www.mensxp.com Open in urlscan Pro
2a02:26f0:6c00:281::216f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Submission: On December 07 via api (December 7th 2021, 12:33:43 pm UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 76 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 47 domains to perform 330 HTTP transactions. The main IP is 2a02:26f0:6c00:281::216f, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mensxp.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 3rd 2021. Valid for: a year.

This is the only time www.mensxp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2a02:26f0:6c0... 2a02:26f0:6c00:281::216f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.225.87.102 13.225.87.102	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
61	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2a5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:199::3621	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1ab::216f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	103.238.100.148 103.238.100.148	55705 (INDIATIME...) (INDIATIMES-IN I World Tower)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb3a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10 11	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 3	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
3 4	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1 1	18.210.218.247 18.210.218.247	14618 (AMAZON-AES) (AMAZON-AES)
1	63.35.205.32 63.35.205.32	16509 (AMAZON-02) (AMAZON-02)
1 5	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:417	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
3 31	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	213.254.244.25 213.254.244.25	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
9	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	188.65.124.38 188.65.124.38	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.77.169.115 54.77.169.115	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.17.206 18.194.17.206	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
330	65

30 2a02:26f0:6c00:281::216f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.mensxp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:bb20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ase.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-102.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a02:26f0:6c00:28a::2a5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.mensxp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00::210:bb69 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

frontend-api-navik.mensxp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:199::3621 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jssocdn.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1ab::216f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

geoapi.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.238.100.148 (New York, United States)

ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN)
PTR: a103-238-100-148.deploy.static.akamaitechnologies.com

comment.mensxp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:bb3a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jsso.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:bb43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

shopapi.mensxp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

timesinternet-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.239 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.218.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-218-247.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.205.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-205-32.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.165 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6812:d05 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.25 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.65.124.38 (L'Haÿ-les-Roses, France) 1 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: icscale-01-pub-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.169.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-169-115.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.17.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-17-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	mensxp.com www.mensxp.com img.mensxp.com frontend-api-navik.mensxp.com comment.mensxp.com shopapi.mensxp.com	881 KB
31	tribalfusion.com 3 redirects s.tribalfusion.com cdnx.tribalfusion.com a.tribalfusion.com	23 KB
26	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	964 KB
26	doubleclick.net 11 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net 5994599.fls.doubleclick.net	189 KB
21	googlesyndication.com pagead2.googlesyndication.com 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com tpc.googlesyndication.com	111 KB
14	google.com www.google.com apis.google.com accounts.google.com adservice.google.com	220 KB
14	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com t.pubmatic.com simage4.pubmatic.com	114 KB
12	casalemedia.com 4 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	12 KB
9	cloudflareinsights.com static.cloudflareinsights.com	46 KB
8	ytimg.com i.ytimg.com	424 KB
7	youtube.com www.youtube.com	127 KB
6	gstatic.com ssl.gstatic.com	6 KB
6	facebook.com www.facebook.com	951 B
5	doubleverify.com cdn.doubleverify.com rtb0.doubleverify.com tps20519.doubleverify.com	23 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	11 KB
5	indiatimes.com jssocdn.indiatimes.com geoapi.indiatimes.com jsso.indiatimes.com	9 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	criteo.com dis.criteo.com rtb.nl.eu.criteo.com ads.eu.criteo.com cat.nl.eu.criteo.com	53 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	simpli.fi 1 redirects um.simpli.fi	1 KB
3	openx.net timesinternet-d.openx.net u.openx.net us-u.openx.net	602 B
3	facebook.net connect.facebook.net	200 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	clmbtech.com ade.clmbtech.com static.clmbtech.com ase.clmbtech.com	5 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	882 B
2	advertising.com 2 redirects pixel.advertising.com	695 B
2	dmxleo.com 1 redirects public-prod-dspcookiematching.dmxleo.com	472 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	quantserve.com 2 redirects pixel.quantserve.com	953 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	indexww.com js-sec.indexww.com	2 KB
2	google.de www.google.de adservice.google.de	1 KB
1	krxd.net beacon.krxd.net	338 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects tags.bluekai.com	677 B
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	contentspread.net cdn.contentspread.net	49 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	exponential.com tags.expo9.exponential.com	14 KB
1	demdex.net dpm.demdex.net
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	382 B
1	mathtag.com 1 redirects sync.mathtag.com	725 B
1	googletagmanager.com www.googletagmanager.com	37 KB
330	47

	Domain	Requested by
61	img.mensxp.com	www.mensxp.com
30	www.mensxp.com	www.mensxp.com
20	s.tribalfusion.com	tags.expo9.exponential.com www.mensxp.com static.cloudflareinsights.com
16	frontend-api-navik.mensxp.com	www.mensxp.com
15	pix.eu.criteo.net	ads.eu.criteo.com
11	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	www.mensxp.com securepubads.g.doubleclick.net www.googletagservices.com
9	static.cloudflareinsights.com	s.tribalfusion.com
9	static.criteo.net	ads.eu.criteo.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.mensxp.com googleads.g.doubleclick.net 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.mensxp.com googleads.g.doubleclick.net 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com www.googletagservices.com
8	a.tribalfusion.com	3 redirects s.tribalfusion.com
8	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
8	i.ytimg.com	www.mensxp.com
8	apis.google.com	www.mensxp.com apis.google.com accounts.google.com www.youtube.com
7	www.youtube.com	apis.google.com www.youtube.com
6	ssl.gstatic.com	accounts.google.com
6	www.facebook.com	www.mensxp.com
5	image2.pubmatic.com	ads.pubmatic.com
4	hal90005.redintelligence.net	1 redirects 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com hal90005.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	shopapi.mensxp.com	www.mensxp.com
4	www.google-analytics.com	www.mensxp.com www.google-analytics.com
3	cdnx.tribalfusion.com	www.mensxp.com
3	www.googletagservices.com	www.mensxp.com securepubads.g.doubleclick.net 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	um.simpli.fi	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	www.mensxp.com tpc.googlesyndication.com 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
3	jsso.indiatimes.com	static.clmbtech.com jssocdn.indiatimes.com
3	connect.facebook.net	www.mensxp.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects www.mensxp.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	public-prod-dspcookiematching.dmxleo.com	1 redirects s.tribalfusion.com
2	sync.search.spotxchange.com	2 redirects
2	tps20519.doubleverify.com	cdn.doubleverify.com
2	cdn.doubleverify.com	s.tribalfusion.com cdn.doubleverify.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	5994599.fls.doubleclick.net	1 redirects www.mensxp.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	googleads.g.doubleclick.net	www.mensxp.com
2	pixel.quantserve.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	comment.mensxp.com	www.mensxp.com
2	ads.pubmatic.com	www.mensxp.com ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	us-u.openx.net	s.tribalfusion.com
1	beacon.krxd.net	s.tribalfusion.com
1	pixel.rubiconproject.com	s.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.mensxp.com
1	cdn.contentspread.net	hal90005.redintelligence.net
1	ajax.googleapis.com	hal90005.redintelligence.net
1	tags.expo9.exponential.com	securepubads.g.doubleclick.net
1	hal9000.redintelligence.net	914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	timesinternet-d.openx.net	ads.pubmatic.com
1	accounts.google.com	apis.google.com
1	www.google.de	www.mensxp.com
1	ase.clmbtech.com	static.clmbtech.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	geoapi.indiatimes.com	www.mensxp.com
1	jssocdn.indiatimes.com	www.mensxp.com
1	www.googletagmanager.com	www.mensxp.com
1	static.clmbtech.com	www.mensxp.com
1	ade.clmbtech.com	www.mensxp.com
330	85

This site contains links to these domains. Also see Links.

Domain
shop.mensxp.com
www.instagram.com
www.youtube.com
www.facebook.com
twitter.com
support-shop.mensxp.com
www.indiatimes.com
www.idiva.com
www.whatshot.in
www.cricbuzz.com
www.happytrips.com
www.businessinsider.in
www.gizmodo.in
www.lifehacker.co.in
www.gaana.com
www.in.techradar.com
whatshot.in
filmipop.com
www.femina.in
magicbricks.com
speakingtree.in
www.mxplayer.in
longwalks.onelink.me
subscribe.timesgroup.com
timesprime.com
navbharattimes.indiatimes.com
eisamay.indiatimes.com
mxsharekaro.onelink.me
mxtakatak.onelink.me

Subject Issuer	Validity	Valid
videoplayer.indiatimes.com DigiCert SHA2 Secure Server CA	`2021-08-03` - `2022-08-03`	a year	crt.sh
colombiaonline.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
data.indiatimes.com DigiCert SHA2 Secure Server CA	`2021-06-16` - `2022-06-21`	a year	crt.sh
langdev.indiatimes.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
indiatimes.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.mensxp.com DigiCert SHA2 Secure Server CA	`2021-11-10` - `2022-12-11`	a year	crt.sh
jsso.indiatimes.com Thawte RSA CA 2018	`2020-01-17` - `2022-01-16`	2 years	crt.sh
npepaper.indiatimes.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
contentspread.net R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Frame ID: A56FED67CD043AFE3440B5E5A2538508
Requests: 160 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&layout=default&count=default&origin=https%3A%2F%2Fwww.mensxp.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: 2EA5A4034401A2DBBF9792044C99E8AD
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mensxp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: 4BB2D87E92986781C01E1C8A0EE85DBD
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: D33D1917CA570DAAD4F90BFD8002D374
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A37F64EF69C63C965EE319C4BF5B7B14
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 849E41185388D96E9B5BA9C7CEDFAC25
Requests: 1 HTTP requests in this frame

Frame: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 209194C57D0511DE36C41F6A854DE694
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0AA4EDEE0634C8ED3C312909549075AB
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 964608F8972364855EB0A9DDF3848E83
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 751C5F1B1177AF08268C98805A47FB3A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE52DEEBFB88E0C47461BD0F65EAB861
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75B1F9AD6E618BA6D71A6A0F88ACE2F1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 899B2794F1DB350A4185FCD196DE45B5
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3940066813531833442
Frame ID: B6EA9AB189D2C89A39235EEF8805973E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E10EB1243414141B94068130B76A3430
Requests: 1 HTTP requests in this frame

Frame: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7675A33B9B670F3A1258DF5359FAE903
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNU116tcYgH6Jop42rU7CIiPimlAHZqqhUSrECb85s6zI09bihgTudJErmwBeX80ZixtdGUuIfi929_1DhQHaCM9eFvDCTHJjXU0mhPM1UH0DX-hTqWB8l53E_d-P13mkSn_Dp_m_VkCogIp8V90Lo_tty2MTH0WAR-mjR7eAdJpOCf1uRA
Frame ID: E321C4E341DEC4AB0F20CEB421350DBB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdNgH6WnVVLRQ3qgx6LcwwzPOr4HYr-faZpmX15jQxpmCUiKpGDCJ7pL-HottiY9XssW9F2MXgbUNxb1pKWsNyuF1FOxzTO-_7Pplfpsn2D8Sx8B6iqHHgAA7UoLgjyWrIZfgTrrQv-GwxLCyQFwt-BYMjLg&cry=1&dbm_d=AKAmf-BQIzcTkY98zTf-yzW3mnrHmWSsSck78AE-PI883CeO_fc7aCI0hatvwYh5lO4SlG6GNdyQMa-v6kczTnKWkSwrG2APdWGgf7CkKIS611xP2OHNhj-BYQkaUNIcBKVpaL2tV0s5dBY3C4l3FyHd_g9KBj9ZX5o2YlRTyb1ZgdUlHG7kkMvT8tjPOBFlw4NYqBenUhe85bkBMpzoy01DR6sBv1BGVXGBua6-ZLSVr18u6kUycFmiKG6WZxALPHEjjCvbCKoLEVDp64JKbe9JFh0M64Exsq2Ga8H8d7NBsQSie5ZDNeiULDaKBBJ3jy_5pIKXEvpF4M9bYJik4T6uTm4sY9Dfm7vPL30yVpYm25bMBmn4S2sjnZRiWb27vKiQo3jX4DlxrlGLN4_MN61xyAkyRCn--NNiw8afwPw6B3sSa22u7d1M4DKPYpNoAAuilYRDrJpf62trOD24eouRZqAF4-TNDDUtaMsBOjxtLDk_TKNcl5IcwO8Zz4Urag0hPxZtTWvmDx9jAXz70_pHJYmXICpmbt0RMCgzwVT_GrdIw8u5iKJTzQQwNkJOL_VZSPQE_GQzzZiVDUtGFeCSk0YQ5W8ZSYfi_s8c9U2nKnUTBf1QQA_8rItEZnS_vdPZ3D6mBPhzfZ1CcM_Mnirio6DdI3cvFYmpoFid42NA4kSXqeprwKFlyV_1lP0rCenebMx9Q40SIBpJPtCXR95wocKrfPRkEBlCQYorUO8D8SK63OT1pP-MYzWwXzwBB1GCKsT4ZDShYeHph5X98Hsw8eXE0eEOWzrpDCu64SLv5yG-h1iwYOEp7pNtPb5d9IpbTMixTajMI4L3FBL2qUyhRANa3ERtPMXIeLWhyURgfxDweed770WmEVZJNsovA-HncoNBe1_ht_VkYy7zTErhlWv63BMEBDQpXYZpC085VH70slpG5fQNGSwZe5cL1zei5XRFoRfuFVci7-NcszuCXHJTgw4XblB7m1GJmKVwnJeLp9WdGpR6aSd9swgsc8ch_YRXyua6RDFk9x3MzzkTFlD6IBxo-O5xge8Fi8JFobMOH-nccRNj02eHshnmHjRj7WYM00hVMNG05r984VPGAIs5D75rO9CD1t3IFONbNYfTH7-fuuCl6fai_FelCrfBuIGSImgbJqBnELz6UyGosZ1cUkYPoV1ZsR8i3Cx4IUD65koD-tJiC0fMR_OD0OyaneUDxr1nJaQhuFRB5kAxBnPS85bxLIZbzTS8CI6vmSjTV2BlGIZdNhUEt9ldq4g01UBJAsvXzGdoBMhF9pWmT8q-pbO-mRj-YKT4Tfypb9JTDfjnf3VbX0yAbCIFK2VNBQ3GV2xfxdWcFWKgcwkoz2_6IJ2mVLZRe4HoQd7yoS1z-OPh6PEj8ofs-4ClGvhMRFjSHRu7yDW_sb4rgIS6zLcypiSFIeU--wn_atPTFAnqkTX7N8LaqOUOIJDQ8_Hez3LgKZdePWxMtmh6dk4SuFmLWJxHhj2yzp9R71cQ6QSOBD6C930lbreZuK1Cl7FJrEhz2SEmTLEoJgPxM83PMZ3LtRqxhxYWkNo1c80jatk4WNJrQLTDlyXWeG5HnUGMl72YHd1uuqMH_r5YUfwiBHCquGbv7i5E-Aop85x_ItIUsagX0azVgx0oQrzk6Q0L_pbxIj3Votx-oUGswOEpZluChS9cdP7SXv3scVMOALNQ-OkWUux3-Hxqzkf4Plq8WKUArV758sK1qSdR8L_zMv9YFHMgjTvPLHCKiBS_Z0bZYt-Df65YpJKTH1JX_21Ndk4lfpNYI1ajCLoz7ymBVi48nceI6B-Ult0CaktAu6Bhb4b4QKVy5pvmfxg2UUw9Diu8SgAKsasNgW573OSr7huDQCHACE4rnMKRfibIGzvW1YGTFwIvvd1L7BaKyHpex1XEF4k4Uw6vHlZu_tfP1QkkSi2eb7SMm7sRJvqOGatoQCCT49couDUI37N_JFUYz1IINaTa9cw2K3ftSmcseifc726hdkkHyyODYNxgWR6dJS5ROrQCIHfd2doh4VWr356GOzfb9JocgVxGjE2QDdyvlwEor7LC4zz7mIOvOcGeuNzZNAyhS_3gtK8xaF5ziwffw8lMHdHsyae7v2rC4xuFeJ6-wvwZ1DuIwuBtjcR5aYbC53sdr-rU6EJ5aeekfXqAx83hYW2K9GV5DsM1bnRMATSMV7xy2PgZ8Pv2UeaJ6FO6_dQ4Hcm3W9NJet8zlTkgt9ZwbsS6uLAJUC8yxrpKZUE1Eiu9O8cdz5R-B7YcNq0EJ4DLgyXq9oc848I0aQYPU8BXr4DlMUHkkpLBuvk_EKB5UlcdZ6H8BFKmXFq-Cp4TY6h0tXzF3j3GINF7UxpB0O5ve3ydn28BCJ4ZL9c2GWE82tEtuFbF896C51H1g6WbKY9JP_WI3s74ThVR_t8pl8mY5N8dPLnKASvyng0oy05jCbu4lL9GTMEiHK66lZy8Y0QbwQbXlvF3tNXhyXulZAG-fPygCUGatYx_xNx_Z5fsoXlAF-nv270ZnINEKJ1I_Dr7W0BJeHpi-TpVdl9m0k_jB6dajyeuFnZnSLMCNpoXaJffLkA7V8TjoAT8OdglDr0jOLYAllC_7YJIgATBzYBaw3eL8sceXrCUVHP2Z0hos6ggeQX5-ffRKLksVanHTja1-Xk15zvESUfz-HUFC4bAg0WsQw_MZpyUT3Q0Mmm_ov5UeU1RCzkbeZ37yiXnQpHvBU95FTWYrcy9MSW1_UHnAccXIBhhpKceFxOq3-goC2Wso3FKsB_LwgV-aIeLp8p2yiTtgbBzEH5I2CogI_9-qdnM2NL2bi47hX2DR1xLNw0cevf4wI1u6FH6I6PjOKFCNmj6DEdSBnLFFI7OwU1GlP0cosc8U8KMwnAWA0lofFvAorlemVKaHjbKllKmqWbafFIUcyRL9VxIC2pYm48sWvp_XzJt0H5H7aN_hkd055j_bTpEu0JzibWYBMIKhA8mksxS3pqRtMJNVGWe04Lg1vpX2RDq-Nluk3Ufn07Nh9HAegol83uz0EHYAO1SYKZHFxVOM5eBi7SXBuirkdjxPffbiSVsKue2iSB3cGdKwWPa9or6QUp8FmA1AW35WMqlcV4_yEXBXIG5OeiaguDsc6inn9xwjIt6XIfmoboYhN9Ygc5h8-ACKybTP0DmCr-R5sE6ayFeRKB9jx83AudQ&cid=CAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA&rfl=2%2Chttps%253A%252F%252Fwww.mensxp.com%252F%240
Frame ID: 21F1B82DF9A6BECCA30BD4B50FFD64A6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D05536CB681C0B1DCABACC1D6A4EF872
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNFExTrsOlsmIOf9jwKfUWonW5ZZsXzQTKxr0AbHs8IPGkmKhLcCxu5ndc_I_P6INRi-LomK85gBZAd-C771q61Y9npqQCcgDGrBkPK4K-_T4t-YNCL64mK0Vy_1Gg4uDbnnRkxuYPcMRiO1X5XHj4nQpoSSq4ivDEFKRM6mvU7g0x19nhUyg1l3_hYQag7Zc6YX-IXvmkr7Lll7yM7LSgpWeJmOrDH2OSzgMtKoUpg3eRlj7c8QPO-sVrejcdmWVa6D15B6bLH4mHwgn9HcSHHzwQVlOr5jVttsPdbK58Km-2x25vevtor7qTvAHymDTdQXL3EBIW_dIYlIQarSMNcQDX37IN07qo1WB2FkP2GEYQdRPG4uPs2GSjlLYL_w&sai=AMfl-YSy7zBzBWy8_REku_Kv69mvdJczr-Kk2G10yDrQJaTf3dwsnQczXRBOEv7jXPNoN78gQkEYHfkw_Q6kDBuPZlsZdFauuUVdHKd-pFg90PZ51683Sf1j8G3GaAvJQx2B&sig=Cg0ArKJSzPdsTBIel5mtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 745A50ADCD1CA47109103CCD9A642354
Requests: 16 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33
Frame ID: 0BC752D8CF55743BBA0F770B6D895443
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5
Frame ID: 0B0BAAF748F7FAE6FCE11C798617E0B8
Requests: 5 HTTP requests in this frame

