KrO9sWRSkArV_ODV8IZwcyZBx3hZB49DDSjhuOkIY9JqTktLeJgQ9NiKRkXtUUT2EgLFGp8iQHWy-l0FSPTNmweIsvIbCE4kAtSV2hwxd2fQhWfFFO7FQb6Kp2hrvxgO6WLszgizt5bffzfon7XfzQcQYkPCcluzZjVpnjzBAj344Fb3jY4KO5Il6iVRM0IifSix2zD4FgBQjiuATTd-X4TT_mj9ln7rkS3ZVQl7rspfV19iBhd9oyAW0RproaA_JLe9fuIjQ-VX2mYCQqzOVZ9Wf71YYjGWjik0gDaCkjq6pdLSD9k5LNN-SFI4_zmhv2f8nmBUo23OmiJXje65Hv_I3KdOELpe5GzeyioPijzYAGQkW2CRFxPpvWFw0HWidL-A7QINTKqj4_9ojUq8T1Zq8JNfAwkSSgBzMnBcg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1350098/69352126/ Frame 9C58 270 KB
79 KB 123ms
35ms Script
application/javascript 52.214.230.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_placementId=20884453817&bidurl=https://yahoo.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy4wDc-rAdWv5MbjC6rjak
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.230.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-230-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f84e5dba8fa6779eb41140d680175b70e89aa2a00717a3c8a6283620c298ac0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9C58 111 KB
39 KB 326ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Origin: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 9C58 12 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:30:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 9C58 31 KB
12 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:30:09 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C58 41 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 408616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4D37 1 KB
643 B 16ms
13ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C58 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51be41dcacd2c74eb5fdaf6bfe36fda4d0da1ef54887999da828de730bfe3152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4D37
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m...

43 B
420 B

180ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8497349019423656-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 162
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPWWdjJEtZ6ikyzHklpbikU&google_cver=1&google_push=AXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgAPyoxKePq8smhqWFsbqwCjYIKOPvfHQNnt7cWwVL85odbryj5iVuNkiyaleJLlrZPuxvHbLmsTYF2yNkl1GwCOen9_m8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8497348ee80f3656-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4D37 43 B
236 B 45ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIUAhDFEety0s-0uGM9fOTU&google_cver=1&google_push=AXcoOmTDtlUXHoMcZAiN1BUVjPQDvHRGkibTnlqWMNSXGck3cTfiJbAHYOX80tGndnlNhQk8KEbpUVVAdHh_SwgpgIunT56H-2FS
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4D37 0
166 B 63ms
17ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAAvLPfIZbVsKFkHSLDbIiM&google_cver=1&google_push=AXcoOmThUZ5SdSZdHfm7Sjs8xGLfJcchC_F4lcG15vqQobfaoHgmkSDo39BXrh6Gq1v6j-TY-U6moid4z8k-AX7Z4qf76pyi0WJX
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 22 Jan 2024 10:45:02 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D37
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENXXThtgCHZxRRrEthFKRtU&google_cver=1&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPU1dKOTMtMUotNDNFTA==&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0zhSBnlBJRy9iJd3_z2-ZMAj89

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPU1dKOTMtMUotNDNFTA==&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0zhSBnlBJRy9iJd3_z2-ZMAj89

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPU1dKOTMtMUotNDNFTA==&google_push=AXcoOmS7vMB86ccdPYkQrlwDHUedLruBgBLSQzbfClOCtfcP5uUkqLan9VTqBH0PFDwKOM1ArC0zhSBnlBJRy9iJd3_z2-ZMAj89
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D37
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPt_eux5QkIkUDBTF9WAeeo&google_cver=1&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4J...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPt_eux5QkIkUDBTF9WAeeo&google_cver=1&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4J...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz&google_hm=ICJFrGZHQTL1knQ8TWOVFTGa

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz&google_hm=ICJFrGZHQTL1knQ8TWOVFTGa

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Jan 2024 10:45:04 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQXIpcMW_qzWDBtDD0TABjqHRnZHPxZZdKJyc-fYeb89v98BiVFh0RjagqJUqfZbosGi9qfA1KujUcBdjg4JPySoU7tCWjz&google_hm=ICJFrGZHQTL1knQ8TWOVFTGa
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D37
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEGzU4pN91il4LcTvz7sA_zI&google_cver=1&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox&google_hm=VkVTekFpaXR0VWlJRXVX...

170 B
188 B

23ms
21ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox&google_hm=VkVTekFpaXR0VWlJRXVXQzJHYXc=

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRotccSuX1BJy0kG8FQ0z5Be_TKDxJ17s0d37qUIKryWR0J8PoerLMVMh3TSuqdm1K8yV2qagMkmnyz0GQscxAjiE1KxBox&google_hm=VkVTekFpaXR0VWlJRXVXQzJHYXc=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D37
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGV25VEv0vcBMTYv21BP6ts&google_cver=1&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_oRydtPLxeK6cpu7RQYAEm9QqxJOY0ydyjEje
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_oRydtPLxeK6cpu7RQYAEm9QqxJOY0ydyjEje

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc1MTg2ODc3NDQ1OTQ0Njc1MDk2&google_push=AXcoOmRniWE1XN3y8oUxDFqZ5r31Du3wxibBXJgGoTWd4H0nLUDJf_g06tErqdK_oRydtPLxeK6cpu7RQYAEm9QqxJOY0ydyjEje
date: Mon, 22 Jan 2024 10:45:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4D37 0
12 B 18ms
17ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeWnxDw5eT-wTzcJ88pxR9wdrggagUsa3n2IzLh8_StIy7OQTlxO5fz6JLwdMQKmlspmJo

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FEE6 38 KB
13 KB 9ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame FEE6 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 10:08:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEE6 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtYJmMEeuZdzwEufJ9u8PibmomAcAAAAAOAHgBAI&bg=!1tWl1ZrNAAa8BdJLnAU7ADQBe5WfOIEQeeDgS3jG_cEm3XHhNkXMr6VEMadmzTbybiwkDDg1qnMuygZMhYjezznm140oAgAAAERSAAAABGgBBwoAf5P5w790jg2E-OWeYS_GHScZIZZknX3UesHR9KGKv7LU8GqvosrgxSo8mgYy_PKuCDeVocvW-GYxHDB_UdXQakAEytUn4eiqMZtS8-K6gksgxANB8M1Ki15NMX1nWeLPL1vkQbc80YXmi4SBFfe2hBlcL5hPp_wbPG8AgHGKpeaZAvokzlpeUbtaA0cYQkBaOasVHwfJfS9sQhQZXRFEIVSc2ExauzITRXXcWl7yAphv4JHHpeQXhY6LhRjQ2ZKLGpDL3M5_WmBEkl4hORNIZZEOxvmIxKqH9MsBz25CxxffCcFPFZ-4hrcv3ZHWYxYYa9pPt2kEltoiS-XfAyXaRt7Uv8tpoXzLF3DS5mbeFnLYvrlUVguVpsAnYDOjGymNHgRMA9r92mMmLI0l3FWFHTjilw2ZgTgGgPahLlmRG5MC5Aoao_4FDeOqkUVqqtDH4C83nhW2PATQa1ZrkBSGwPNYYXvTXa0D0o7Hfaf22T9EPqWO6SwTdYJLdBhI1XL-G59J55stLja3Tz4jy-mu9stVgwXrXVSLFMiZ1UTPOJLf1UaGUCxpc2wxDNRAgaK1Ac2EC0SjYR1bWgW2X6BJZBULKDqpJ8_oUja1_WijFjtTOF4HWk54hvfI_3MFLVLexbdKKmRHryiszp1STpayBjYdVxv_tuPFO2cplxxEhU_jdcPrFQHKLUlcRSu8o2AgWoyOiSsMHyWiIAqw_RMLteyaZxxa6i34ra4wvZnnqCmpnXN6_zdRk2-Tyr2A5yBsS8iPh-KrO96O9HtK_IaMQa43R8k5IeJ4W3RB2tG5fbwyXEb9zQfSuBhieASFZvrnQQylJgTuM2RKA7FnDO0iiZ3cCnPGZ49oP0zFGj1U8V1oA39QrbYFgc7EvrY4yLetyeAghTwqPRrf76gk22JoWRsOiD22YLxVVNB1_PIdA8anECs9RxpH69jan7cc5OBC-E2PU7NjGu19Yn_7hdULJp1rvPM3H9a1mua5ddlqxz0y9GpNk-4jFdnLBaFPU3T3tQZLWBZ_QoR8rz2zNGAAze4GyzAjNdm4qrKR08crAJ2QEzAmmtKmyyM1AECofwkRLrKwEqyOIfXqVhOixVXhePoRWbpPbEyyZPQtwWBMeOwxCpiqYaq3OjgIQZHwAjfev4miMR1Icu7lSyNgouoKtHKXHcQK8z9x6dSxYgA

Requested by

Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 9C58
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1350098/69352126/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_placementId=20884453817&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
1 KB

7ms
7ms

Script
application/javascript

2600:9000:223f:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:30:42 GMT
x-amz-version-id: B2DECWousx5u_bYFIOwt8kPa0gFIEK1b
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 324863
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Jan 2024 21:47:24 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ds5crYT-lJbsgkg7TTLD_4Jxho3eMWcg5tnIPUCWoIcpqM9XDRG2Mg==

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:04 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B6C4 91 KB
23 KB 42ms
8ms Script
application/javascript 2600:9000:223f:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10665354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Qxxgoza7zeGNcdCOBBsiBqJgU4VtXdLdcOkGySP0cTHCfGtk0hQZ-w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C58 43 B
215 B 513ms
169ms Image
image/gif 2600:1f13:800:7781:c25c:80b2:2625:60ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=16d913df-3ecb-9d68-3b57-e5a2c2e20024&tv=%7Bc:21ExGG,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u25tKlZ+11%7C12%7C13%7C141%7C1421%7C1422%7C143%7C15%7C16%7C171%7C172%7C173%7C1741%7C181%7C182%7C183%7C1841%7C19%7C1a1%7C1a2%7C1a3%7C1b*.1350098-69352126%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:24%7D&br=c
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:c25c:80b2:2625:60ad Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C58 43 B
216 B 508ms
168ms Image
image/gif 2600:1f13:800:7781:c25c:80b2:2625:60ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=16d913df-3ecb-9d68-3b57-e5a2c2e20024&tv=%7Bc:21ExGI,pingTime:-6,time:57,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u25tKlZ+11%7C12%7C13%7C141%7C1421%7C1422%7C143%7C15%7C16%7C171%7C172%7C173%7C1741%7C181%7C182%7C183%7C1841%7C19%7C1a1%7C1a2%7C1a3%7C1b*.1350098-69352126%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:24%7D&tpiLookup=ao:yahoo.com*&br=c
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:c25c:80b2:2625:60ad Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C58 43 B
215 B 506ms
168ms Image
image/gif 2600:1f13:800:7781:c25c:80b2:2625:60ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=16d913df-3ecb-9d68-3b57-e5a2c2e20024&tv=%7Bc:21ExGO,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:463,beZ:465,mfA:468,cmA:470,inA:470,inZ:474,prA:475,prZ:482,si:488,poA:489,poZ:511,cmZ:511,mfZ:511,loA:521,loZ:525,ltA:527,ltZ:527%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u25tKlZ+11%7C12%7C13%7C141%7C1421%7C1422%7C143%7C15%7C16%7C171%7C172%7C173%7C1741%7C181%7C182%7C183%7C1841%7C19%7C1a1%7C1a2%7C1a3%7C1b*.1350098-69352126%7C1b1%7C1b2%7C1b3,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:24,sinceFw:38,readyFired:true%7D&br=c
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:c25c:80b2:2625:60ad Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C58 43 B
215 B 479ms
170ms Image
image/gif 2600:1f13:800:7781:c25c:80b2:2625:60ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=16d913df-3ecb-9d68-3b57-e5a2c2e20024&tv=%7Bc:21ExHg,time:91,type:e,env:%7Bccd:%7Bversion:1,uspString:undefined,isOathFirstParty:true,gpp:undefined,gppSid:undefined,tcString:undefined,gdprApplies:undefined%7D,gcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:91,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u25tKlZ+11%7C12%7C13%7C141%7C1421%7C1422%7C143%7C15%7C16%7C171%7C172%7C173%7C1741%7C181%7C182%7C183%7C1841%7C19%7C1a1%7C1a2%7C1a3%7C1b*.1350098-69352126%7C1b1%7C1b2%7C1b3,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:24%7D&br=c
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:c25c:80b2:2625:60ad Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9C58 0
259 B 59ms
42ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCcSTte7r1K68Fa_YHXgv7t6b7lAP_qlk6Qy6amQEacrPYHkTXEYltZOoT2IQqFsXtRkqnpqKJXpHmvaQaHyXkk_gOzyqgiz9tzekV0fjZ5CvURw6hvxfizVHtW0fRHBZYu0uPpM16A2-lGRVEjSAsPHk7xT_n_iGA7sWTn6yxzuSZJEikzioBhA_a2r87hEr3JEuFORi-2QVC&sai=AMfl-YR5LhLfPW-GPSGdS4bAlYzucEnZ7wa66RkakqKr1nGQWCOCaR74TOwz_4nwr07MzU-ln4-i3W6EO79IJ8K1Jkua3yA0nbD4yezpm0HLWsXmCFJkVskGBagebswTaOttpWjLQotD97b5XyhvvalTTp5yEQ&sig=Cg0ArKJSzCH_vs3xcu7pEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:45:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_300x600.js Show response
static.adsafeprotected.com/ Frame AEEA 3 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:223f:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
date: Tue, 16 Jan 2024 09:34:38 GMT
x-amz-cf-pop: FRA56-P5
age: 522626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"439e58c5a30158dbdc47481bb170410a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ZC9rT0oy-O1k_7RsOM4sHSRs7bj81ieVzvn-t5j8r0aT1SkLgRDCGw==