Frame: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 399AA68FD36B823C5C141DD64D638DFF
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Frame ID: 98C6390302DF8A91E476F22DC130FE98
Requests: 29 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a2mT09mdAtVWJ7XF3iXrQgXaasSUMBWbvSVdF2ob7mRUjmXTrq3EZba5a32nq7AYUU6WWrRmPvBncfuoWnB5Enk2dyM4PFKnFbGYsfU1cnXXG7nnqfW3r3UWrnFUAMTPTnRQsZbqQdbw0WvpT6Yy2VQYXrZbKUA2n26n7RmjK2HZbrXW3AnW2O36UU5cMcTcMjWs78S6JmUHnPTrbS5UZaxUqjvTTJlQbbZc5bZbvNZblL2I&mediaDataID=2713736&mediaName=frame.html
Frame ID: 8ED3D66B9CECDE7404A067D3A8FCFD60
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a3mT0936YR3sr7VsQaWcjhPPnOTdnWTrFP3rPpUa3oTTQ7PEnZbQGJCQrEtSdMaWVbV2UenmtaOXT6n2tMHSGJD56FEptamTHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxPF7MYTFr5Ebh5E7YoTBHYUFbUdMQnmYKps3pmWvJ3TZbh5teN5mvLprQKXGrXYcnV0Vbnmar23rnQWFfZbUmnWREbQScZbMQGnNWEbDyXyk26&mediaDataID=6530936&mediaName=frame.html
Frame ID: 595F0E0FA32FD615E3F6B173B9511A35
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a4mT09prMZd0GnQ1sQ0XVrupTZbS5F3QWFJZcWPj5RTU0ScUpPdbMYd7uW6YM3V33XUZbKV6am4A3ePArI2HUtXWMZdmtPn4mMU5VjeUVJ8UcJiPP3oTWYWTbJR2U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0ETw4trZdQVrG2mQHoWXnVWbbYU361Fj90qeMSUFZdUrr4WtQToFBuRUrN1EFy5bnlRWMfOgNC2N&mediaDataID=6546596&mediaName=frame.html
Frame ID: 2D93C31C7351A9FA19007510EDC40FEF
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5mT09VWJ60bnd1FJl0qAqPbFHTrMYWHnWmb3mRFFr1E3o4Ebi2qvRnTBGXUJ7UHMQoP7LnVnwod7L3TUf5tZan4PrFmbYIYsfXXVFYXGZbOpT742bUWWrZbHVm75REvQQsYNQdUy1dJtWAbu4sM0Xr3ZdTPip56M9RPBD4H3O0HBKpdEo5PBT3s77TcB9VGJ8RAYoTWJ5UUJ32bExUEMwTTJlSTBFSdrJ2GaCMwyVkY&mediaDataID=8039566&mediaName=frame.html
Frame ID: F521090438DBF36FF4F5E04AD92E8DA4
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a6mT093sr7VcQbWcFlSAJxWdMPUbjY2rauWa7oTEvaSTYLRG7KRb6vSH38VsvW4b6ootyrXaup2HjZbQVjE2mrIptTOUHjdYrfiXbYiXaApPbQZbUUn0WWQ3nFQmRUfNYTQO5EUj4qQ3nqMD1rfcUdjTm6fImsQnmtUA5T373dmq3A7GnFbJ0GQUYcnY0cZbnnEb42bJ4VbFDVAvWRqrRScZbMStUr1G3p0SvINx1pBL&mediaDataID=5436426&mediaName=frame.html
Frame ID: 27C7C8E4F96DE53C50593E52189DC060
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a7mT090GnQ1c341c7NpEjW5UZbUWrBGVAYTPTf0SsMsStZbx0dJmTmMp3sM1YrQLTPip2AF8PmjK2tFM0HYIpd6M4mZb04cQcUGJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4WYGSVbZa46JZbmdAyTdQc0b7aXbU60EAMRrUZbTbZbQVWM0nrJuRbbM1EFy3TUa4UFYyd7pMvNaw6&mediaDataID=9148826&mediaName=frame.html
Frame ID: D18FD6DD8BFD765B1CF3C4A0586C1004
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mT090bnb1UBe0aiNPUMEWUM1VWvUnrfxPFvr1Trt3TZbg5qQ0oEbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3AFJmbfHYVUVXcFT1svNpTZbP5U32VFbAUPvYQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4dnsXHQAnt2u36YY5GjdVcrcVsJgPAnoUtY3TFnR3FerVqrwTaYiSTBFQVQCPE2o4qMWyHd2VD&mediaDataID=4056396&mediaName=frame.html
Frame ID: 63D90FD5410634F9F5279F740C80F6A4
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a9mT09VcQcUcbeRmnvTdMTWrJR2UTpWaUvVEFaSEnZcQVJZaQbInPWviVVYQ5bypmHqs0a6v2trZdQcMZc46QZdmdapUH3eYrU81bY71TqoPbMDWUYSWHU1mrbqQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5qne5d6N5PvZaprMEXsfW1cnU0sJNmqZb43FY2WrMZaW6UYQEMRSV3NStUrYtvuVQBuPF3kMWoRZcb&mediaDataID=6807466&mediaName=frame.html
Frame ID: 9970DB3CC7AAB0A665BC8E124FA9E817
Requests: 4 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamT091c33XG7wmqnU3UQUTFFBUPY2Qq3QQsBsSdbNYt7sWmUx4cYUYUnZbUPmo4mZb7RmrA2H3O0tJCntEw36MV4c7fUsr7UsM6S6FMWdnSWrbP3bTqWTUmWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESsJF26YHotXsVWJhXUf91Ujh1TEtRbMZbUF3SWHFUmUbsQUjM1qUO3TUa2a7RmbYDUGJRy4bA9B&mediaDataID=6347136&mediaName=frame.html
Frame ID: 948CA9439647B760C246509E1E9D87A5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vivek Oberoi’s Strong Arguments Prove Bollywood Is Driven By Godfathers And Not Talent

Page Statistics

330
Requests

92 %
HTTPS

49 %
IPv6

47
Domains

85
Subdomains

65
IPs

9
Countries

3687 kB
Transfer

8291 kB
Size

58
Cookies

76 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.mensxp.com/trackorder?utm_source=mensxp.com
Title: Track Order

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/fashion?utm_source=mensxp.com
Title: Shop Fashion

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/fashion/accessories?utm_source=mensxp.com
Title: Accessories

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/fashion/clothing?utm_source=mensxp.com
Title: Clothing

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/fashion/footwear?utm_source=mensxp.com
Title: Footwear

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming?utm_source=mensxp.com
Title: Shop Grooming

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/shaving?utm_source=mensxp.com
Title: Shaving

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/hair-care?utm_source=mensxp.com
Title: Hair Care

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/skincare?utm_source=mensxp.com
Title: Skincare

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/body-care?utm_source=mensxp.com
Title: Body Care

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/fragrances?utm_source=mensxp.com
Title: Fragrances

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/combos?utm_source=mensxp.com
Title: Combos

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/beauty-and-grooming/beard-care?utm_source=mensxp.com
Title: Beard Care

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/wellness?utm_source=mensxp.com
Title: Shop Wellness

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/wellness/sexual-wellness?utm_source=mensxp.com
Title: Sexual Wellness

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/wellness/fitness?utm_source=mensxp.com
Title: Fitness

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/wellness/personal-safety?utm_source=mensxp.com
Title: Personal Safety

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/?utm_source=mensxp.com
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/wishlist?utm_source=mensxp.com

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/orders?utm_source=mensxp.com
Title: My Orders

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/cancellation-return?utm_source=mensxp.com
Title: Return Information

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/cart?utm_source=mensxp.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CUjj1wzsEpw/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B7-zdm0n1qG/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=as8mgET5X8M

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=KCcNm9iF-QE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=NT7Oo-TKa6k

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=GGCcvTNW738

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=3ShOBNu6PXI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=dbqzH7xulJI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XBG1Kvm0oHE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Me-lcoZkOnI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Uy839M29h-w

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ss8PZz7MkKY

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VUaU-QUEHOw

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/stay-healthy?utm_source=mensxp.com
Title: Shop Health Products

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/arm-yourself-p709096?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/anti-pollution-dust-mask-n95-p702237?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/sunshine-and-smile-p709093?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/multi-purpose-surface-disinfectant-p708799?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/veggie-and-fruits-disinfectant-p709269?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/pee-safe-intimate-wash-100-ml-p709803?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/the-essential-wellness-kit-p708089?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/samudra-handmade-ethnic-yoga-bag-p711496?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/tego-stance-reversible-mat-with-guildalign-blue-spring-green-p710170?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/muscle-asylum-f9-pre-workout-fruit-punch-p708968?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/muscle-asylum-test-plus-p708964?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://shop.mensxp.com/citrus-hand-sanitizer-p708318?utm_source=mensxp.com
Title: ADD TO CART

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mensxp

Search URL Search Domain Scan URL

URL: https://twitter.com/MensXP

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7eZNThpjgXe5H0QwBN-XsQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mensxpofficial/

Search URL Search Domain Scan URL

URL: https://support-shop.mensxp.com/support/home
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.indiatimes.com/

Search URL Search Domain Scan URL

URL: https://www.idiva.com/

Search URL Search Domain Scan URL

URL: https://www.whatshot.in/

Search URL Search Domain Scan URL

URL: http://www.cricbuzz.com/
Title: Cricbuzz

Search URL Search Domain Scan URL

URL: http://www.happytrips.com/
Title: Happy Trips

Search URL Search Domain Scan URL

URL: http://www.businessinsider.in/
Title: Business Insider

Search URL Search Domain Scan URL

URL: http://www.gizmodo.in/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: http://www.lifehacker.co.in/
Title: Lifehacker

Search URL Search Domain Scan URL

URL: http://www.gaana.com/
Title: Ganna

Search URL Search Domain Scan URL

URL: http://www.in.techradar.com/
Title: Techradar

Search URL Search Domain Scan URL

URL: http://whatshot.in/
Title: What's Hot

Search URL Search Domain Scan URL

URL: http://filmipop.com/
Title: Filmipop

Search URL Search Domain Scan URL

URL: http://www.femina.in/
Title: Femina

Search URL Search Domain Scan URL

URL: http://magicbricks.com/
Title: Property

Search URL Search Domain Scan URL

URL: http://speakingtree.in/
Title: Speaking Tree

Search URL Search Domain Scan URL

URL: https://www.mxplayer.in/
Title: MX Player

Search URL Search Domain Scan URL

URL: https://longwalks.onelink.me/OzWN/longwalksapp
Title: Longwalks App

Search URL Search Domain Scan URL

URL: https://subscribe.timesgroup.com/
Title: Order Newpaper

Search URL Search Domain Scan URL

URL: https://timesprime.com/
Title: Times Prime

Search URL Search Domain Scan URL

URL: https://navbharattimes.indiatimes.com/navbharatgold
Title: NBT Gold Podcast

Search URL Search Domain Scan URL

URL: https://eisamay.indiatimes.com/eisamaygold
Title: Samay Gold Podcast

Search URL Search Domain Scan URL

URL: https://mxsharekaro.onelink.me/xABK/8feed773
Title: MX Sharekaro App

Search URL Search Domain Scan URL

URL: https://mxtakatak.onelink.me/vQZT/c3a98cd2
Title: MX Takatak App

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sb.scorecardresearch.com/b?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&c7=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&c7=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&c9=

Request Chain 191

https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 192

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3940066813531833442

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjc2MjRENTctQjBCQi00RDc0LUE2NEItQzVGNzZGQTFERkJE&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjc2MjRENTctQjBCQi00RDc0LUE2NEItQzVGNzZGQTFERkJE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFhaKi7duQPbyIhKIikaiLE&google_cver=1

Request Chain 197

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:872761af-54a1-4c00-b59d-b5aec770a28e&gdpr=0&gdpr_consent=

Request Chain 198

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c5d32968-8ba7-41b2-b7cc-a37223244681

Request Chain 199

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=881386468935151845

Request Chain 200

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5563382784128976257&gdpr=0&gdpr_consent=

Request Chain 201

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU

Request Chain 211

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&dcc=t

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECVRSymjePsBDEYUY4xZ31s&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ya9UoTTk.JIWfJTKJioSMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&gdpr=1&google_hm=2

Request Chain 215

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f9832eba-ced6-47a0-a572-91c238837755&expiration=1670416417

Request Chain 216

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 218

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=h2qzY4RvszScbuYxhmP_ZIZv4mCcY7BhgWub0eAp

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya9UoTTk.JIWfJTKJioSMQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&google_hm=2

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHj3emySL-aOjxz6uuAx3oE&google_cver=1