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame AEEA 34 KB
34 KB 8ms
8ms Image
image/png 2600:9000:223f:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
date: Sun, 21 Jan 2024 00:03:01 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 124923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
etag: "26e2b461771f6fb855141aa77c859584"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: YrX908xj06AN8VkU5jfUINUjDaD5kxJFJ-BWPPlx-Zbgy_ODGS5ZXw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C58 43 B
215 B 196ms
169ms Image
image/gif 2600:1f13:800:7781:c25c:80b2:2625:60ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=16d913df-3ecb-9d68-3b57-e5a2c2e20024&tv=%7Bc:21ExLN,pingTime:-10,time:372,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705920304934%7C%7Cb206f88312ce955d708248b8b79142c3%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1afa2bdffa16e824f946bcd509c68f94%7C%7C830f556e67018d46ae4be381eee6b889%7C%7C1787f3465ee4746d410dd147b1c0173c%7C%7Cd3bfe1ec12e45139bc99cf9dd57c4890%7C%7C08ef881dc7d26e759acb9182d8abfa5c%7C%7C1663701684%7D
Requested by: Host: 3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
URL: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:c25c:80b2:2625:60ad Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F8C 42 B
64 B 165ms
165ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ksGDgEWnro1G2UUjrP7CuzAgFTAMvN_IdsgqWtVLSuy4pTrKCS1xvPoGnpzFPRbMR7T1ec7mBGd2ynmb0pyDIng7GGT6XN3VRMCqBN30BmjXZqqW2w9SA86jVnefhWSBykJII0QmM5_7bcXjh6kL13-l&sai=AMfl-YSaNrrsNEpS2orI_6C75x-durgp8J0D1Rz-WLTLJ75Q_hz6rKnwgCGePQv4vvCTJbnS8GAqoRg4ev7PzCIDn0BPhWhO3sSofpkUdwmbNJvXfsYVJN5em8MmqKg&sig=Cg0ArKJSzG3u8OB9DdxqEAE&cid=CAQSOwAvHhf_F0G_GbPEPMA7lPhj_jTM6IYU9FMzxnMOmriBcCKFCT3CQrAYsK7U2cxvPP62-zE64hCXr1pAGAE&id=lidar2&mcvt=1000&p=84,315,334,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2115072069&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705920303960&rpt=243&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C58 0
22 B 80ms
80ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9992799982347&version=m202309260101&ct=76&x=1&cor=17336676165062175000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 10:45:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu63CaZX3SamqLa9aWaSc8Fxt55lFUM_RXThotT40RX5IrhgRPnsv1P4QAvPMiQLg080hFztPN9nzXDQctvOZDzimD2E1c2crcVscDrVzXKNlhu0Zqivr1WMzH94Bec0U2kF0bX-KSOwK9sgksfRE9L3JNRMQ-6uP89lY0rcNVF5gz99zFx5YmxIQdWZ7mGkKqVddPtxJnTXJF_JsOCBqL5DH9sfTIWTqbH68_UOHvFu3h9u0o7NEgCaEapoHftTXFDGzTjbSDT0fIj3qFxmDE_pDvGqd3uROngkMLKjrnKJssvGNS2m_Ut0l1z23OjR-SYxrzqWKUCS6VzBQYG9H30ZRCHm2rDVQtG3jn7MvPBZq6vkjnThricOs6igSbPqGn4D_NEQFskGA8fOoOQeJO4um3G_s4I4G5kfSPxBadm9ltRX1htQY6xRewdVgQVTvoggUyUNyRHMpUr4ElAPNZ5GP0yYIVxdqWk0eazofAj68q98KdvTsDOia0iPacatNvppHzP35ndBm5DZcykSxnIItsUQQnWnk9cZImB9ruLlWuyxVI6A1zOeOvkuY8ikySuvbvbWsA0-gfKw8qGDF7koC1TAxPUE2-AUe6hExhvsWjjHX238X8z0F7RZ_FYUlBHjPSPB5qJF-xqFpes73BSC2qanOs9Fr6iJpf1RroPnYIqofuZ7CuqTh0PH5cKadAVokaIyEpFFJWZxpNDDj7W26yiPPzKE9GzQOtHDYQQ5y4GpaRv82iNn-AFfB0ZI7Loj2jbs60rUfh8abfbopOfXcZFdJAHRmMVoyVz4Yui7P24-TP8l67Kegd6ambVl-RK6cDRRdhVaNN6uVIaX5Cf_wE5FNh9L1YQdp_vEAqXgVGB4XvGkNrPKRl3DmtlGp74cYCpooF6NOV1MlsQ7OOdrgmZT4yc5SJIviEeEyvWP-wmpjwCckhY-Kooqq9bkw_m9iuDSYqAlg-NDx7t-W0xSJxborlyUGzj3HrLMvI7fxdW7Pjo-IeAEtRh1Iqm_uj5OzQk81gUcr-ZFuecHfrULEho6FgGZKBVn8lKuGPDBtKWgfEjnkI4bqSNW_-nnfyv1PoD6qpU03-uT4FzPNBvCJMdYj3AvHGHiE2YFjoPZSJBT59UIJAUESMQq0kNd4I6cTRz_xK9TTseOJHQBokFrG_ROThbi_JdUXN11MdYK1Hgd8Ui5mXg9-lmYWbuvsYQrLSPqVBC2IRJ408WEhJprzK8d9u8limxi5BXl0oToTvxsZ8jPRJpiLyRoTmNouQbJZrAndaxR8q6TbFeeXtB9YFeShA&sai=AMfl-YTKb1jpJGEU8la54MMV8np6XjIpo6n7C98elAzs6boUz0Y5nhlayYOfC2UjFlNheNMdrsa6OYFGSa49CUn7JyFeW8rHZ4sRfIAqlqowEkPVgLtKCd4m2H5M3Ny5dJVBFC1KaUEpb8mWlRPNxtaitl1S14XFYpD-iiiDtQ&sig=Cg0ArKJSzM6XFtC8dKOyEAE&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&id=ampeos&o=0,251&d=970,250&ss=1600,1200&bs=970,250&mcvt=20989&mtos=0,0,0,20989,20989&tos=0,0,0,20989,0&tfs=939&tls=21928&g=100&h=100&pt=812&tt=21928&rpt=812&rst=1705920281090&r=de&isd=inside&msd=inside&avms=ampa

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUTeb6BohteDh6rXV2iyq2aAFIgh-R9V8YeiuPyLp18bGEew8XF4heimO7mX2QzHuxEcEyevHw_qAbWXULpJzeL3OuWwlq_eWXFE1VdTOvhGy1D9KlAfEzIxb-BKGtmjaqEPlwMBY2xTE&sai=AMfl-YRk6W4Xzw2y3UcnYXExNca32kNwVCTUbCYpoWv1PUg8A1wxElDZjOXPRACmFY2tvCu2OV99Y5_vvA7AIEJ3bdRLuVGCcQ8XrjEc7ExCzRHezlNQr4MDTuRCQFW664qLT1_o101ZD32tgCOvu7RB&sig=Cg0ArKJSzA25t8y29GqEEAE&cid=CAQSTgAvHhf_eUWZbiUNh7ncte_-mFmXhRyMfwya_wzyBHOQLuIxHuJI2AEtBftejWyDQ3OqFU7xNeHhNWh3sI2dwQTHyc8BoyYy3yVXXjf26BgB&id=lidartos&mcvt=21344&p=572,1132,1172,1432&mtos=21344,21344,21344,21344,21344&tos=21344,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1481106528&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1705920281020&rpt=936&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:35:12	Name: userId Value: Unfibt3iu2afUTMUl28ndUhRPTCKYUv2
.www1-notifbestads.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: 6f2767c2e01055b0aefc55d7cb046daac43940a47fde464abb184a7282b94c74
.www1-notifbestads.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 6f2767c2e01055b0aefc55d7cb046daac43940a47fde464abb184a7282b94c74
.yahoo.com/	1970-01-21 02:37:57	Name: A1 Value: d=AQABBBhHrmUCEMY5qZB74Rl6UFtBoM7iaVEFEgABAf-Kr2W3ZeAJyiMAAAAAgA&S=AQAAAozRdzEUaKVTuLOWOWWmqcQ
.yahoo.com/	1970-01-21 02:37:57	Name: A3 Value: d=AQABBBhHrmUCEMY5qZB74Rl6UFtBoM7iaVEFEgABAf-Kr2W3ZeAJyiMAAAAAgA&S=AQAAAozRdzEUaKVTuLOWOWWmqcQ
.yahoo.com/	1969-12-31 23:59:59	Name: A1S Value: d=AQABBBhHrmUCEMY5qZB74Rl6UFtBoM7iaVEFEgABAf-Kr2W3ZeAJyiMAAAAAgA&S=AQAAAozRdzEUaKVTuLOWOWWmqcQ
.yahoo.com/	1970-01-21 03:13:36	Name: __gads Value: ID=7c6e0b5b3bda658b:T=1705920280:RT=1705920280:S=ALNI_MZyfl0TmjUgQ7bIb54ecAi9-5F8Zw
.yahoo.com/	1970-01-21 03:13:36	Name: __gpi Value: UID=00000d4776f71bbf:T=1705920280:RT=1705920280:S=ALNI_MZnUuHUTjuJhDRYC2c1NRpb2pI7Jg
.hb.yahoo.net/	1970-01-20 22:11:12	Name: visitor-id Value: 3489218801491651000V10
.doubleclick.net/	1970-01-21 03:13:36	Name: IDE Value: AHWqTUnCNsIKalT7maW0qHp6HOzHO_nLmQZOV6WkRT90mPGEoAuY6hykI25R7nrw
.casalemedia.com/	1970-01-21 02:37:36	Name: CMID Value: Za5HGbBBxHeV4Eq3O6EtgQAA
.casalemedia.com/	1970-01-20 20:01:36	Name: CMPS Value: 1200
.casalemedia.com/	1970-01-20 20:01:36	Name: CMPRO Value: 1200
.doubleclick.net/	1970-01-20 22:11:12	Name: APC Value: AfxxVi5irdjhPZZvpM0oVrU5D2aSzGfBj-oZ0gWapD0JBmanOnxpqg
.doubleclick.net/	1970-01-20 18:35:12	Name: ar_debug Value: 1
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsWT1 Value: 2%3De1K2.1RrRNg.b25laWRSeGt0Z2ZRZnI3RXhha0hqdER1UXQ3enphOVN6VDVSSEJWNnFvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsXR2 Value: 2%3De1JZ.1RrRNg.b25laWQyYjlGNmZxZlJkWFZUVkg2dFp1OHRBRUVDeFM3VFFSYzU3NFBvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsWx1 Value: 2%3De1K2.1RrRNg.b25laWRReFp0NGZqZkI3eFZ0eEg4dGJ1OUNwMzNjNlM0VDZlRkVLZ0dvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsXj2 Value: 2%3De1JZ.1RrRNg.b25laWQ0cjRmRWY1ZlhWYjdoR0h4dHh1ekNEV1d0YlNwVHpnVTNSTTVvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsYd2 Value: 2%3De1JZ.1RrRNg.b25laWQ0cjRmRWY1ZlhWYjdoR0h4dHh1ekNEV1d0YlNwVHpnVTNSTTVvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsYr1 Value: 2%3De1K2.1RrRNg