Request Chain 223

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzM4Mjc4NDEyODk3NjI1Nw%3D%3D

Request Chain 230

https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D&documentReferer=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.mensxp.com&random=5848265873774&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D&documentReferer=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.mensxp.com&random=5848265873774&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 235

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33

Request Chain 303

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662300927415963&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662300927415963&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=e7752ac3-5759-11ec-811a-141922060206 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=e7752a74-5759-11ec-811a-141922060206

Request Chain 307

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662300927415963&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=Ya9UoTTk.JIWfJTKJioSMQAA

Request Chain 309

https://tags.bluekai.com/site/4229?id=18072662300927415963&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 310

https://a.tribalfusion.com/i.match?p=b24&u=18072662300927415963&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662300927415963 HTTP 307
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662300927415963&cookieRequired=true

Request Chain 311

https://a.tribalfusion.com/i.match?p=b10&u=18072662300927415963&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662300927415963&expires=180

Request Chain 312

https://a.tribalfusion.com/i.match?p=b22&u=18072662300927415963&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662300927415963

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662300927415963 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDCRnXGVVC_za8d7gY4KQtw&google_cver=1&google_ula=2786954,0

Request Chain 315

https://pixel.advertising.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&apid=UPe7728273-5759-11ec-91b4-069b4222f4ee HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&apid=UPe7728273-5759-11ec-91b4-069b4222f4ee&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=UPe7728273-5759-11ec-91b4-069b4222f4ee

330 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html Show response
www.mensxp.com/entertainment/celebrities/ 755 KB
132 KB 106ms
33ms Document
text/html 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f45129e3da2b59d6067a5d193e132387e2da7011f54ad1ab8a5fbea0a8ab1bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Bhoot
content-type: text/html; charset=utf-8
content-encoding: gzip
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 134659
cache-control: max-age=181
expires: Tue, 07 Dec 2021 12:36:35 GMT
date: Tue, 07 Dec 2021 12:33:34 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 desktop-description.eda325353d82596606fb.chunk.js Show response
www.mensxp.com/dist/ 25 KB
7 KB 42ms
40ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-description.eda325353d82596606fb.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c27812f599016a5de7b7c29d7dce22956159bcf3f8c67e98a42be6ae254e5a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 6649
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097315
access-control-allow-credentials: false
etag: W/"636c-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:10 GMT

GET
H2 200 components-desktop-Article.447ee4707b693a602493.chunk.css
www.mensxp.com/dist/ 59 KB
11 KB 66ms
62ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/components-desktop-Article.447ee4707b693a602493.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

033bc8316bd05070fbc5d73612e743cfd69ba39d3e49f7840b4256dc193afe70

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 10913
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097356
access-control-allow-credentials: false
etag: W/"ecf5-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:51 GMT

GET
H2 200 desktop-wrapper.18706943aa174d725939.chunk.css
www.mensxp.com/dist/ 38 KB
8 KB 73ms
70ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-wrapper.18706943aa174d725939.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c07ac3ee1885070d928d3cd5ebec60a7cea001a3062e2ab0d4268c9465dcd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 7256
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097276
access-control-allow-credentials: false
etag: W/"98fb-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:31 GMT

GET
H2 200 desktop-widgets.f62caf03a4aff31cac11.chunk.css
www.mensxp.com/dist/ 39 KB
8 KB 78ms
75ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-widgets.f62caf03a4aff31cac11.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

dfc988ef34305abe67329eb84cb49ad709ba6a51f0d885dc041dae88483b158c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 7399
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097240
access-control-allow-credentials: false
etag: W/"9c37-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:40:55 GMT

GET
H2 200 desktop-amptrail.c3fa767ab03d557eac09.chunk.css
www.mensxp.com/dist/ 18 KB
5 KB 86ms
83ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-amptrail.c3fa767ab03d557eac09.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fd61f36aeea065261f037c48b74e8d99665f0a7e30f2dcbdf7d312677143e783

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 4236
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097297
access-control-allow-credentials: false
etag: W/"4770-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:52 GMT

GET
H2 200 desktop-shopwidgets.f823a836c4332811700a.chunk.css
www.mensxp.com/dist/ 24 KB
4 KB 87ms
84ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-shopwidgets.f823a836c4332811700a.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

254821f8ff38689c8aa12e9b617dddc1b2d552ae8839987ccbdb996b08c902dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3607
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097307
access-control-allow-credentials: false
etag: W/"60c8-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:02 GMT

GET
H2 200 main.0e5234403f4408e8fce1.chunk.js Show response
www.mensxp.com/dist/ 606 KB
141 KB 92ms
89ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ba0e9ab198a5f79676737b45a9d6e37c12bf13ea34bc2948ed348f4153208513

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 143323
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097361
access-control-allow-credentials: false
etag: W/"97839-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:56 GMT

GET
H2 200 desktop-wrapper.18706943aa174d725939.chunk.js Show response
www.mensxp.com/dist/ 88 KB
22 KB 105ms
102ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-wrapper.18706943aa174d725939.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b7443483c04ff53331f6e11776d0b9fe266c36d4bed603d193109df964491c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 22325
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097304
access-control-allow-credentials: false
etag: W/"16162-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:59 GMT

GET
H2 200 vendor.270e3a6b7aca9610a124.chunk.js Show response
www.mensxp.com/dist/ 321 KB
95 KB 106ms
103ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/vendor.270e3a6b7aca9610a124.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

919517948df0d25d5b2c2c8026f15312feb2b665c5cd5f2ce3e53f3aebc87d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 96479
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097342
access-control-allow-credentials: false
etag: W/"502c4-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:37 GMT

GET
H2 200 desktop-article-news.e1e123fb29a713b0ffe0.chunk.js Show response
www.mensxp.com/dist/ 1 KB
1 KB 110ms
107ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-article-news.e1e123fb29a713b0ffe0.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

716bca2035b9b06b16e76d050f079027510cdac4aea76df756637b5785cca97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 588
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097338
access-control-allow-credentials: false
etag: W/"486-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:42:33 GMT

GET
H2 200 Article.7fe417c40d1ca4ea28e0.chunk.js Show response
www.mensxp.com/dist/ 51 KB
11 KB 110ms
108ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/Article.7fe417c40d1ca4ea28e0.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9c6572a65cf6ee6acb87a380114b93aa3c8b5f20869d01460f2eaf39080ecbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 10795
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097297
access-control-allow-credentials: false
etag: W/"cbf2-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:52 GMT

GET
H2 200 desktop-widgets.f62caf03a4aff31cac11.chunk.js Show response
www.mensxp.com/dist/ 100 KB
20 KB 111ms
109ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-widgets.f62caf03a4aff31cac11.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8181bc41cc60be17c40dd9dfb5771f7e9bf45718a9727c0ab719d9879a28f49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 20194
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097269
access-control-allow-credentials: false
etag: W/"18f8d-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:24 GMT

GET
H2 200 runtime.8119d6d4a1e91dfdd06d.chunk.js Show response
www.mensxp.com/dist/ 25 KB
7 KB 122ms
120ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/runtime.8119d6d4a1e91dfdd06d.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3066939d1537fe174cb34ded58c2ca6fefd2a3f87aefe45d231c7ca13b9b2d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 6753
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097291
access-control-allow-credentials: false
etag: W/"6236-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:46 GMT

GET
H2 200 desktop-amptrail.c3fa767ab03d557eac09.chunk.js Show response
www.mensxp.com/dist/ 5 KB
2 KB 124ms
122ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-amptrail.c3fa767ab03d557eac09.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2c5e712bb2ee82a7169c92c058b7feb1cd09ea1b5371ec0d7b116071567db0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 1800
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097388
access-control-allow-credentials: false
etag: W/"13fb-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:43:23 GMT

GET
H2 200 components-desktop-Article.447ee4707b693a602493.chunk.js Show response
www.mensxp.com/dist/ 57 KB
16 KB 130ms
128ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/components-desktop-Article.447ee4707b693a602493.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d369f41572a8b04f8bb1c964aadc307bed763e01caef3607df24bc8e5fd1f31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 16041
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097295
access-control-allow-credentials: false
etag: W/"e30c-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:50 GMT

GET
H2 200 desktop-shopwidgets.f823a836c4332811700a.chunk.js Show response
www.mensxp.com/dist/ 22 KB
3 KB 134ms
133ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-shopwidgets.f823a836c4332811700a.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f7641b6af1e26af4fee737068a32f8ab9e555b0b6dcd9ffc126057a7ca92699b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3109
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097297
access-control-allow-credentials: false
etag: W/"5727-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:41:52 GMT

GET
H2 200 var=colaud Show response
ade.clmbtech.com/cde/aef/ 211 B
523 B 242ms
175ms Script
application/javascript 2a02:26f0:6c00::210:bb20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ade.clmbtech.com/cde/aef/var=colaud?cid=2312:32&_u=https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

75ffa5ba4e5e95e51d42cdc8f2876b270361e0db0c4b11911991f74c5d21effb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
vary: Origin
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
x-frame-options: sameorigin
access-control-allow-methods: POST, GET
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 211
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3512
date: Tue, 07 Dec 2021 11:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:35:03 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 31ms
10ms Script
application/javascript 13.225.87.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:05:16 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 101103
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -oLyCY6Th0SQcTh17_NYUBL7COlsg4KdOhqDxOv5D5C7on4etYjweg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: gmflWNdNBbWEsc7DzAAuC5rKZLQy5UWrBy1EqARlYd0IHei8VVmuY2Q7iqMnegOV2Wi9+8nmx0e7/mf09kfPjg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Dec 2021 12:33:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/23105/3447/ 309 KB
94 KB 93ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 13f702795e15a5af2e9ee1536768be720927aff20541803c982d7bba9c11540a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 06:59:05 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1a33-4d3c7-5d18364c799af"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=120318
accept-ranges: bytes
content-type: text/javascript
content-length: 95820
expires: Wed, 08 Dec 2021 21:58:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
18ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

63cdac29c37b4266926c41523d93cfdfd7c645be9bb3f806bd81f32f1d7e0f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 168 of 1000 / last-modified: 1638832340"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27071
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 overpass-regular.woff2
www.mensxp.com/font/ 29 KB
30 KB 123ms
123ms Font
font/woff2 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/font/overpass-regular.woff2

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

16728aa2871679b3e498eb2412881ebe6fa3aa5eaa0bf267a89efe268426a833

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Origin: https://www.mensxp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 30072
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31097820
access-control-allow-credentials: false
etag: W/"7578-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:50:35 GMT

GET
H2 200 overpass-bold.woff2
www.mensxp.com/font/ 29 KB
29 KB 113ms
113ms Font
font/woff2 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/font/overpass-bold.woff2

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b461732e3db57588734c950ad579d3fa2a62ba4a55ab79221f2fcaa3c96d2151

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Origin: https://www.mensxp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 29384
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31097865
access-control-allow-credentials: false
etag: W/"72c8-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:51:20 GMT

GET
H2 200 Apoorva_5f64387dd1127.jpeg
img.mensxp.com/media/author/2020/Sep/ 642 B
1 KB 108ms
41ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/author/2020/Sep/Apoorva_5f64387dd1127.jpeg?w=32&h=32&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4d7c7045d421442d0c03152dea5bacedd328a2ceac3626a9bc05a7d7a65e58bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 642
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Sep 2020 11:40:10 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=17530786
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 28 Jun 2022 10:13:21 GMT

GET
H2 200 Vivek-Oberoi-On-Bollywood-Lobby-Culture1400_61adf0c71d9b5.jpeg
img.mensxp.com/media/content/2021/Dec/ 52 KB
52 KB 108ms
41ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Vivek-Oberoi-On-Bollywood-Lobby-Culture1400_61adf0c71d9b5.jpeg

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e19a43a1dd47a9cb25fe1529363af077d2298ea029437c0bb861918de261531c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 53120
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 11:15:19 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31458397
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 15:00:12 GMT

GET
H2 200 instagram-icon.png
www.mensxp.com/images/desktop/ 3 KB
3 KB 110ms
107ms Image
image/png 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mensxp.com/images/desktop/instagram-icon.png

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

efc99193649d9c75523df4a5e4c9689dc83c49033e767c684875fe3d1919b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 2625
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31099693
access-control-allow-credentials: false
etag: W/"a41-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 11:21:48 GMT

GET
H2 200 idiva-logo.png
www.mensxp.com/images/desktop/ 3 KB
4 KB 110ms
108ms Image
image/png 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mensxp.com/images/desktop/idiva-logo.png

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

33c21f71226e827860c943f7b78fcc9c8e47867ffc180eea594ec4e3fe412f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 3511
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31099799
access-control-allow-credentials: false
etag: W/"db7-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 11:23:34 GMT

GET
H2 200 whatshot-logo.png
www.mensxp.com/images/desktop/ 4 KB
5 KB 111ms
109ms Image
image/png 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mensxp.com/images/desktop/whatshot-logo.png

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e6abf638f6c4627068f4d9cd5a282432b0099f11d1d209f7f14607c283ff49f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 4310
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31099849
access-control-allow-credentials: false
etag: W/"10d6-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 11:24:24 GMT

GET
H2 200 overpass-semibold.woff2
www.mensxp.com/font/ 27 KB
28 KB 109ms
109ms Font
font/woff2 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/font/overpass-semibold.woff2

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3b761b98bd1823100e68ab9dea233049cfcf01a97cde70b84beb5d7938ac955e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Origin: https://www.mensxp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 27984
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31097757
access-control-allow-credentials: false
etag: W/"6d50-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:49:32 GMT

GET
H2 200 overpass-light.woff2
www.mensxp.com/font/ 29 KB
29 KB 109ms
109ms Font
font/woff2 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/font/overpass-light.woff2

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f655e9ddf53f4be18b9a517b0be6f4e1a847224a68952fa24d787b7dcd8bdd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Origin: https://www.mensxp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 29484
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31097658
access-control-allow-credentials: false
etag: W/"732c-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:47:53 GMT

GET
H2 200 overpass-extrabold.woff2
www.mensxp.com/font/ 28 KB
28 KB 111ms
111ms Font
font/woff2 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/font/overpass-extrabold.woff2

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7643d7db2a9e32b9bedc6324a37d0012c65fca684cb3d378a9f0ab2eec06c165

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Origin: https://www.mensxp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
content-length: 28240
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31097814
access-control-allow-credentials: false
etag: W/"6e50-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:50:29 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%...

0
223 B

12ms
11ms

Image
text/plain

13.225.87.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&c7=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&c9=
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H2
Server: 13.225.87.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-102.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: IhBCq8IaQBuHiyiSMgnV-AAzZrwfUxS-kKlEOe2Kk8lGpY_VjPq2Ew==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 07 Dec 2021 12:33:35 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&ns__t=1638880415069&ns_c=UTF-8&cv=3.5&c8=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&c7=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&c9=
content-length: 364
x-amz-cf-id: FgjTI6cjo8vTXyDWy3QzA8XWEmDg0Egn_j_ONJRcSrQpIBAVM7T1kQ==

GET
H2 200 1490590564599357 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 180ms
178ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1490590564599357?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81c61cabb54883718e3e28733b3b16425b287d8ced984fa75fc33435622bc029

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1+KSANFjs69eJXTDpgnR178znwVVT6EbmcC7IUm5rmDBmjf1APqTX5yqTVVPkFXSlBB+GyWshbWuJDxqMaEynA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Dec 2021 12:33:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 13:05:52 GMT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
116 KB 30ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 206 B
149 B 30ms
15ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mensxp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f1b2968b59745094bcab953b05c8033234e4dbdc400c3966f55963c3f0905b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:33:35 GMT

OPTIONS
H2 200 list
frontend-api-navik.mensxp.com/v1/api/admanagement/ Frame 0
0 327ms
259ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/admanagement/list?platform_id=1&page_id=3&category_id=8&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 54.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

GET
H2 200 aa.js Show response
static.clmbtech.com/ase/2312/32/ 13 KB
4 KB 35ms
19ms Script
application/javascript 2a02:26f0:6c00::210:bb20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.clmbtech.com/ase/2312/32/aa.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

d67956e704c6689202e9897a2b3aa5783ab78504c703afac0600b36686ed7d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "3296-5c36091c6677e-gzip"
vary: Accept-Encoding
content-length: 4084
last-modified: Fri, 28 May 2021 09:33:33 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 08 Dec 2021 12:33:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDGJZS

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3295d12e8cb4ce9aa313fc60eca2a02baca108a6290f7b60c24c7c6897456687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37754
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 jsso_crosswalk_legacy_0.5.3.min.js Show response
jssocdn.indiatimes.com/crosswalk/ 19 KB
4 KB 56ms
15ms Script
application/javascript 2a02:26f0:6c00:199::3621
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.5.3.min.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:199::3621 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

66015f899ffae6b37c228a51c4a140d61b592da1ac57497248afd033a762ee9c

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-cool: 64.25
content-length: 3975
x-xss-protection: 1; mode=block
last-modified: Sat, 12 Jun 2021 07:19:23 GMT
server: nginx
x-frame-options: sameorigin
etag: "4a0d-5c48c71906340"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=4575863
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid
expires: Sat, 29 Jan 2022 11:37:58 GMT

GET
H/1.1 200
OK / Show response
geoapi.indiatimes.com/ 92 B
583 B 77ms
18ms Script
text/html 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geoapi.indiatimes.com/?cb=1
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 816c1eebe720fccc09d76d4f239838516a1c65831c00af3586a59ed253239119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:35 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Connection: close
Edgescape-API: geo_region=85,country_code=DE,region_code=HE,city=FRANKFURT, continent=EU
Access-Control-Allow-Headers: *
Content-Length: 92
Expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 list Show response
frontend-api-navik.mensxp.com/v1/api/admanagement/ 4 KB
2 KB 19ms
19ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/admanagement/list?platform_id=1&page_id=3&category_id=8&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

ee5a76f3f3cdb7ac2785c264b4fe5e8b171bcc50104dbaed67514c39dac9f3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 9c2fe63a4a75667eed9669ac29724219
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-06 21:42:17
x-cool: 20.21
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=546
vary: Accept-Encoding
content-length: 1134
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:35 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16245912-1&cid=178687869.1638880415&jid=840448458&gjid=1684174530&_gid=470555048.1638880415&_u=aGBAiEIhBAAAAE~&z=1161744166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=947830621&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&ul=en-us&de=UTF-8&dt=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEIhB~&jid=840448458&gjid=1684174530&cid=178687869.1638880415&tid=UA-16245912-1&_gid=470555048.1638880415&cd1=0&cd3=2021-12-06&cd7=News&cd8=545%20-%20Apoorva%20Nijhara&cd9=97379&z=1150106381

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 15:16:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76626
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 listing
comment.mensxp.com/mensxp/comment/ Frame 0
0 836ms
284ms Preflight
application/json 103.238.100.148
INDIATIMES-IN I W...

General

Check archive.org

Show headers Download Go to

Full URL

https://comment.mensxp.com/mensxp/comment/listing?size=2&pagenum=1&contentid=97379&locale_id=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.238.100.148 New York, United States, ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN),

Reverse DNS

a103-238-100-148.deploy.static.akamaitechnologies.com

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	deny sameorigin
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: application/json
content-length: 26
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With,ticketid
cache-control: no-cache, private
x-cool: 67.20
x-frame-options: deny sameorigin
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff nosniff
x-webkit-csp: default-src 'self'
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=25920000; includeSubdomains

OPTIONS
H2 200 6
frontend-api-navik.mensxp.com/v1/api/staticbox/detail/ Frame 0
0 211ms
210ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/staticbox/detail/6?locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 20.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

OPTIONS
H2 200 list
frontend-api-navik.mensxp.com/v1/api/youtube/ Frame 0
0 226ms
226ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/youtube/list?limit=11&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 54.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

GET
H2 200 listing Show response
comment.mensxp.com/mensxp/comment/ 42 B
572 B 328ms
328ms Fetch
application/json 103.238.100.148
INDIATIMES-IN I W...

General

Check archive.org

Show headers Download Go to

Full URL

https://comment.mensxp.com/mensxp/comment/listing?size=2&pagenum=1&contentid=97379&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.238.100.148 New York, United States, ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN),

Reverse DNS

a103-238-100-148.deploy.static.akamaitechnologies.com

Software

Bhoot /

Resource Hash

17d23d0db7da15eb43d6534270daf62f55b786837fac25daec2b5d8c9638840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	deny, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 67.19
strict-transport-security: max-age=25920000; includeSubdomains
content-length: 42
x-xss-protection: 1; mode=block, 1; mode=block
server: Bhoot
x-frame-options: deny, sameorigin
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With,ticketid
x-webkit-csp: default-src 'self'

GET
H2 200 6 Show response
frontend-api-navik.mensxp.com/v1/api/staticbox/detail/ 328 B
744 B 24ms
24ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/staticbox/detail/6?locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

c86ad912333d6687f53a922ce905410a4caeb593bf11d9cd6799276991c61f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 0c9051715af1f92ab1ee58c8cc24f3c6
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-07 17:44:22
x-cool: 54.21
server-timing: cdn-cache; desc=HIT, edge; dur=9
vary: Accept-Encoding
content-length: 196
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 list Show response
frontend-api-navik.mensxp.com/v1/api/youtube/ 10 KB
2 KB 21ms
20ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/youtube/list?limit=11&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

ca56c2ea400aad18baebf9f47cd9bf0f5b5e4dcfc3de3ef4f6c6700e5ca5d684

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 2a076356d1b20f08d25ba74475b8cd34
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-07 17:39:37
x-cool: 54.21
server-timing: cdn-cache; desc=HIT, edge; dur=3
vary: Accept-Encoding
content-length: 1814
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 message Show response
ase.clmbtech.com/ 199 B
499 B 144ms
127ms Script
text/plain 2a02:26f0:6c00::210:bb20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ase.clmbtech.com/message?cid=2312%3A32&val_102=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&val_120=0&val_122=&val_101=2312%3A32&val_101=int%3Awww.mensxp.com%2Fentertainment%2Fcelebrities&val_123=Vivek%20Oberoi%2C%20Bollywood%20Lobby%20Culture%2C%20Bollywood%20Godfathers%2C%20Bollywood%20Issues%2C%20Vivek%20Oberoi%20Movies%2C%20Vivek%20Oberoi%20Exposes%20Bollywood%2C%20Biases%20In%20Bollywood%2C%20Nepotism

Requested by

Host: static.clmbtech.com
URL: https://static.clmbtech.com/ase/2312/32/aa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

dd302acbe52837c6e36c3e15a93f9512eabf0add4eb7018044a7662d2892bcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
content-length: 199
x-xss-protection: 1; mode=block
content-type: text/plain;charset=ISO-8859-1

GET
H2 200 getTicket Show response
jsso.indiatimes.com/sso/crossdomain/ 63 B
660 B 235ms
178ms Script
text/plain 2a02:26f0:6c00::210:bb3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossdomain/getTicket?version=v1&callback=$cr.handleCentralSsoCallBack

Requested by

Host: static.clmbtech.com
URL: https://static.clmbtech.com/ase/2312/32/aa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f339f9bcee479ad98c8f43a87455fa1e5e1fe456de504ca4db6463b4703b0abc

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
server: Bhoot
x-cool: 88.39
x-frame-options: sameorigin
access-control-allow-methods: GET,POST,OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=142, origin; dur=14
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr
content-length: 63
x-xss-protection: 1; mode=block

OPTIONS
H2 200 latest
frontend-api-navik.mensxp.com/v1/api/content/ Frame 0
0 214ms
214ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?is_ampstory=1&limit=10&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 20.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

OPTIONS
H2 200 latest
frontend-api-navik.mensxp.com/v1/api/content/ Frame 0
0 227ms
227ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?limit=15&page=1&is_shop=1&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 54.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

OPTIONS
H2 200 latest
frontend-api-navik.mensxp.com/v1/api/content/ Frame 0
0 213ms
213ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?limit=5&category_id=340&page=1&content_type_id=51&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 20.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

GET
H2 200 latest Show response
frontend-api-navik.mensxp.com/v1/api/content/ 55 KB
11 KB 23ms
21ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?is_ampstory=1&limit=10&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

1a0d6386b6302c5dba7d833a4ec257d2d76ebca814df6e2b7083221249b7caca

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 10799a6331ea98b1a88b3c3b88d60de1
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-07 17:46:28
x-cool: 20.21
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=455
vary: Accept-Encoding
content-length: 10343
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 latest Show response
frontend-api-navik.mensxp.com/v1/api/content/ 58 KB
11 KB 172ms
171ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?limit=15&page=1&is_shop=1&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

27a8668e3ae566a8ccca26935d64294d16513d3d5f64726d6e68e108f8ab2c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 8fdfc7b87ce92001f32b4ff1f8a182b3
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-07 17:42:27
x-cool: 20.21
server-timing: cdn-cache; desc=HIT, edge; dur=150
vary: Accept-Encoding
content-length: 10794
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 latest Show response
frontend-api-navik.mensxp.com/v1/api/content/ 22 KB
5 KB 709ms
708ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/latest?limit=5&category_id=340&page=1&content_type_id=51&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bf0e53c1812ec6ecbf25020d53de992a11d2d2f38cccef80a5c10cbbdbcac97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: a77437437a51c78e56a57969524e224c
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
response-cache: cached on 2021-12-07 17:56:29
x-cool: 20.21
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=160, origin; dur=531
vary: Accept-Encoding
content-length: 4442
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:36 GMT

OPTIONS
H2 200 widget
shopapi.mensxp.com/api/v1/cms/ Frame 0
0 717ms
638ms Preflight 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://shopapi.mensxp.com/api/v1/cms/widget?type=product_summary&tag=celebrities
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Bhoot /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-bot-request
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-length: 0
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-allow-headers: Origin, Accept, Accept-Language, Accept-Encoding, Content-Language, Content-Type, Content-Length, Cache-Control, User-Agent, X-Session-Id, X-Bot-Request *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *

GET
H2 200 widget Show response
shopapi.mensxp.com/api/v1/cms/ 25 KB
4 KB 223ms
222ms Fetch
application/json 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://shopapi.mensxp.com/api/v1/cms/widget?type=product_summary&tag=celebrities
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Bhoot /
Resource Hash: 0eb7c48d1f1442bf77419c7346711cf1e223b4d24f2e0e7cecfff9e124edf6ad

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
X-Bot-Request: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
content-encoding: gzip
server: Bhoot
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
server-timing: cdn-cache; desc=MISS, edge; dur=145, origin; dur=63
access-control-allow-headers: Origin, Accept, Accept-Language, Accept-Encoding, Content-Language, Content-Type, Content-Length, Cache-Control, User-Agent, X-Session-Id, X-Bot-Request, *
content-length: 3125

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=947830621&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&ul=en-us&de=UTF-8&dt=Vivek%20Oberoi%E2%80%99s%20Strong%20Arguments%20Prove%20Bollywood%20Is%20Driven%20By%20Godfathers%20And%20Not%20Talent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Shop%20Widget%20Loaded&ea=product_summary&el=%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html%20-%201&_u=aGBAiEIhBAAAAE~&jid=&gjid=&cid=178687869.1638880415&tid=UA-16245912-1&_gid=470555048.1638880415&cd1=0&cd3=2021-12-06&cd7=News&cd8=545%20-%20Apoorva%20Nijhara&cd9=97379&z=1135583848

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 15:16:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76626
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 189106885061547 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 189ms
188ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/189106885061547?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93c0c761432b10e2cc6e17dfd58073bcd4b883fdefc1caf1b5b17657d1b72df0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 38nmGQRcbqs+ygdCPn+v7fJ7OKXhCHagjm+4inT/4Y9lSQ3sqYgrUHRti1rpZ0G3RLS9vQ37ID0n31pdKgg+Hg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 12:33:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Apoorva_5f64387dd1127.jpeg
img.mensxp.com/media/author/2020/Sep/ 4 KB
5 KB 43ms
42ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/author/2020/Sep/Apoorva_5f64387dd1127.jpeg?w=96&h=96&cc=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1174ec7ef582e89eba71929e1fd6d218e89ce759bb5404c003b9e9ace6ec72ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 4472
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Sep 2020 11:40:10 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30682282
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sun, 27 Nov 2022 15:24:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 57ms
33ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16245912-1&cid=178687869.1638880415&jid=840448458&_u=aGBAiEIhBAAAAE~&z=521024380

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16245912-1&cid=178687869.1638880415&jid=840448458&_u=aGBAiEIhBAAAAE~&z=521024380

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 loggedInUser Show response
jsso.indiatimes.com/sso/crossapp/identity/web/ 93 B
4 KB 168ms
167ms XHR
application/json 2a02:26f0:6c00::210:bb3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Requested by

Host: jssocdn.indiatimes.com
URL: https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.5.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

3d776ad05de09002667c34dcef93d81380cbdcb79c2b28c89da392152028d2a1

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

channel: mensxp
Accept-Language: de-DE,de;q=0.9
csrfToken
sdkVersion: 0.5.3
content-type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
IsJssoCrosswalk: true
Referer: https://www.mensxp.com/
tksec
platform: WEB
ssec
csut
gdpr

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cool: 88.40
server-timing: cdn-cache; desc=MISS, edge; dur=130, origin; dur=16
content-length: 106
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mensxp.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr

OPTIONS
H2 200 loggedInUser
jsso.indiatimes.com/sso/crossapp/identity/web/ Frame 0
0 209ms
180ms Preflight 2a02:26f0:6c00::210:bb3a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb3a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel,content-type,csrftoken,csut,gdpr,isjssocrosswalk,platform,sdkversion,ssec,tksec
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-length: 0
access-control-allow-origin: https://www.mensxp.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-cool: 88.39
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr
access-control-allow-methods: GET,POST,OPTIONS

OPTIONS
H2 200 2
frontend-api-navik.mensxp.com/v1/api/staticbox/detail/ Frame 0
0 194ms
194ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/staticbox/detail/2?locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 20.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

OPTIONS
H2 200 97379
frontend-api-navik.mensxp.com/v1/api/content/readingnow/ Frame 0
0 231ms
230ms Preflight
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/readingnow/97379?limit=15&page=1&locale_id=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
x-cool: 54.21
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
content-length: 46
cache-control: private, no-cache
expires: Tue, 07 Dec 2021 12:33:35 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
vary: Accept-Encoding

GET
H2 404 2 Show response
frontend-api-navik.mensxp.com/v1/api/staticbox/detail/ 38 B
533 B 488ms
487ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend-api-navik.mensxp.com/v1/api/staticbox/detail/2?locale_id=1
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Bhoot /
Resource Hash: 67a05925ae62ef30e4141ff6d7984ba71bc24001d3ee5375e3781910372e3484

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

response-cache-key: 58f68c9ca58468cd0b9034902c68848a
date: Tue, 07 Dec 2021 12:33:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cool: 20.21
server-timing: cdn-cache; desc=MISS, edge; dur=148, origin; dur=325
content-length: 56
server: Bhoot
cache-control: private, no-cache
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
response-cache: cached on 2021-12-07 17:59:19
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:36 GMT

GET
H2 200 desktop-Stories.d431346cb6b51d77325d.chunk.js Show response
www.mensxp.com/dist/ 2 KB
1 KB 22ms
22ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-Stories.d431346cb6b51d77325d.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/runtime.8119d6d4a1e91dfdd06d.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f3c57a38d37ac9805dfd0f9d3fb1e75a09d81bb37e19bc30457d750981f89a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 984
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097413
access-control-allow-credentials: false
etag: W/"8ce-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:43:48 GMT

GET
H2 200 97379 Show response
frontend-api-navik.mensxp.com/v1/api/content/readingnow/ 63 KB
12 KB 1415ms
1414ms Fetch
application/json 2a02:26f0:6c00::210:bb69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend-api-navik.mensxp.com/v1/api/content/readingnow/97379?limit=15&page=1&locale_id=1

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0625657ca9ebf2b533f45de77a2b9a9677609db288f87650e991af43dd01c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
x-cool: 54.21
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=159, origin; dur=1241
vary: Accept-Encoding
content-length: 11413
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:37 GMT
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Api-Access-Token
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H2 200 white-right-arrow.svg
www.mensxp.com/images/desktop/ 254 B
602 B 17ms
17ms Image
image/svg+xml 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mensxp.com/images/desktop/white-right-arrow.svg