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsZj2 Value: 2%3De1JZ.1RrRNg.b25laWQyYjlGNmZxZlJkWFZUVkg2dFp1OHRBRUVDeFM3VFFSYzU3NFBvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:19:50	Name: v_30cWLsYI1 Value: 2%3De1K2.1RrRNg
.freenet-mobilfunk.de/	1970-01-20 18:02:05	Name: VPCommission Value: 41100000
.freenet-mobilfunk.de/	1970-01-20 18:02:05	Name: subvpid Value: 97683241
.freenet-mobilfunk.de/	1970-01-20 18:02:05	Name: eventid Value: OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.
.freenet-mobilfunk.de/	1970-01-20 17:52:02	Name: __cf_bm Value: PloDEJ9okfgS4f96LYpWd4Xs.VUk7e5f.Rqph4C1gIo-1705920282-1-AcSQhBB1y695VPMRrpYup0vndZc9sqdzqNX4ZR+6ZaQjMq5o0chCBW/aDfvQAMT2vC1vxqV/g2P0oC6QTCzyWHQ=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: dzy5rYv9npvUIO611KDPmsKEz6.JDG3_nf5Sjj2M1UE-1705920282825-0-604800000
.3lift.com/	1970-01-20 20:01:36	Name: tluid Value: 875186877445944675096
.1rx.io/	1970-01-21 02:37:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9a9cf15b-a6aa-445f-bb0a-da659727f7f3-003%22%7D
.adnxs.com/	1970-01-20 20:01:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il]hHSq2!]tbPl1M>e)ZlrFUfJ+tGXxo<[6=(s8irPwQIy9J<8[5hX[@CmQ<7p`WWUs*bpRzqF1`b`ty7zWj
.openx.net/	1970-01-21 02:37:36	Name: i Value: 0c9b7986-4002-48f8-99b5-4cc772199ab6\|1705920304
.targeting.unrulymedia.com/	1970-01-21 02:37:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9a9cf15b-a6aa-445f-bb0a-da659727f7f3-003%22%7D
.everesttech.net/	1970-01-21 02:37:36	Name: everest_g_v2 Value: g_surferid~Za5HMAAQXAWWjwBd
.yandex.ru/	1970-01-21 03:28:00	Name: yuidss Value: 7427759581705920304
.yandex.ru/	1970-01-21 03:28:00	Name: yandexuid Value: 7427759581705920304
.adnxs.com/	1970-01-20 20:01:36	Name: uuid2 Value: 6563844284340356584
.adnxs.com/	1970-01-21 03:28:00	Name: XANDR_PANID Value: FhujrTAyanPaTfvoyDI0G4rD1NMBWX_q_GumXPgv8dtFBVVl_61j1QZQ-ag-ZvMWSQl7iipw9lLwFxJJjonCj2cQbJuHgzDeU-2CQoJo7rI.
.adsby.bidtheatre.com/	1970-01-20 18:02:05	Name: __kuid Value: 99b0340a-b9c9-4481-a2f4-564092c7745a.475134304
pixel.rubiconproject.com/	1970-01-20 20:01:36	Name: receive-cookie-deprecation Value: 1
.lijit.com/	1970-01-21 02:37:36	Name: ljt_reader Value: ICJFrGZHQTL1knQ8TWOVFTGa
.yieldmo.com/	1970-01-21 02:37:36	Name: yieldmo_id Value: VESzAiittUiIEuWC2Gaw%7C1705881600000%7C0
.tribalfusion.com/	1970-01-20 20:01:36	Name: ANON_ID Value: anntmIoZdUQdR2Hp9uswmymPQV9c5qZarCQ1bLTtW1UN5EiBJtogWVjbXNU28NSAtvRLdthTy8FGyZaOE46MFC7Ky4P