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/desktop-widgets.f62caf03a4aff31cac11.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c409854587bb80f34e59d25f0de60f28b46228a41462f662ae71a941f313791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/dist/desktop-widgets.f62caf03a4aff31cac11.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 198
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 10:06:55 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:35 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: false
etag: W/"fe-17cdaf75618"
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 14 Dec 2021 12:33:35 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 75ms
54ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36a79135803869f257cae495ca43ee3d321aaaa2ea929856859444522d64cca8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l+3ohUpt1a/oaZSf2i1MFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "ab30921c980527979f1cb8c5e858f5b2"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-l+3ohUpt1a/oaZSf2i1MFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/as8mgET5X8M/ 46 KB
46 KB 66ms
41ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/as8mgET5X8M/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975cad3364f2aa46842b23c804012b227df5f63a50724d4adbd5866a318d8a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47218
x-xss-protection: 0
server: sffe
etag: "1638768181"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 12:38:35 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/KCcNm9iF-QE/ 48 KB
48 KB 68ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/KCcNm9iF-QE/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4120b80fcc21c45c304448127cf125048120a61ad7a3b39e00f64ec21c3c1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49376
x-xss-protection: 0
server: sffe
etag: "1638681491"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 12:38:35 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/NT7Oo-TKa6k/ 54 KB
54 KB 52ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NT7Oo-TKa6k/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e07d7ff063c6da393601ad5528d4e0c7fd611dd9092af9d47121ec63640d7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:46:50 GMT
x-content-type-options: nosniff
age: 2805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55539
x-xss-protection: 0
server: sffe
etag: "1638594030"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:46:50 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/GGCcvTNW738/ 58 KB
59 KB 59ms
34ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/GGCcvTNW738/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe81113299d7aa1d347c29330dc4cc350b3305fda9399ef139c67fe88d74fabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:47:41 GMT
x-content-type-options: nosniff
age: 2754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59850
x-xss-protection: 0
server: sffe
etag: "1638543465"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:47:41 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/3ShOBNu6PXI/ 42 KB
42 KB 54ms
29ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3ShOBNu6PXI/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0743de693c1bf235d80a7ede79541819dd9070a722f98da8be8ebb9573830620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:47:41 GMT
x-content-type-options: nosniff
age: 2754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43318
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:47:41 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/dbqzH7xulJI/ 55 KB
55 KB 48ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dbqzH7xulJI/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617d9629681a5478d2aa5a6a52fc0bf8673a721ae5a68af0414eecb995a519b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:47:41 GMT
x-content-type-options: nosniff
age: 2754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56160
x-xss-protection: 0
server: sffe
etag: "1638161571"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:47:41 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/XBG1Kvm0oHE/ 67 KB
67 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XBG1Kvm0oHE/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a940d3259d90d653f1127e35e09e64e2b062ea41292124c88aff6f76819d796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:31:30 GMT
x-content-type-options: nosniff
age: 3725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68525
x-xss-protection: 0
server: sffe
etag: "1638073280"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:31:30 GMT

GET
H2 200 mensxp-social-image.jpg
img.mensxp.com/media/static-images/ 19 KB
20 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/static-images/mensxp-social-image.jpg

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1eb61548edcfe684fb7da6ce9be99222c6dc45c5604451e454e83b545b4f9469

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 19528
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Aug 2020 08:57:29 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=20566904
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 02 Aug 2022 13:35:19 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Uy839M29h-w/ 52 KB
52 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Uy839M29h-w/sddefault.jpg?w=32&h=24&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948c3f5f3534fe8ffeadadb14e56c502e019b2e6ae71822eb9d9a6257e12bade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:47:41 GMT
x-content-type-options: nosniff
age: 2754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53198
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 13:47:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 26ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1490590564599357&ev=PageView&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&rl=&if=false&ts=1638880415654&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638880415653.805332755&it=1638880415083&coo=false&rqm=GET

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 27ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189106885061547&ev=PageView&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&rl=&if=false&ts=1638880415656&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638880415653.805332755&it=1638880415083&coo=false&rqm=GET

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 27ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1490590564599357&ev=ViewContent&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&rl=&if=false&ts=1638880415657&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638880415653.805332755&it=1638880415083&coo=false&rqm=GET

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189106885061547&ev=ViewContent&dl=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&rl=&if=false&ts=1638880415658&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638880415653.805332755&it=1638880415083&coo=false&rqm=GET

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H2 200 jacqueline-fernandez-vacation-photos-beach-holiday_61af39f3e350f.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 19ms
18ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/jacqueline-fernandez-vacation-photos-beach-holiday_61af39f3e350f.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4f9ec5ec45141e8f0ab53da178ca622dae036ad5d7b86d236d0b414d88b0cf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1103
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 10:59:10 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31530291
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 10:58:26 GMT

GET
H2 200 2021-Most-Trolled-Celebrities-8_61af430b26ead.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 30ms
29ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/2021-Most-Trolled-Celebrities-8_61af430b26ead.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

12969b3c12ea8eecb5d4a1865812c4e7a95d2ffb49b31ace9d8c8c5d8a904c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1054
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 12:02:13 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31534118
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 12:02:13 GMT

GET
H2 200 Vicky-Katrina-Fitness_61af2959518de.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 23ms
21ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Vicky-Katrina-Fitness_61af2959518de.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

5dd377e8e3720586fdbd4ab38b146563dc4ef292fad2e96530bed7a614e5fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1084
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 10:59:10 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31530640
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 11:04:15 GMT

GET
H2 200 erica-fernandes-vacations-pictures-2_61af1611ac0df.jpeg
img.mensxp.com/media/content/2021/Dec/ 976 B
1 KB 26ms
24ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/erica-fernandes-vacations-pictures-2_61af1611ac0df.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

cb1bca37bd241e837421f55226459df4fbba5dbfc4456eb85b917017058ab293

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 976
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 08:24:16 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31521828
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 08:37:23 GMT

GET
H2 200 Sara-Tendulkar-Modelling-Debut-2_61af3093716d6.jpeg
img.mensxp.com/media/content/2021/Dec/ 996 B
1 KB 29ms
28ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Sara-Tendulkar-Modelling-Debut-2_61af3093716d6.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4c67b557b9b377fca780f02ad85e6b077654e160aeff5a64629f1a427b25c5a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 996
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 10:46:47 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31529888
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 10:51:43 GMT

GET
H2 200 72720298_1321212781336341_8703344356622702048_n_61aeff1e13557.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
2 KB 30ms
29ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/72720298_1321212781336341_8703344356622702048_n_61aeff1e13557.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

54f71eaab19553c62c10439190374fb024be13f4d263c4f9edbdfbd140a3151a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1142
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 08:56:51 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31523547
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 09:06:02 GMT

GET
H2 200 Mukesh-Ambani-Expensive-Things_61af04b2cb10f.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 34ms
33ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Mukesh-Ambani-Expensive-Things_61af04b2cb10f.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

9dbaff8a1cbe49c1dc34b1cd7af254937a75d2340e53c17a9819530f086482ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1060
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 07:00:12 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31515984
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 06:59:59 GMT

GET
H2 200 Behind-The-Scenes-Vijay-Deverakonda--Ananya-Panday-Liger-9_61ae0827879c9.jpeg
img.mensxp.com/media/content/2021/Dec/ 983 B
1 KB 36ms
35ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Behind-The-Scenes-Vijay-Deverakonda--Ananya-Panday-Liger-9_61ae0827879c9.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2788ac75a6e812fdd2e7ed0d41363dd7a88bd6c4149507be8b6e21a781298e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 983
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 13:16:46 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31452319
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 13:18:54 GMT

GET
H2 200 263563749_145920621112429_6328139205752928103_n_61ae06771aa11.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
2 KB 36ms
35ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/263563749_145920621112429_6328139205752928103_n_61ae06771aa11.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

edd26c367e3e5f2310838b6b2a383502940e5af7292ea1986c071e8d4097bbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1112
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 13:56:40 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31454649
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 13:57:44 GMT

GET
H2 200 Thumbnail---Arun-Vijay_61ade0946a831.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 36ms
36ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Thumbnail---Arun-Vijay_61ade0946a831.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

654ac19b3da3a556d718c72c1dc98082b44dc5eb23bb08fc3273a176297821b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1089
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 11:08:59 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31444945
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 11:16:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 123 KB
43 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de801d89e6f71bf92faa287b9d67520105e6188e703bf3d060223ec2072a95ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 20:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43581
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 20:21:39 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 119 KB
41 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29af0c8109de86bcf0f69ab6f293c71bff84e52c48bdc4193e2e9583f291f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41540
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:25:12 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 2EA5 2 KB
2 KB 70ms
46ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&layout=default&count=default&origin=https%3A%2F%2Fwww.mensxp.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40b7671ca072f19e1f8a1f1272abd64491a787ab24f6d4b154d1159a51914e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 4BB2 566 B
858 B 42ms
18ms Document
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mensxp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

132f0dddb372f4236708c1b89a59772ec6336523acbcd36938532d18902af1e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u2S2Y459N0QKtDe1VutCPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-u2S2Y459N0QKtDe1VutCPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Vertical-Thumbnail__618e61f4e10e2.png
img.mensxp.com/media/content/2021/Nov/ 4 KB
4 KB 18ms
16ms Image
image/png 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-Thumbnail__618e61f4e10e2.png?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4873e68693098d194e3243a26e4f9a58fa08a47e64dfdd924c2528c25d2061cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 3706
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 12:50:27 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=29377587
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 12 Nov 2022 13:00:02 GMT

GET
H2 200 header-1400x653_6194d92d3a25e.jpeg
img.mensxp.com/media/content/2021/Nov/ 1011 B
1 KB 18ms
16ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/header-1400x653_6194d92d3a25e.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

49de74fe7b85dd3a9528a3930c8c09a7e998fcd3d5a5ea14d5632dcc7eebefad

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1011
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Nov 2021 10:33:34 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29800843
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Thu, 17 Nov 2022 10:34:18 GMT

GET
H2 200 Vertical-Thumbnail__618e6562403e5.png
img.mensxp.com/media/content/2021/Nov/ 2 KB
3 KB 20ms
18ms Image
image/png 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-Thumbnail__618e6562403e5.png?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e0ca823b52a72fc78b060449b7821505b092021322af9af9d538bd9ae07a85c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 2260
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 13:10:13 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=29378324
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 12 Nov 2022 13:12:19 GMT

GET
H2 200 Verticle-Thumbnail_61a0c816119be.jpeg
img.mensxp.com/media/content/2021/Nov/ 959 B
1 KB 25ms
23ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Verticle-Thumbnail_61a0c816119be.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f0f0777055b246f26132d2a91c0225eb8d6102808d68aa1d99e9f5ae8da037e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 959
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Nov 2021 11:47:58 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30582759
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 26 Nov 2022 11:46:14 GMT

GET
H2 200 Vertical-thumb__619b4712a360b.jpeg
img.mensxp.com/media/content/2021/Nov/ 910 B
1 KB 27ms
25ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-thumb__619b4712a360b.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3975e4ed8fca32df98d0bb50a3bd21f8fe5918558418d0c165d54aeda06b85cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 07:34:08 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30222648
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 22 Nov 2022 07:44:23 GMT

GET
H2 200 Vertical-Thumbnail__618e5b77eacaa.png
img.mensxp.com/media/content/2021/Nov/ 3 KB
4 KB 30ms
29ms Image
image/png 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-Thumbnail__618e5b77eacaa.png?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a205cb4a8613174b89e0d3c868be134b853badf6e0d8fd86307fbd467396d670

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 3159
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 12:24:01 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=29375611
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 12 Nov 2022 12:27:06 GMT

GET
H2 200 vertical_thumbnail_619339b19c377.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
1 KB 32ms
30ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/vertical_thumbnail_619339b19c377.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8b8a5b07517656a76981e91e72cdc17bc2c48ab4ea25274a42165ad996ccde03

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1025
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 05:00:09 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29694364
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 16 Nov 2022 04:59:39 GMT

GET
H2 200 Verticle-Thumbnail_61a0c526dfad5.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
1 KB 33ms
32ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Verticle-Thumbnail_61a0c526dfad5.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e8b85346c4c48e8ae1a146cf10ad37ee3239522ae7e70733a589eb5265e22897

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1024
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Nov 2021 11:34:39 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30582024
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 26 Nov 2022 11:33:59 GMT

GET
H2 200 Vertical-thumb__619b3cab6a23b.jpeg
img.mensxp.com/media/content/2021/Nov/ 1002 B
1 KB 35ms
33ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-thumb__619b3cab6a23b.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f7df9f2085d2c44ba5a75730444a590a336ede0587548d832a6d3ac79961a10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1002
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 06:53:08 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30219518
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 22 Nov 2022 06:52:13 GMT

GET
H2 200 Vertical-thumb__61a4e3a082139.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
1 KB 39ms
38ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-thumb__61a4e3a082139.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f0d12152b20793419741052db2957894577fc6db9c5f12b88529fa837c7958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1037
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Nov 2021 11:17:19 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30927392
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 30 Nov 2022 11:30:07 GMT

GET
H2 200 Verticle_Thumbnail_619e37147bc0f.jpeg
img.mensxp.com/media/content/2021/Nov/ 967 B
1 KB 43ms
42ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Verticle_Thumbnail_619e37147bc0f.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d2d101743ce824428677bd91521557a967844c8b84533aa4c6fda81e9172cdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 967
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Nov 2021 13:01:47 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30414917
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Thu, 24 Nov 2022 13:08:52 GMT

GET
H2 200 Vertical-Thumbnail__6192002def738.png
img.mensxp.com/media/content/2021/Nov/ 3 KB
4 KB 44ms
43ms Image
image/png 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-Thumbnail__6192002def738.png?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9605c69b87e3a4587c7c917c5a9e123feb8d51a3d43fc5786dfeba1de148f9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 3222
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 06:39:13 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=29614463
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 15 Nov 2022 06:47:58 GMT

GET
H2 200 Vertical-thumb__619b4238ef0d4.jpeg
img.mensxp.com/media/content/2021/Nov/ 952 B
1 KB 46ms
45ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Vertical-thumb__619b4238ef0d4.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fda24ec409c9aeeae38bc6b5671b431cb2ad975fed8068abd63f2fcdf021ca09

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 952
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 07:18:43 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=30221487
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 22 Nov 2022 07:25:02 GMT

GET
H2 200 Verticle_Thumbnail_61a8705dd82b8.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
2 KB 47ms
46ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Verticle_Thumbnail_61a8705dd82b8.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

1d91201d92d0fe92fe145b806430a610913308ef939cd36da9ef9d68eec0f414

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1128
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Dec 2021 07:12:43 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31085089
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Fri, 02 Dec 2022 07:18:24 GMT

GET
H2 200 Vertical-thumb_-1_61a9d2a3c0c91.jpeg
img.mensxp.com/media/content/2021/Dec/ 961 B
1 KB 48ms
47ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Vertical-thumb_-1_61a9d2a3c0c91.jpeg?w=32&h=48&cc=1&q=75

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

1951210bbe47433b23e462bd32713d6ab81fa4301a47209819e4ff7952c14ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 961
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Dec 2021 08:20:05 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31175784
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 03 Dec 2022 08:29:59 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 2EA5 38 KB
6 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&layout=default&count=default&origin=https%3A%2F%2Fwww.mensxp.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&layout=default&count=default&origin=https%3A%2F%2Fwww.mensxp.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 10:01:15 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 2EA5 252 KB
72 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&layout=default&count=default&origin=https%3A%2F%2Fwww.mensxp.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 10:01:16 GMT

GET
H2 200 3087399934-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 4BB2 10 KB
5 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3087399934-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mensxp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 10:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 03:08:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 10:18:22 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 4BB2 13 KB
5 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EiYauhN7OPep4EZAkFG8rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3fc975e12af4bcde7e44fdb36bca1117"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-EiYauhN7OPep4EZAkFG8rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Tue, 07 Dec 2021 12:33:35 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 2EA5 156 B
179 B 8ms
8ms Image
image/png 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 09:51:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 528106
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Dec 2022 09:51:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame 2EA5 125 KB
41 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 20:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41862
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 20:17:21 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame 4BB2 51 KB
18 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 14:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18237
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:24:58 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 28 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aad48dde0907d035bdb01024f52600bec81a2c05bcc6b81469751d567faed27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9531
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 15:49:30 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame D33D 604 B
293 B 44ms
43ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be35c8b812d2ba7ee41c258d9328671968095ec769be11881c1566001f31f3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 12:33:35 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 25ms
10ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:44:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 542921
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Dec 2022 05:44:54 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 25ms
10ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:23:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 4187
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 07 Dec 2022 11:23:48 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 21ms
9ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:32:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 543659
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Dec 2022 05:32:36 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 22ms
10ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 577241
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 30 Nov 2022 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 21ms
9ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 505736
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Dec 2022 16:04:39 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame D33D 9 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 10:01:18 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame D33D 149 KB
44 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC7eZNThpjgXe5H0QwBN-XsQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 10:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Dec 2022 10:01:18 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame D33D 125 KB
41 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 20:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41862
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 15:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 20:17:21 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A37F 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.mensxp.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.mensxp.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 12:33:36 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 849E 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.mensxp.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.mensxp.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 12:33:36 GMT

GET
H2 200 summary Show response
shopapi.mensxp.com/api/v1/product/ 135 B
565 B 151ms
151ms Fetch
application/json 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://shopapi.mensxp.com/api/v1/product/summary?p=
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/dist/main.0e5234403f4408e8fce1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Bhoot /
Resource Hash: 43d8bc325dd2e3ba1997dc14e40ca10ae04064d41e878d24f1976d3db25921bd

Request headers

Accept: application/json
Referer: https://www.mensxp.com/
X-Bot-Request: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
server-timing: cdn-cache; desc=MISS, edge; dur=135, origin; dur=3
access-control-allow-headers: Origin, Accept, Accept-Language, Accept-Encoding, Content-Language, Content-Type, Content-Length, Cache-Control, User-Agent, X-Session-Id, X-Bot-Request, *
content-length: 135

OPTIONS
H2 200 summary
shopapi.mensxp.com/api/v1/product/ Frame 0
0 198ms
198ms Preflight 2a02:26f0:6c00::210:bb43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://shopapi.mensxp.com/api/v1/product/summary?p=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Bhoot /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-bot-request
Origin: https://www.mensxp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Bhoot
content-length: 0
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-allow-headers: Origin, Accept, Accept-Language, Accept-Encoding, Content-Language, Content-Type, Content-Length, Cache-Control, User-Agent, X-Session-Id, X-Bot-Request *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *

GET
H2 200 BB-YT_6194e455e930f.jpeg
img.mensxp.com/media/content/2021/Nov/ 1015 B
1 KB 21ms
20ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/BB-YT_6194e455e930f.jpeg?w=32&h=15&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4d329d4388e984803eab7ea8e1c966ab469825ebeaf2d535698f2f34160a52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1015
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Nov 2021 11:17:10 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29804007
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Thu, 17 Nov 2022 11:27:03 GMT

GET
H2 200 Meenakshi-Sundareshwar_61926231c7cbb.jpeg
img.mensxp.com/media/content/2021/Nov/ 782 B
1 KB 22ms
21ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Meenakshi-Sundareshwar_61926231c7cbb.jpeg?w=32&h=15&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

24da24caa15683000e7f5503739d3d1033c596e3a26bbb55845f1c1c11d97d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 782
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 14:18:49 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29641772
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 15 Nov 2022 14:23:08 GMT

GET
H2 200 Venom-2_619266110f7aa.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
1 KB 24ms
23ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Venom-2_619266110f7aa.jpeg?w=32&h=15&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

660b76c05743d9d3764b7df4a2199e50908c475c3036c5827423287e19401899

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1101
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 14:04:21 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29641722
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 15 Nov 2022 14:22:18 GMT

GET
H2 200 Rashmi-Rocket_6192639ddbf2a.jpeg
img.mensxp.com/media/content/2021/Nov/ 778 B
1 KB 28ms
28ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Rashmi-Rocket_6192639ddbf2a.jpeg?w=32&h=15&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0c984ff7f8de894773afc30f2737205f3cf8e7e5a271c8d5b88404c6684991c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 778
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 14:04:21 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29641758
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 15 Nov 2022 14:22:54 GMT

GET
H2 200 Satyameva-Jayate-2-and-Chandigarh-Kare-Aashiqui-traile_6192605d4fac0.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
1 KB 29ms
29ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/Satyameva-Jayate-2-and-Chandigarh-Kare-Aashiqui-traile_6192605d4fac0.jpeg?w=32&h=15&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c3f123aeaaaac1fdcdac82e99fa0a7949a6c6b0549170f49601df6df62569c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1055
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Nov 2021 14:18:49 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=29641740
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 15 Nov 2022 14:22:36 GMT

GET
H2 200 desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.css
www.mensxp.com/dist/ 17 KB
5 KB 31ms
30ms Stylesheet
text/css 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.css

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/runtime.8119d6d4a1e91dfdd06d.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8a5a11591126cde6eabda13a258e4233c165f64b268dfb5977bff9f5d670045d

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 4175
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097629
access-control-allow-credentials: false
etag: W/"4467-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:47:25 GMT

GET
H2 200 desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.js Show response
www.mensxp.com/dist/ 29 KB
8 KB 32ms
32ms Script
application/javascript 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mensxp.com/dist/desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/runtime.8119d6d4a1e91dfdd06d.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bde89f49e049eeeeddd05fcfcbbc89c2a867d1afc9748b36d80ef1415003f438

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 7713
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 29 Nov 2021 12:20:51 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31097601
access-control-allow-credentials: false
etag: W/"73ca-17d6ba404b8"
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 02 Dec 2022 10:46:57 GMT

GET
H2 200 white-right-arrow.svg
www.mensxp.com/images/desktop/ 254 B
602 B 15ms
14ms Image
image/svg+xml 2a02:26f0:6c00:281::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mensxp.com/images/desktop/white-right-arrow.svg

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/dist/desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:281::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c409854587bb80f34e59d25f0de60f28b46228a41462f662ae71a941f313791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/dist/desktop-ProductSummary.2dd43e8bc1a2d036ec1e.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 198
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 10:06:55 GMT
server: nginx
x-frame-options: sameorigin
date: Tue, 07 Dec 2021 12:33:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: false
etag: W/"fe-17cdaf75618"
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 14 Dec 2021 12:33:36 GMT

GET
H2 200 grey-camo-print-arm-yourself-re-usable-mask-106513-default.jpg
img.mensxp.com/media/shop/catalog/products/G/709096/ 1 KB
2 KB 21ms
18ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/G/709096/grey-camo-print-arm-yourself-re-usable-mask-106513-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d89859e15fa9bb189cb0dbae882c2fb1901a792eb35060525a1219ec8ee12883

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1375
x-xss-protection: 1; mode=block
last-modified: Tue, 26 May 2020 14:01:23 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14334329
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sun, 22 May 2022 10:19:05 GMT

GET
H2 200 5-1583998351.jpeg
img.mensxp.com/media/shop/catalog/products/5/ 906 B
1 KB 23ms
20ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/5/5-1583998351.jpeg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d98ccc1b4efaa80cb2d94528aa1d7c5489529b4484fa852e8d1482a5ce5c8b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 906
x-xss-protection: 1; mode=block
last-modified: Wed, 05 May 2021 12:52:57 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15208740
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 01 Jun 2022 13:12:36 GMT

GET
H2 200 yellow-printed-sunshine-and-smile-re-usable-mask-265036-default.jpg
img.mensxp.com/media/shop/catalog/products/Y/709093/ 1 KB
2 KB 25ms
21ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/Y/709093/yellow-printed-sunshine-and-smile-re-usable-mask-265036-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d199dd7763ec9875596960d016e0b8bf3b907779788d1d3fe8ce4e1e2af5e24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1317
x-xss-protection: 1; mode=block
last-modified: Tue, 26 May 2020 14:02:35 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16674299
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 18 Jun 2022 12:18:35 GMT

GET
H2 200 myntrasurfacedisinfectant-1628165700.jpeg
img.mensxp.com/media/shop/catalog/products/M/ 1 KB
2 KB 27ms
24ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/M/myntrasurfacedisinfectant-1628165700.jpeg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

522732b39590fc0563a7daf62ef0caf84aa4fc6a5c0c6a0b2cc8a4aab7b97d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1381
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 12:17:39 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=20821243
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Fri, 05 Aug 2022 12:14:19 GMT

GET
H2 200 myntra-veggie-cleaner-1628165738.jpeg
img.mensxp.com/media/shop/catalog/products/M/ 2 KB
2 KB 30ms
28ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/M/myntra-veggie-cleaner-1628165738.jpeg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6e78f024fd4308a09426ced6a69fd3c70655b23d77b1263fbd2611be8ec55ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1841
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 12:17:40 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=20821444
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Fri, 05 Aug 2022 12:17:40 GMT

GET
H2 200 pee-safe-intimate-wash-100-ml-134526-default.jpg
img.mensxp.com/media/shop/catalog/products/P/709803/ 938 B
1 KB 31ms
29ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/P/709803/pee-safe-intimate-wash-100-ml-134526-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

27b9c2230b4e6f130bf4a0d342dedb5fea7bc3bd23b6b045f7498d473156f37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 938
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Aug 2020 18:18:32 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14269896
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 21 May 2022 16:25:12 GMT

GET
H2 200 the-essential-wellness-kit-205164-default.jpg
img.mensxp.com/media/shop/catalog/products/T/708089/ 1 KB
1 KB 33ms
31ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/T/708089/the-essential-wellness-kit-205164-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e1a9a6545e3a3e984d936213b12909cbbe9d3937aad27ed015b5f5fb7909a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1043
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Jul 2020 18:11:54 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16772194
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sun, 19 Jun 2022 15:30:10 GMT

GET
H2 200 samudra-blue-handmade-ethnic-yoga-bag-176825-default.jpg
img.mensxp.com/media/shop/catalog/products/S/711496/ 1 KB
2 KB 34ms
32ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/S/711496/samudra-blue-handmade-ethnic-yoga-bag-176825-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f77088058757d022422e4272c1a66a8755892d7d3cf850e385df9fd5b666e406

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1114
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Aug 2020 12:52:47 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14272150
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sat, 21 May 2022 17:02:46 GMT

GET
H2 200 blue-and-green-stance-reversible-mat-with-guildalign-with-bag-16297-default.jpg
img.mensxp.com/media/shop/catalog/products/B/710170/ 781 B
1 KB 35ms
33ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/B/710170/blue-and-green-stance-reversible-mat-with-guildalign-with-bag-16297-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

60c5b08a39edcde099852d230be55b8ab7f873c483dc1e9d306d996fb8701e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 781
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Aug 2020 18:18:32 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=20415792
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Sun, 31 Jul 2022 19:36:48 GMT

GET
H2 200 f9-pre-workout-in-fruit-punch-flavour-25-servings-200-gm-149482-default.jpg
img.mensxp.com/media/shop/catalog/products/F/708968/ 2 KB
2 KB 36ms
34ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/F/708968/f9-pre-workout-in-fruit-punch-flavour-25-servings-200-gm-149482-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

890aa5604151b6c1af3890b9cbb7c30535fe2122e1a60679ffa42b32e50a475d

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1703
x-xss-protection: 1; mode=block
last-modified: Sun, 31 May 2020 04:16:54 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15201052
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 01 Jun 2022 11:04:28 GMT

GET
H2 200 test-plus-testosterone-booster-60-tablets-132725-default.jpg
img.mensxp.com/media/shop/catalog/products/T/708964/ 1 KB
2 KB 36ms
35ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/T/708964/test-plus-testosterone-booster-60-tablets-132725-default.jpg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

dbaadca2c5d1ea83866b56337f26780401867c072778ad83de3db8081b5d0027

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1456
x-xss-protection: 1; mode=block
last-modified: Sat, 08 Aug 2020 12:52:48 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=19003840
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Fri, 15 Jul 2022 11:24:16 GMT

GET
H2 200 myntra-dryhandwash-1628164473.jpeg
img.mensxp.com/media/shop/catalog/products/M/ 1 KB
2 KB 36ms
35ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/shop/catalog/products/M/myntra-dryhandwash-1628164473.jpeg?w=32&h=42&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2d6454f5044dbf558cf8adc5b37725afbe41c659f7ef94b37e50e308425b441c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1184
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 11:55:28 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=20820081
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Fri, 05 Aug 2022 11:54:57 GMT

GET
H2 200 arj Show response
timesinternet-d.openx.net/w/1.0/ 73 B
380 B 43ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3b2e953b-bc2a-4dc1-8f9b-5507d7739139&nocache=1638880416907&aus=728x90%2C728x250%2C610x70&divIds=div-gpt-ad-97379-119-0&auid=551038815
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: fb5bd379a1ef72c564b7030a2991b151351cc61e888e2fc5cb935c9a734d9fb4

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:36 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.mensxp.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 99ms
66ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mensxp.com
date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
331 B 110ms
85ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=730668&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22761e7db3fc7af9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228b263fa8eb995%22%2C%22ext%22%3A%7B%22siteID%22%3A%22730668%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2290818bdb739ebd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22730668%22%2C%22sid%22%3A%22728x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22101507f35ef9d2b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22730668%22%2C%22sid%22%3A%22610x70%22%7D%2C%22banner%22%3A%7B%22w%22%3A610%2C%22h%22%3A70%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 19364440919593172205d89c97153832ea73f90f40fd0765db1e35f1f3d213e1

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.183], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.mensxp.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 151ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mensxp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 155ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mensxp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
266 B 292ms
291ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=953368425978189&correlator=1407462459090980&output=ldjh&impl=fif&eid=31063908&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7176%2CMensXP%2CMensxp_ROS%2CMensXP_ROS_InArticle_1x1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&eri=1&cust_params=sg%3D%26HDL%3D%26SCN%3DEntertainment%26Hyp1%3D%25E2%2580%2598Talent%2520Doesn%25E2%2580%2599t%2520Matter%25E2%2580%2599%253A%2520Vivek%2520Oberoi%25E2%2580%2599s%2520Strong%2520Arguments%2520Prove%2520Bollywood%2520Is%2520Driven%2520By%2520Godfathers%26Tmpl_SCN%3Dshowpage_articles%26SubSCN%3DCelebrities%26BL%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1638880417&dt=1638880417054&dlt=1638880414957&idt=375&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=8684&adks=2501022195&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1100x0&ga_vid=178687869.1638880415&ga_sid=1638880417&ga_hid=947830621&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cb316ff85ec3464fbd269175e26ba65830d0e1d6344baefc567e2c69118e9c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 293ms
293ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=953368425978189&correlator=1407462459090980&output=ldjh&impl=fif&eid=31063908&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7176%2CMensXP%2CMensXP_Entertainment_AS%2CMXP_ROS_ENT_AS_BIG1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1100x250&prev_scp=pwtsid_pubmatic%3D98bb8cf77cabcf%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=sg%3D%26HDL%3D%26SCN%3DEntertainment%26Hyp1%3D%25E2%2580%2598Talent%2520Doesn%25E2%2580%2599t%2520Matter%25E2%2580%2599%253A%2520Vivek%2520Oberoi%25E2%2580%2599s%2520Strong%2520Arguments%2520Prove%2520Bollywood%2520Is%2520Driven%2520By%2520Godfathers%26Tmpl_SCN%3Dshowpage_articles%26SubSCN%3DCelebrities%26BL%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1638880417&dt=1638880417059&dlt=1638880414957&idt=375&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=5852&adks=55653864&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1130x35&msz=1100x35&ga_vid=178687869.1638880415&ga_sid=1638880417&ga_hid=947830621&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

69738a39c41ad722f6588996e433f0768beaa9931a3f0778674839123c04a4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9216
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 526ms
525ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=953368425978189&correlator=1407462459090980&output=ldjh&impl=fif&eid=31063908&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7176%2CMensXP%2CMensXP_Entertainment_AS%2CMXP_ROS_ENT_AS_INST_728&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C728x250%7C610x70&prev_scp=pwtsid_pubmatic%3D104579e62019927%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=sg%3D%26HDL%3D%26SCN%3DEntertainment%26Hyp1%3D%25E2%2580%2598Talent%2520Doesn%25E2%2580%2599t%2520Matter%25E2%2580%2599%253A%2520Vivek%2520Oberoi%25E2%2580%2599s%2520Strong%2520Arguments%2520Prove%2520Bollywood%2520Is%2520Driven%2520By%2520Godfathers%26Tmpl_SCN%3Dshowpage_articles%26SubSCN%3DCelebrities%26BL%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1638880417&dt=1638880417061&dlt=1638880414957&idt=375&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3154060286&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x2952&msz=740x35&ga_vid=178687869.1638880415&ga_sid=1638880417&ga_hid=947830621&ga_fc=true&fws=0&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4ca8570ae77c0b963a918056bdeef90226cb11625118c7ab47b142eb477bfbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8949
x-xss-protection: 0
google-lineitem-id: 5645538193
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343319132
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 793ms
793ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=953368425978189&correlator=1407462459090980&output=ldjh&impl=fif&eid=31063908&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7176%2CMensXP%2CMensXP_Entertainment_AS%2CMXP_ROS_ENT_AS_MST&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1100x250%7C1100x400&prev_scp=pwtsid_pubmatic%3D1191569e147b167%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=sg%3D%26HDL%3D%26SCN%3DEntertainment%26Hyp1%3D%25E2%2580%2598Talent%2520Doesn%25E2%2580%2599t%2520Matter%25E2%2580%2599%253A%2520Vivek%2520Oberoi%25E2%2580%2599s%2520Strong%2520Arguments%2520Prove%2520Bollywood%2520Is%2520Driven%2520By%2520Godfathers%26Tmpl_SCN%3Dshowpage_articles%26SubSCN%3DCelebrities%26BL%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1638880417&dt=1638880417063&dlt=1638880414957&idt=375&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=134&adks=3578026800&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&ga_vid=178687869.1638880415&ga_sid=1638880417&ga_hid=947830621&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d55ff5bce3ff0c6f71d190d5894c28711b74240ab5d6bc8106f0cb6bb7a1ee1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9738
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 132ms
21ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7d1c0f53dc25d0d395a538fc0faada370a0d7608565479e6f4397bbf4783829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8497
x-xss-protection: 0