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	Message: The script has an unsupported MIME type ('text/html').
network	error	URL: https://www.yahoo.com/px.gif?ch=2&rn=6.981170319237795 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://yahoo.com/? Message: Refused to execute script from 'https://yahoo.com/__rapid-worker-1.2.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=WeatherPreviewRefresh&lang=en-US&m_id=react-wafer-weather&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=weather&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://www.yahoo.com/px.gif?ch=1&rn=6.981170319237795 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=ScoresRefresh&lang=en-US&m_id=react-wafer-scores&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=scores&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=HoroscopeGridRefresh&lang=en-US&m_id=react-wafer-horoscope&m_mode=json&region=US&rid=fs9nySqH&site=fp&apptype=default&instance_id=horoscope&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fs9nySqH Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fs9nySqH Message: Failed to load resource: the server responded with a status of 999 ()
security	error	URL: https://yahoo.com/? Message: Refused to execute script from 'https://yahoo.com/__rapid-worker-1.2.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.yahoo.com/_td_api/beacon/performance?ybar-sticky_0=0.3999999761581421&ybar-init_0=0.19999992847442627&ybar-mod-sidenav_0=15.700000047683716&ybar-mod-logo_0=0.2999999523162842&ybar-mod-searchbox_0=3.8000000715255737&ybar-mod-assistjs_0=5&ybar-mod-adaptivenav_0=0.3999999761581421&ybar-account-init_0=27.700000047683716&ybar-mail-init_0=1.2000000476837158&ybar-mod-navigation_0=4.399999976158142&ybar-mod-notification_0=0.3999999761581421&src=ybar&_rdn=281549&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=homepage Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.yahoo.com/_td_api/beacon/performance?ybar-sticky_0=0.3999999761581421&ybar-init_0=0.19999992847442627&ybar-mod-sidenav_0=15.700000047683716&ybar-mod-logo_0=0.2999999523162842&ybar-mod-searchbox_0=3.8000000715255737&ybar-mod-assistjs_0=5&ybar-mod-adaptivenav_0=0.3999999761581421&ybar-account-init_0=27.700000047683716&ybar-mail-init_0=1.2000000476837158&ybar-mod-navigation_0=4.399999976158142&ybar-mod-notification_0=0.3999999761581421&src=ybar&_rdn=281550&apptype=default&rid=fs9nySqH&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=homepage Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
rendering	warning	URL: https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2(Line 9) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2(Line 9) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://ndirect.ppro.de/pvtr?v=30cWLsYQ2&vid=OVZzOTg5R1IraTdFZzZENHRaczhXbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2(Line 9) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3457dc8d2d6585a7392d7ae8eb56da43.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.yieldmo.com
an.yandex.ru
ap.lijit.com
as.ad4m.at
bats.video.yahoo.com
bcbolt446c5271-a.akamaihd.net
cadmus.script.ac
cdn.ampproject.org
cm.g.doubleclick.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
edge-auth.api.brightcove.com
edge-mcdn.secure.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
fsbcn.fp.yahoo.com
fw.adsafeprotected.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
guce.yahoo.com
hb.yahoo.net
i.clean.gg
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
lg1.hb.yahoo.net
manifest.prod.boltdns.net
match.adsby.bidtheatre.com
metrics.brightcove.com
ndirect.ppro.de
noa.yahoo.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
players.brightcove.net
pvx.freenet-mobilfunk.de
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tb.video.yahoo.com
tpc.googlesyndication.com
udc.yahoo.com
us-u.openx.net
video-api.yql.yahoo.com
www.google.com
www.googletagservices.com
www.yahoo.com
www1-notifbestads.azurewebsites.net
yahoo.com
pagead2.googlesyndication.com
104.124.11.16
13.248.245.213
134.122.57.34
142.250.186.166
151.101.130.49
152.199.23.180
172.217.16.194
172.64.151.101
174.137.133.49
185.64.190.78
185.89.210.90
194.97.41.228
2.19.106.142
2001:4998:24:120d::1:1
216.52.2.16
23.48.23.12
2600:1f13:800:7781:c25c:80b2:2625:60ad
2600:9000:223f:2c00:8:48e:53c0:93a1
2600:9000:25e8:7600:1b:5138:8a40:93a1
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:9b32
2606:4700::6812:1691
2606:4700::6812:18ad
2a00:1288:110:c204::b000
2a00:1288:80:807::2
2a00:1450:4001:800::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a02:26f0:480:f::213:7ecc
2a02:6b8::90
2a04:4e42:400::539
3.160.188.68
34.252.254.34
34.95.69.49
34.98.64.218
35.186.253.211
35.244.232.184
40.71.11.169
46.228.174.117
52.214.230.121
52.30.200.188
54.76.92.15
69.173.144.138
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0291e42c6c243b4177e0331b6e3692a8e03e29a39852790ce81604a998872c68
0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09eba46ad0bad3ab012904e73a490a10b25510fef3ced986f87581a2d18d07a0
0a6370ef5a28dcf1e56238f380baac9940b231c5f1650a46709942cd60cf665d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
106ba8dbd80fdec7e329a7073bd855f0b1cd91a78cff8f184bb635ddb99ef1b0
11a42828637bc11c2d02278318bce6f5ef1ba0292a8d480121f648443ec65cb6
120fd2257e5479a0c306d535a7bcfccec53614e55123770abce688551d6c27c6
1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c
1573d8df10cd4440d5d782afc380eaea4f4c369d23d945a603116b403ac65a68
15785ddd0b395428377bf449d16b3e1b02e9c8db7c574dbd7eb6e94ad2c0c654
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451
1ae0492d9fbac257db08c85f493a6f37f7a1b432315b2850e8682e41fe3fd833
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1fdd95500f26d092502b38b1191f9db0a4f5a1df4eb90a84a9aaf469608b6fc4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21dfea8ce511b531beb51047990f255a04c260abd9cf34f38084cc97601f1f23
2436fa31b895585317eafece5829744711419765a05ee7ed07a2fe79bd52deb7
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2964a5a8e918295b28e02bac3e18ca50cc14d9f88a99d9bef428fc730a12eebe
29c10793fc1cd420fa267039deea09a9f6fe4ebbd05999e01b768ac24ebd4201
2a9ec51da93abd8d56eb8425690401c3442f6def54547704d835b61c74c9a9b0
2ca181f5f8781eaca01c4e8a41d1334700378302662f1bd7fe31ef9ee4c1bfde
2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6ce4ff81e8cda136e37ffc705757cf6b2273deba1df208cc443877429c4b5e
2ed569fb126c32012a8da2f6b11637ecb274f40ab1dc42e42c23ddba6605fbdd
2fdab4185fc60a5ab82cb4789cdde99749b279af459e4851f50a0a48537223a7
30f92c1a2989bd6094ccd72a2c40f1468440bef1a56abf8152e9e9bc901f7c97
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3391f7d62f99d6e6a76071ae7c60f93fa463a0f0b75ce5e6bc9485d041ffe893
33d8bfda78c83de19751ec84e1d7f40dc5d7c81e7fb822069f811a9030d2d459
3475e4684f17b66b538a727fcc9a92a40eaa4b23a314aed8093752dce944a41c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eeae28af31fe42af6c3c03695665d8b0415a3d9f460c40c06bfa01d2c9ff60
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3917ca224353d369d6dc3800c8f09e9969dca85890e2081fd453db17f58a2600
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3eca78268e2e7932747623f53742dbf421f57105e5e4071136484a43fd843495
3f085032bfe9d6e8f7ddf6abc608017f49b1890b1ac279bc986e5f5cc8e3c16f
407939ae02e3e976ca5f753751636c6de4c31c31e72709ce5f8c84ab96bc8b6c
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
441bc6cd512e8d78b539f5403e954148a63f112a77ee1b6d91f2395c433531a6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
496eaa5a206da3bb35e031cd617ece260c6f0376f03547f3b91b778fef50b471
4a49828993f5623cb08e4fdac5b714c4f7edfabee23f4af4a5256817c6bc891f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be3a41686c1d3d032842fbaefd3c4135aff5f9a74bf2a6f1368b9e73cb79bed
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6b78c4c93afe932e7a84fb3e432a172082f726c4e4745e3d5c37fd7e651f1c
4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8
4fa81a2babd7ac6c723e36071474fdd0f043616d012053410a6afaec2d96513b
516c60cb2912b8a0e062f8994c1212fc423c4365d2e7fea88968de6a99a2c9ba
51be41dcacd2c74eb5fdaf6bfe36fda4d0da1ef54887999da828de730bfe3152
52cc5b5f2355383e734c7758fe4baf1818edc823f35388a84e640d6630b47d98
543abf25cf873829e6035fe50d2c251fc1f33e550cb0e85fc51a1fb19bf28235
543e396355bd9ffb58790c882b01f528f1e91f38da6232acccc97bca25301942
5448674d9c501af62f8516de42d5efff4b6f25b02f7e081c924dc290efdc7d39
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
5dd56e4378b56656cadc4827e98e63c32c793448c35b59274e2d7b5285b6b6fc
5df38664779ae737ba7e379597410ae785f40b41914f8e912b48e76259b88935
5ec914f3ecabd8480fed9df3ea1b4a3b4c06b9cab1a86c9dc0e82e5b1d3e1d61
5ede398508ea7a14b531f06a6008161a409334992c14a445d6c2e7cca56d7a95
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fc083ec610063ee88c6d62210c36d8466c6db80ac3a958552f23cbdf0013a95
60601e6aaecddd3a0b7ff82b5254e17e69558f191ca400133226c0aa54949eff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e67256353332b24a2074d8816abd4362594a04aa07cfebfc346a190bc710d
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63395fcd2e313a72dc41f59fb6d46597cb70d3b976d578d2a119e04c3c1ac9de
63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6
671672d5fb51ada783e99b16b5b961f30ca3bd1b7e4d0ec1723c7a680b0d6394
69696bf9e928c2d133ad9611dc60476505737b3a6bd0f62a74608b8722398be8
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf1b81c3036be7f654008a75648efb68bfda81d352ab5eb969fe63417aea931
7110b619f37f5678fd7a774c677194af6bdbf3f1ce2032fc44bd03f81d0a3e9b
755c6cd5b0f614ffa0906ca3ab469adb6e9f036c9a7e6e5d1471c2c943ca64eb
75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82
757ae6fd9eb2ff6a9857e0bc52743605b7d8e86f2db36c4a498a9350f7bf7553
7593240bc1e57ebc09a1a550d91c67481784b8de8e9208ba96a6b38a0251a675
769256fd793fc46dea18a695a94b7cc860cc9165aafc6d9934bbab706c84b42f
77565c59aefd057fa2240a1ac53ff90dc658b13be8dff4de164678e36a24e12d
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79d954b80c39513a18ee1e0143d931ba9222b4c4794438f7bad23f9e0380cdc8
79de39502b10f052460efec133b798596c4ea73661805e0baa3f3f6fe7ee480e
7c5bf1c17637f87d3c94a2fd2d57e9e5903cefb4fc696fcd2cf4bb0087754b76
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941
858c292e1a134a58869f931ba4a0c61e64a65543e3cecb43e114c8aa73e287b6
86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa
892e2f5e07fef6de0428e4dcb284201b3d110c0a6f2d8ef899cd2cd2c61eb546
8af0ac43a64e3a17ff589a8e342504e12ff2994cafd1d2ddac84b09c04daa551
8c1300ed308c63c73261b96a4ca4bfdd3cc5f8d641f8ea8a33ff7db149d363c6
8dcc19dfffaa89f538179885b29a4db1c3669f41fc93eade43b7ab86fc6e4457