GET
H2 200 container.html Show response
914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2091 6 KB
4 KB 54ms
16ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:33:37 GMT
expires: Wed, 07 Dec 2022 12:33:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0AA4 38 KB
14 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=26230
expires: Tue, 07 Dec 2021 19:50:47 GMT
date: Tue, 07 Dec 2021 12:33:37 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9646 2 KB
1 KB 84ms
27ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 07 Dec 2021 12:33:37 GMT
Connection: keep-alive

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 751C 0
91 B 23ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0AA4 2 KB
2 KB 75ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72506714&p=23105&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: eac0c8aea9af2ec0b8e350226766bd73298c30791dba8ceb3a730b23ebd75f9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1937
content-type: text/html; charset=UTF-8

GET
H2 200 People-Call-Allu-Arjun-And-Fahadh-Faasils-Pushpa-The-Rises-Trailer-A-Masterpiece-600x90_61af3a346cebe.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 53ms
49ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/People-Call-Allu-Arjun-And-Fahadh-Faasils-Pushpa-The-Rises-Trailer-A-Masterpiece-600x90_61af3a346cebe.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d9d2a11c68822a03416d53d8ae594e14e9093e19516f4877d43b78b10078b900

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1083
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 11:03:12 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31530504
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 11:02:01 GMT

GET
H2 200 Header-Kat-Sanju_61af340e9f9e3.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 65ms
61ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Header-Kat-Sanju_61af340e9f9e3.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

b353e602ef135ee0c14e1e14a6e60aa93afa5643f56bd58ea5fde0153448aa67

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1071
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 10:27:14 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31533966
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 11:59:43 GMT

GET
H2 200 How-Nushrratts-Parents-Reacted-To-Her-Outfit600_61af32bf812b9.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 79ms
75ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/How-Nushrratts-Parents-Reacted-To-Her-Outfit600_61af32bf812b9.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

873d2fccec86f8c83f74fd2470b16953e304767c8466bc95909ee4a65962198f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1076
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 10:15:13 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31527640
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 10:14:17 GMT

GET
H2 200 When-Katrina-Kaif-and-Hrithik-Roshans-Steamy-Kiss-In-ZNMD-Became-A-Problem-For-Zoya-Akhtar-600x900_61af19c627e5d.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 79ms
75ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/When-Katrina-Kaif-and-Hrithik-Roshans-Steamy-Kiss-In-ZNMD-Became-A-Problem-For-Zoya-Akhtar-600x900_61af19c627e5d.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a44588e115a7d3af52c304857aeb8a43885b3276a22666ea0577f1cb774271d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1037
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 08:29:03 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31523194
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 09:00:11 GMT

GET
H2 200 Sara-Tendulkar-Makes-Modelling-Debut-600x900_61af08ac80790.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 84ms
79ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Sara-Tendulkar-Makes-Modelling-Debut-600x900_61af08ac80790.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8bd02ce25f6b0db0bffd4b64e96d7a35717930453ba1340a7b2d286457d155e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1097
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 07:20:51 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31522331
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 08:45:48 GMT

GET
H2 200 Samanthas-Statement-On-Her-Separation-With-Naga-Is-Heartbreaking-600x900_61af038f6158f.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 86ms
83ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Samanthas-Statement-On-Her-Separation-With-Naga-Is-Heartbreaking-600x900_61af038f6158f.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

581f3b3795c71847af7ff7a581eddc9fbbfb402114dd309bd3735f381c455827

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1035
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Dec 2021 07:04:15 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31517747
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 07 Dec 2022 07:29:24 GMT

GET
H2 200 When-Nargis-Continued-Kissing-Emraan-After-Cut600_61add86f3df5b.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 89ms
86ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/When-Nargis-Continued-Kissing-Emraan-After-Cut600_61add86f3df5b.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d37891a2199795c5e942a0d8ac48699d9e704c9511e0c4237d5c5ef040bdca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1050
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 09:39:35 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31444093
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 11:01:50 GMT

GET
H2 200 Expensive-Gifts-Received-By-Jacqueline-Fernandez600_61add30cac1e2.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 90ms
87ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Expensive-Gifts-Received-By-Jacqueline-Fernandez600_61add30cac1e2.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bf9401209831551b9c93e83c836d9f745cc2d669d9de417cf0be426d38789865

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1078
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 09:39:35 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31441308
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 10:15:25 GMT

GET
H2 200 Jacqueline-Received-Gifts-Worth-Crores-From-Sukesh600_61adc7450c747.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 91ms
88ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Jacqueline-Received-Gifts-Worth-Crores-From-Sukesh600_61adc7450c747.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

3f38d82d65420e2a1315753f2ac864f5113ecff662c3ed21cd6ef5a6f08f84fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1050
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 08:30:50 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31435063
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 08:31:20 GMT

GET
H2 200 Kohli-Mocks-Umpire-Offers-To-Swap-Roles600_61ada7bec490c.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
1 KB 92ms
90ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Kohli-Mocks-Umpire-Offers-To-Swap-Roles600_61ada7bec490c.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

538aef741c54ee0cf9999dd62e7abc29e0fd604b81244e0f2bea2fdfdb11830c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1055
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:30:51 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31427861
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Tue, 06 Dec 2022 06:31:18 GMT

GET
H2 200 Kohli--Co-Become-Kids-In-Front-Of-Dead-Spidercam600_61acab3eb59f3.jpeg
img.mensxp.com/media/content/2021/Dec/ 1013 B
1 KB 94ms
92ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Kohli--Co-Become-Kids-In-Front-Of-Dead-Spidercam600_61acab3eb59f3.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d33bca22293dfa9a43d898abe90ef2dfa12abc5acc3f7ec8fa5877cbdf5a3616

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1013
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Dec 2021 12:30:35 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31363034
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Mon, 05 Dec 2022 12:30:51 GMT

GET
H2 200 Aayush-Sharma-Was-A-Part-Of-Yeh-Jawaani-Hai-Deewani600_61ac967c75a72.jpeg
img.mensxp.com/media/content/2021/Dec/ 966 B
1 KB 96ms
94ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Aayush-Sharma-Was-A-Part-Of-Yeh-Jawaani-Hai-Deewani600_61ac967c75a72.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e09217dbdecf26a3d8b3e768d126f2b427e239f4fb20904e32ed2b2f710ab4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 966
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Dec 2021 11:25:39 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31359537
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Mon, 05 Dec 2022 11:32:34 GMT

GET
H2 200 Shave-Moustache-Fans-To-Ashwin-After-Pujaras-600_61ac522cc25c1.jpeg
img.mensxp.com/media/content/2021/Dec/ 1 KB
2 KB 98ms
97ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Dec/Shave-Moustache-Fans-To-Ashwin-After-Pujaras-600_61ac522cc25c1.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4212095932a75294e5b7e2a00d63a9c065a857e9f5d0e25a93df753072896abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1129
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Dec 2021 05:59:36 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31339594
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Mon, 05 Dec 2022 06:00:11 GMT

GET
H2 200 barwara-fort-header-six-senses_618fb8f0ab059.jpeg
img.mensxp.com/media/content/2021/Nov/ 1 KB
2 KB 243ms
242ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2021/Nov/barwara-fort-header-six-senses_618fb8f0ab059.jpeg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

c8944741601a4e077c2a1f4661f9128c09fbf8721aac08ed0f9cf97d921701a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 1174
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 13:27:36 GMT
server: Bhoot
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31006560
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Thu, 01 Dec 2022 09:29:37 GMT

GET
H2 200 vertical-thumb-1510066829.jpg
img.mensxp.com/media/content/2017/Nov/ 791 B
1 KB 102ms
101ms Image
image/jpeg 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.mensxp.com/media/content/2017/Nov/vertical-thumb-1510066829.jpg?w=32&h=48&cc=1&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2f509dc59b610fc94eb6ae2e52a04d298a0ca88a95b16c03f4b6e2361f3adfcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cool: 21.18
content-length: 791
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jul 2020 12:12:57 GMT
server: nginx
date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10967873
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Set-Cookie, Cookie
x-webkit-csp: default-src 'self'
access-control-allow-method: GET, POST, PUT
expires: Wed, 13 Apr 2022 11:11:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE52 13 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 12:23:06 GMT
expires: Wed, 07 Dec 2022 12:23:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 75B1 783 B
535 B 39ms
22ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

642f6393e5dd0d52d15059d0505c34cec3c9aeddb2052c18f316cc212254f397

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-khp+BYqsSkK7ofEdWmgzYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 12:33:37 GMT
date: Tue, 07 Dec 2021 12:33:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-khp+BYqsSkK7ofEdWmgzYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 899B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

83ms
81ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b168e569fcfb233d0dcc8355972de057285b8ffcc0f9b9db8898e5ba0db7194

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|8|90|218|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1636
Expires: Tue, 07 Dec 2021 12:33:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 07 Dec 2021 12:33:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Connection: keep-alive

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B6EA
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3940066813531833442

42 B
366 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3940066813531833442
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 10:45:12 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0021:0:505
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3940066813531833442
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E10E 43 B
334 B 64ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 07 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 729965

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjc2MjRENTctQjBCQi00RDc0LUE2NEItQzVGNzZGQTFERkJE&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjc2MjRENTctQjBCQi00RDc0LUE2NEItQzVGNzZGQTFERkJE&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

19ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:351
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFhaKi7duQPbyIhKIikaiLE&google_cver=1

42 B
437 B

20ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFhaKi7duQPbyIhKIikaiLE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:390
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFhaKi7duQPbyIhKIikaiLE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0AA4 43 B
618 B 125ms
67ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 06 Dec 2021 12:33:37 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:872761af-54a1-4c00-b59d-b5aec770a28e&gdpr=0&gdpr_consent=

42 B
649 B

63ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:872761af-54a1-4c00-b59d-b5aec770a28e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:468
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: MT3 4133 baa842e master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:872761af-54a1-4c00-b59d-b5aec770a28e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 12:33:36 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c5d32968-8ba7-41b2-b7cc-a37223244681

42 B
293 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c5d32968-8ba7-41b2-b7cc-a37223244681
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:740
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c5d32968-8ba7-41b2-b7cc-a37223244681
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=881386468935151845

42 B
233 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=881386468935151845
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:405
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=881386468935151845
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5563382784128976257&gdpr=0&gdpr_consent=

42 B
520 B

27ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5563382784128976257&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:311
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 99de1b81-48c0-444f-9dce-2842ffb7f2a1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5563382784128976257&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0AA4
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU

42 B
313 B

61ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:36 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:428
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame DE52 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 02:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 02:46:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 75B1 0
0 115ms
108ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=953368425978189&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 container.html Show response
914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7675 6 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:33:37 GMT
expires: Wed, 07 Dec 2022 12:33:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E321 624 B
733 B 43ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNU116tcYgH6Jop42rU7CIiPimlAHZqqhUSrECb85s6zI09bihgTudJErmwBeX80ZixtdGUuIfi929_1DhQHaCM9eFvDCTHJjXU0mhPM1UH0DX-hTqWB8l53E_d-P13mkSn_Dp_m_VkCogIp8V90Lo_tty2MTH0WAR-mjR7eAdJpOCf1uRA

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 12:33:37 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 21F1 24 KB
14 KB 68ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdNgH6WnVVLRQ3qgx6LcwwzPOr4HYr-faZpmX15jQxpmCUiKpGDCJ7pL-HottiY9XssW9F2MXgbUNxb1pKWsNyuF1FOxzTO-_7Pplfpsn2D8Sx8B6iqHHgAA7UoLgjyWrIZfgTrrQv-GwxLCyQFwt-BYMjLg&cry=1&dbm_d=AKAmf-BQIzcTkY98zTf-yzW3mnrHmWSsSck78AE-PI883CeO_fc7aCI0hatvwYh5lO4SlG6GNdyQMa-v6kczTnKWkSwrG2APdWGgf7CkKIS611xP2OHNhj-BYQkaUNIcBKVpaL2tV0s5dBY3C4l3FyHd_g9KBj9ZX5o2YlRTyb1ZgdUlHG7kkMvT8tjPOBFlw4NYqBenUhe85bkBMpzoy01DR6sBv1BGVXGBua6-ZLSVr18u6kUycFmiKG6WZxALPHEjjCvbCKoLEVDp64JKbe9JFh0M64Exsq2Ga8H8d7NBsQSie5ZDNeiULDaKBBJ3jy_5pIKXEvpF4M9bYJik4T6uTm4sY9Dfm7vPL30yVpYm25bMBmn4S2sjnZRiWb27vKiQo3jX4DlxrlGLN4_MN61xyAkyRCn--NNiw8afwPw6B3sSa22u7d1M4DKPYpNoAAuilYRDrJpf62trOD24eouRZqAF4-TNDDUtaMsBOjxtLDk_TKNcl5IcwO8Zz4Urag0hPxZtTWvmDx9jAXz70_pHJYmXICpmbt0RMCgzwVT_GrdIw8u5iKJTzQQwNkJOL_VZSPQE_GQzzZiVDUtGFeCSk0YQ5W8ZSYfi_s8c9U2nKnUTBf1QQA_8rItEZnS_vdPZ3D6mBPhzfZ1CcM_Mnirio6DdI3cvFYmpoFid42NA4kSXqeprwKFlyV_1lP0rCenebMx9Q40SIBpJPtCXR95wocKrfPRkEBlCQYorUO8D8SK63OT1pP-MYzWwXzwBB1GCKsT4ZDShYeHph5X98Hsw8eXE0eEOWzrpDCu64SLv5yG-h1iwYOEp7pNtPb5d9IpbTMixTajMI4L3FBL2qUyhRANa3ERtPMXIeLWhyURgfxDweed770WmEVZJNsovA-HncoNBe1_ht_VkYy7zTErhlWv63BMEBDQpXYZpC085VH70slpG5fQNGSwZe5cL1zei5XRFoRfuFVci7-NcszuCXHJTgw4XblB7m1GJmKVwnJeLp9WdGpR6aSd9swgsc8ch_YRXyua6RDFk9x3MzzkTFlD6IBxo-O5xge8Fi8JFobMOH-nccRNj02eHshnmHjRj7WYM00hVMNG05r984VPGAIs5D75rO9CD1t3IFONbNYfTH7-fuuCl6fai_FelCrfBuIGSImgbJqBnELz6UyGosZ1cUkYPoV1ZsR8i3Cx4IUD65koD-tJiC0fMR_OD0OyaneUDxr1nJaQhuFRB5kAxBnPS85bxLIZbzTS8CI6vmSjTV2BlGIZdNhUEt9ldq4g01UBJAsvXzGdoBMhF9pWmT8q-pbO-mRj-YKT4Tfypb9JTDfjnf3VbX0yAbCIFK2VNBQ3GV2xfxdWcFWKgcwkoz2_6IJ2mVLZRe4HoQd7yoS1z-OPh6PEj8ofs-4ClGvhMRFjSHRu7yDW_sb4rgIS6zLcypiSFIeU--wn_atPTFAnqkTX7N8LaqOUOIJDQ8_Hez3LgKZdePWxMtmh6dk4SuFmLWJxHhj2yzp9R71cQ6QSOBD6C930lbreZuK1Cl7FJrEhz2SEmTLEoJgPxM83PMZ3LtRqxhxYWkNo1c80jatk4WNJrQLTDlyXWeG5HnUGMl72YHd1uuqMH_r5YUfwiBHCquGbv7i5E-Aop85x_ItIUsagX0azVgx0oQrzk6Q0L_pbxIj3Votx-oUGswOEpZluChS9cdP7SXv3scVMOALNQ-OkWUux3-Hxqzkf4Plq8WKUArV758sK1qSdR8L_zMv9YFHMgjTvPLHCKiBS_Z0bZYt-Df65YpJKTH1JX_21Ndk4lfpNYI1ajCLoz7ymBVi48nceI6B-Ult0CaktAu6Bhb4b4QKVy5pvmfxg2UUw9Diu8SgAKsasNgW573OSr7huDQCHACE4rnMKRfibIGzvW1YGTFwIvvd1L7BaKyHpex1XEF4k4Uw6vHlZu_tfP1QkkSi2eb7SMm7sRJvqOGatoQCCT49couDUI37N_JFUYz1IINaTa9cw2K3ftSmcseifc726hdkkHyyODYNxgWR6dJS5ROrQCIHfd2doh4VWr356GOzfb9JocgVxGjE2QDdyvlwEor7LC4zz7mIOvOcGeuNzZNAyhS_3gtK8xaF5ziwffw8lMHdHsyae7v2rC4xuFeJ6-wvwZ1DuIwuBtjcR5aYbC53sdr-rU6EJ5aeekfXqAx83hYW2K9GV5DsM1bnRMATSMV7xy2PgZ8Pv2UeaJ6FO6_dQ4Hcm3W9NJet8zlTkgt9ZwbsS6uLAJUC8yxrpKZUE1Eiu9O8cdz5R-B7YcNq0EJ4DLgyXq9oc848I0aQYPU8BXr4DlMUHkkpLBuvk_EKB5UlcdZ6H8BFKmXFq-Cp4TY6h0tXzF3j3GINF7UxpB0O5ve3ydn28BCJ4ZL9c2GWE82tEtuFbF896C51H1g6WbKY9JP_WI3s74ThVR_t8pl8mY5N8dPLnKASvyng0oy05jCbu4lL9GTMEiHK66lZy8Y0QbwQbXlvF3tNXhyXulZAG-fPygCUGatYx_xNx_Z5fsoXlAF-nv270ZnINEKJ1I_Dr7W0BJeHpi-TpVdl9m0k_jB6dajyeuFnZnSLMCNpoXaJffLkA7V8TjoAT8OdglDr0jOLYAllC_7YJIgATBzYBaw3eL8sceXrCUVHP2Z0hos6ggeQX5-ffRKLksVanHTja1-Xk15zvESUfz-HUFC4bAg0WsQw_MZpyUT3Q0Mmm_ov5UeU1RCzkbeZ37yiXnQpHvBU95FTWYrcy9MSW1_UHnAccXIBhhpKceFxOq3-goC2Wso3FKsB_LwgV-aIeLp8p2yiTtgbBzEH5I2CogI_9-qdnM2NL2bi47hX2DR1xLNw0cevf4wI1u6FH6I6PjOKFCNmj6DEdSBnLFFI7OwU1GlP0cosc8U8KMwnAWA0lofFvAorlemVKaHjbKllKmqWbafFIUcyRL9VxIC2pYm48sWvp_XzJt0H5H7aN_hkd055j_bTpEu0JzibWYBMIKhA8mksxS3pqRtMJNVGWe04Lg1vpX2RDq-Nluk3Ufn07Nh9HAegol83uz0EHYAO1SYKZHFxVOM5eBi7SXBuirkdjxPffbiSVsKue2iSB3cGdKwWPa9or6QUp8FmA1AW35WMqlcV4_yEXBXIG5OeiaguDsc6inn9xwjIt6XIfmoboYhN9Ygc5h8-ACKybTP0DmCr-R5sE6ayFeRKB9jx83AudQ&cid=CAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA&rfl=2%2Chttps%253A%252F%252Fwww.mensxp.com%252F%240