8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91d566017ef722918df9e6880b1bdf9d9ad0184f700963eb20bef680ba2f1d28
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
97f41e2f2f46abb252d6e95ae4cc126171037ece31730ba1458f28c55493d007
98fd6e164d4f71ec57f27b4b279564746fb9a779988d2cc4b05df0bcf456cdef
995f9c28e236239b454ed5544e1c188fdabe8c49633e7e4d1e6caea418263c0d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a7394871abbfc5eaf0a8d34dbd3db6eb06ab1595ca124d31f640a6e9c77a90d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca89731319743aabedc04e5fd134edb79ef0b3e761587958acbd9ba21d0093b
9ceb098ae2eaf5dccbe54f9430862aaf79f1af15c70ba0f10023c987b496e6ab
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef
a07f1a26adf7b9f9acbff7921d52a7d0bbb9674ac8f0090bae8f69bce6e488e3
a0fd68a946ed7e1a073576a4ab96d54a1d22412bb6519de98662cff29c51b864
a11ea647f95a0f0afed52714b759929c5c8cbfd789a4f1b6b55d7d75a46433e3
a50cd765dc960512d033632139cd57336ac7e8db767ff7eec30c5355c75dc68e
a5de9120ae224e4c0c10a9965e846aa4d925f76e9b70381a8ab34f0f1710d9e1
a5e68e1b81582cb7dbec2e4dc5b933929879cca255ba72a9db8eb80a0a62b49e
a69d91374206b6fc983baf901b64224550fa1356a60e07908d7bde71bb3f44f6
a81d08cddd8d107e0cf6d67556558c6628064ab86ba8313cc8ed3ce76b4730db
acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1
ae85d071924864ae9c5a0f62be8d5ffb34daf9f2eae7cbac1b91c925de2d3edd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
b1b69126902be4d29d6506312471c95a2ce1a7fe10d409b5b90ac913e6e1d73a
b3395510d2bef53e87b963da4321117796e85faefd7edc25b9eecbe203248177
b35df2b295e371a9fc88394d49996e312ee65ad82cb23e5f7017b98e6487d442
b39773b31bd6055e7913146773b90be87f11b993b51f86ad5c408df4d79d1ed4
b3a8db814c4be401fd18eb319d45ff278e7afebc45fcf911ad4663c0d63391db
b3f5f787daf156fa19c2916470f4ea8bdbf9e5828b3990c33c04810fa74ed084
b52d60c852a03a8688acabeb000c5a3b57ff32e7b69ea61a7c884505889dde50
b8393bfbed51a060bea18b4d709e5b514b523f73f1cef6112ecface402558d11
baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b
be6b2025e99620fec98afa6dea4dc05421edcc5c2449827f249cdc3165dc4aac
c059ebe472c40fcd89c22a6fef7150c87eb2458472a9c0e2a6a93982d038af58
c39400d6201db1ef7295390b7a961c9d374e06c1733ea506ace06dacab2bbedb
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c6d2343a147111e4f3881e468facc72da4582c6aaeff475d3371df3fa2576bee
c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98
c8031f99bb857e70c4c3af89be5c1c9b3002a0c91a64f01ead491f8dbbddd885
c8de53891633ecc5cb4cb6615e90af1358e813aded05d534a5e6060476df3a2a
c976bb619f60bfe8ac8bba9ccb5b3e040315feedfaacf9b85774f0986040bf9d
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
ca9998a600267dc2431abc077f8cf7a5476a46ee1e82d0c6f12bb17e512c3fe8
cbeee7da6cc21d0d3394c55fab07c9005d10405a505117cb41c2a1b013773b97
cd3e5e150552654ace3650b3c4954ee38485a7ffa6914e2f5a2914675f7a7bd9
cd76916c20ddadb008254acd4f3fd599c4056f2c6e054f1d03519837e71db568
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15a506ca5dd31b0e4e667976095b58cc250e0db6dbb6607d6e5f2f64cf0f830
d2b1cbcd9d354af86e2881031abe0a44ce211a4748b2fe4059e0d4d0d51e4515
d5526a7dde539cc05ae816dcbe83d626610c6ea45b276eb1c931fe12b239ab41
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3
db16cf0044e601542e9d9403bce5b24d26c9b04332ff517f53a968153f42b8f6
dbedf99d632997c7330c51ce00c984f96174d701e30cd398b23158addf7d5923
dc6e9d480983c7daa49524adc6f322039ef454b5731666ebc829fbbc8a95c11a
e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e
e1897197c32be441c5c75426c1df80241eafceb7b8a3027cd40a148a809870ff
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec7797cac9e9d1a316b0177c7341eaa29684ea48cde19350ec982ea53aea816c
ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9
ee6ac88fcdda8e39410e1e291495b9f5adeb2ec3e95069fb4d50964093de53a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f11f3d26d18792701bcf5341abdf3cc69c88bcd6da7a9bd7baf0e502c28b3873
f271bf73d0eefe04f56cb6390e07d7d2a4794787283d65221397b258cef040df
f2c2013a67c8dd205e93ef40cf60da7b3bb48a075e7b649fde2b2f646b15896f
f55ef6320574380ba5588de69dfbbc4eb5048ffd4e6bb4e043d8412f29da628e
f59452bba989e5a78e9492ae296cbf910745529c3294b49a58efa4ec7eba8d45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7b7249d7720da6c2e659b427739a6a811e7d2f0bed3346a387143958d6dc4fc
f84e5dba8fa6779eb41140d680175b70e89aa2a00717a3c8a6283620c298ac0b
fad7bd7eb6b6c1f80542792c33345d9150bda10753c58ee942e113a222dbe403
faf50015de5b96281dcbf145fdf58222efc35c962759a3e915f4e95f510d7b78
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
fcb98948b3850846c4c9c6d887124a7ee7f1357d9cbba566eb79b8f66407c8b1
fd9675d041aa9e86d2435708a030c1d0d96e1074b5d7b584a82684348b2ad592
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

yahoo.com Open in urlscan Pro 2001:4998:24:120d::1:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

397 Requests

92 %HTTPS

48 %IPv6

39 Domains

64 Subdomains

45 IPs

6 Countries

7835 kBTransfer

18306 kBSize

43 Cookies

295 Outgoing links

Page URL History

Redirected requests

397 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yahoo.com Open in urlscan Pro
2001:4998:24:120d::1:1 Public Scan

Screenshot
Live screenshot

Full Image

397
Requests

92 %
HTTPS

48 %
IPv6

39
Domains

64
Subdomains

45
IPs

6
Countries

7835 kB
Transfer

18306 kB
Size

43
Cookies

397 HTTP transactions
8 data transactions