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67e710a210c8f00d9ba41f2983929c546dc73401fa7cd8321fa08c50befdf7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 21F1 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:30:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21F1 119 KB
37 KB 59ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 21F1 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:21:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21F1 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BY6Vx_hksms7w1jF0ks1nbXjgXmmVYKy5_TQ3sRXQqbdB2_TIg1Btny1mHzCU7GSPgRYSWhsFD_0see6zUjlZLBYEC9o1n8fjhNl4olboHq2QtXSA

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 899B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&dcc=t

43 B
645 B

105ms
104ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y0YWFRSQVKDV2AB5V7A0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GX9YMRKVZN20V0M3KZG2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 899B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ya9UoTTk-JIWfJTKJioSMQAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECVRSymjePsBDEYUY4xZ31s&google_cver=1

43 B
315 B

25ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECVRSymjePsBDEYUY4xZ31s&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECVRSymjePsBDEYUY4xZ31s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 899B 70 B
264 B 34ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 899B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ya9UoTTk.JIWfJTKJioSMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 899B
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f9832eba-ced6-47a0-a572-91c238837755&expiration=1670416417

43 B
1 KB

64ms
64ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f9832eba-ced6-47a0-a572-91c238837755&expiration=1670416417
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f9832eba-ced6-47a0-a572-91c238837755&expiration=1670416417
date: Tue, 07 Dec 2021 12:33:37 GMT
server: Kestrel
content-length: 0

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 899B
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
278 B

20ms
20ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 06 Dec 2021 12:33:37 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=Ya9UoTTk.JIWfJTKJioSMQAA%261179
dpm.demdex.net/ Frame 899B 0
0 124ms
31ms Image
application/json 63.35.205.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ya9UoTTk.JIWfJTKJioSMQAA%261179?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.205.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-205-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 899B
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=h2qzY4RvszScbuYxhmP_ZIZv4mCcY7BhgWub0eAp

43 B
1013 B

64ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=h2qzY4RvszScbuYxhmP_ZIZv4mCcY7BhgWub0eAp
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=h2qzY4RvszScbuYxhmP_ZIZv4mCcY7BhgWub0eAp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 899B 43 B
425 B 19ms
18ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Ya9UoTTk.JIWfJTKJioSMQAA%261179
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mensxp.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3337
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 13:29:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E321
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1

43 B
1000 B

110ms
81ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNU116tcYgH6Jop42rU7CIiPimlAHZqqhUSrECb85s6zI09bihgTudJErmwBeX80ZixtdGUuIfi929_1DhQHaCM9eFvDCTHJjXU0mhPM1UH0DX-hTqWB8l53E_d-P13mkSn_Dp_m_VkCogIp8V90Lo_tty2MTH0WAR-mjR7eAdJpOCf1uRA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E321
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya9UoTTk.JIWfJTKJioSMQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&google_hm=2

43 B
1000 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNU116tcYgH6Jop42rU7CIiPimlAHZqqhUSrECb85s6zI09bihgTudJErmwBeX80ZixtdGUuIfi929_1DhQHaCM9eFvDCTHJjXU0mhPM1UH0DX-hTqWB8l53E_d-P13mkSn_Dp_m_VkCogIp8V90Lo_tty2MTH0WAR-mjR7eAdJpOCf1uRA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:33:37 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyH8ux51mR1ex_Twghg7Us&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E321
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHj3emySL-aOjxz6uuAx3oE&google_cver=1

43 B
1006 B

26ms
26ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHj3emySL-aOjxz6uuAx3oE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY5JzFlQEwAQ&v=APEucNU116tcYgH6Jop42rU7CIiPimlAHZqqhUSrECb85s6zI09bihgTudJErmwBeX80ZixtdGUuIfi929_1DhQHaCM9eFvDCTHJjXU0mhPM1UH0DX-hTqWB8l53E_d-P13mkSn_Dp_m_VkCogIp8V90Lo_tty2MTH0WAR-mjR7eAdJpOCf1uRA

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e2c66cae-a2ca-4d95-8c44-ca274ab38027
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHj3emySL-aOjxz6uuAx3oE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E321
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzM4Mjc4NDEyODk3NjI1Nw%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzM4Mjc4NDEyODk3NjI1Nw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f32f569b-beed-4d9a-b66f-b46baf5acf6a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzM4Mjc4NDEyODk3NjI1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 21F1 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdNgH6WnVVLRQ3qgx6LcwwzPOr4HYr-faZpmX15jQxpmCUiKpGDCJ7pL-HottiY9XssW9F2MXgbUNxb1pKWsNyuF1FOxzTO-_7Pplfpsn2D8Sx8B6iqHHgAA7UoLgjyWrIZfgTrrQv-GwxLCyQFwt-BYMjLg&cry=1&dbm_d=AKAmf-BQIzcTkY98zTf-yzW3mnrHmWSsSck78AE-PI883CeO_fc7aCI0hatvwYh5lO4SlG6GNdyQMa-v6kczTnKWkSwrG2APdWGgf7CkKIS611xP2OHNhj-BYQkaUNIcBKVpaL2tV0s5dBY3C4l3FyHd_g9KBj9ZX5o2YlRTyb1ZgdUlHG7kkMvT8tjPOBFlw4NYqBenUhe85bkBMpzoy01DR6sBv1BGVXGBua6-ZLSVr18u6kUycFmiKG6WZxALPHEjjCvbCKoLEVDp64JKbe9JFh0M64Exsq2Ga8H8d7NBsQSie5ZDNeiULDaKBBJ3jy_5pIKXEvpF4M9bYJik4T6uTm4sY9Dfm7vPL30yVpYm25bMBmn4S2sjnZRiWb27vKiQo3jX4DlxrlGLN4_MN61xyAkyRCn--NNiw8afwPw6B3sSa22u7d1M4DKPYpNoAAuilYRDrJpf62trOD24eouRZqAF4-TNDDUtaMsBOjxtLDk_TKNcl5IcwO8Zz4Urag0hPxZtTWvmDx9jAXz70_pHJYmXICpmbt0RMCgzwVT_GrdIw8u5iKJTzQQwNkJOL_VZSPQE_GQzzZiVDUtGFeCSk0YQ5W8ZSYfi_s8c9U2nKnUTBf1QQA_8rItEZnS_vdPZ3D6mBPhzfZ1CcM_Mnirio6DdI3cvFYmpoFid42NA4kSXqeprwKFlyV_1lP0rCenebMx9Q40SIBpJPtCXR95wocKrfPRkEBlCQYorUO8D8SK63OT1pP-MYzWwXzwBB1GCKsT4ZDShYeHph5X98Hsw8eXE0eEOWzrpDCu64SLv5yG-h1iwYOEp7pNtPb5d9IpbTMixTajMI4L3FBL2qUyhRANa3ERtPMXIeLWhyURgfxDweed770WmEVZJNsovA-HncoNBe1_ht_VkYy7zTErhlWv63BMEBDQpXYZpC085VH70slpG5fQNGSwZe5cL1zei5XRFoRfuFVci7-NcszuCXHJTgw4XblB7m1GJmKVwnJeLp9WdGpR6aSd9swgsc8ch_YRXyua6RDFk9x3MzzkTFlD6IBxo-O5xge8Fi8JFobMOH-nccRNj02eHshnmHjRj7WYM00hVMNG05r984VPGAIs5D75rO9CD1t3IFONbNYfTH7-fuuCl6fai_FelCrfBuIGSImgbJqBnELz6UyGosZ1cUkYPoV1ZsR8i3Cx4IUD65koD-tJiC0fMR_OD0OyaneUDxr1nJaQhuFRB5kAxBnPS85bxLIZbzTS8CI6vmSjTV2BlGIZdNhUEt9ldq4g01UBJAsvXzGdoBMhF9pWmT8q-pbO-mRj-YKT4Tfypb9JTDfjnf3VbX0yAbCIFK2VNBQ3GV2xfxdWcFWKgcwkoz2_6IJ2mVLZRe4HoQd7yoS1z-OPh6PEj8ofs-4ClGvhMRFjSHRu7yDW_sb4rgIS6zLcypiSFIeU--wn_atPTFAnqkTX7N8LaqOUOIJDQ8_Hez3LgKZdePWxMtmh6dk4SuFmLWJxHhj2yzp9R71cQ6QSOBD6C930lbreZuK1Cl7FJrEhz2SEmTLEoJgPxM83PMZ3LtRqxhxYWkNo1c80jatk4WNJrQLTDlyXWeG5HnUGMl72YHd1uuqMH_r5YUfwiBHCquGbv7i5E-Aop85x_ItIUsagX0azVgx0oQrzk6Q0L_pbxIj3Votx-oUGswOEpZluChS9cdP7SXv3scVMOALNQ-OkWUux3-Hxqzkf4Plq8WKUArV758sK1qSdR8L_zMv9YFHMgjTvPLHCKiBS_Z0bZYt-Df65YpJKTH1JX_21Ndk4lfpNYI1ajCLoz7ymBVi48nceI6B-Ult0CaktAu6Bhb4b4QKVy5pvmfxg2UUw9Diu8SgAKsasNgW573OSr7huDQCHACE4rnMKRfibIGzvW1YGTFwIvvd1L7BaKyHpex1XEF4k4Uw6vHlZu_tfP1QkkSi2eb7SMm7sRJvqOGatoQCCT49couDUI37N_JFUYz1IINaTa9cw2K3ftSmcseifc726hdkkHyyODYNxgWR6dJS5ROrQCIHfd2doh4VWr356GOzfb9JocgVxGjE2QDdyvlwEor7LC4zz7mIOvOcGeuNzZNAyhS_3gtK8xaF5ziwffw8lMHdHsyae7v2rC4xuFeJ6-wvwZ1DuIwuBtjcR5aYbC53sdr-rU6EJ5aeekfXqAx83hYW2K9GV5DsM1bnRMATSMV7xy2PgZ8Pv2UeaJ6FO6_dQ4Hcm3W9NJet8zlTkgt9ZwbsS6uLAJUC8yxrpKZUE1Eiu9O8cdz5R-B7YcNq0EJ4DLgyXq9oc848I0aQYPU8BXr4DlMUHkkpLBuvk_EKB5UlcdZ6H8BFKmXFq-Cp4TY6h0tXzF3j3GINF7UxpB0O5ve3ydn28BCJ4ZL9c2GWE82tEtuFbF896C51H1g6WbKY9JP_WI3s74ThVR_t8pl8mY5N8dPLnKASvyng0oy05jCbu4lL9GTMEiHK66lZy8Y0QbwQbXlvF3tNXhyXulZAG-fPygCUGatYx_xNx_Z5fsoXlAF-nv270ZnINEKJ1I_Dr7W0BJeHpi-TpVdl9m0k_jB6dajyeuFnZnSLMCNpoXaJffLkA7V8TjoAT8OdglDr0jOLYAllC_7YJIgATBzYBaw3eL8sceXrCUVHP2Z0hos6ggeQX5-ffRKLksVanHTja1-Xk15zvESUfz-HUFC4bAg0WsQw_MZpyUT3Q0Mmm_ov5UeU1RCzkbeZ37yiXnQpHvBU95FTWYrcy9MSW1_UHnAccXIBhhpKceFxOq3-goC2Wso3FKsB_LwgV-aIeLp8p2yiTtgbBzEH5I2CogI_9-qdnM2NL2bi47hX2DR1xLNw0cevf4wI1u6FH6I6PjOKFCNmj6DEdSBnLFFI7OwU1GlP0cosc8U8KMwnAWA0lofFvAorlemVKaHjbKllKmqWbafFIUcyRL9VxIC2pYm48sWvp_XzJt0H5H7aN_hkd055j_bTpEu0JzibWYBMIKhA8mksxS3pqRtMJNVGWe04Lg1vpX2RDq-Nluk3Ufn07Nh9HAegol83uz0EHYAO1SYKZHFxVOM5eBi7SXBuirkdjxPffbiSVsKue2iSB3cGdKwWPa9or6QUp8FmA1AW35WMqlcV4_yEXBXIG5OeiaguDsc6inn9xwjIt6XIfmoboYhN9Ygc5h8-ACKybTP0DmCr-R5sE6ayFeRKB9jx83AudQ&cid=CAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA&rfl=2%2Chttps%253A%252F%252Fwww.mensxp.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9494
x-xss-protection: 0
server: cafe
etag: 6798282995721486617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:32:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 21F1 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H/1.1 200
OK 7sx2ojnml039 Show response
hal9000.redintelligence.net/zone/ Frame 21F1 11 KB
4 KB 44ms
13ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/7sx2ojnml039?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D
Requested by: Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4e0f20ce925379ec62bd9273732cee26593c660c4cf147bf974c7abc071fb55b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3997
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D055 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=953368425978189&bg=!LyylLGjNAAaQHwIOkB87ACkAdvg8WuJB-pit-A6Q7-2MIImxXCUN1eZan57MVoszR5NGBUdOT0H00wIAAACUUgAAAAxoAQeZArFx1GmN3kBC0D2XYp6HdjkP8CY17jUdjmFRiVk-hcU-2MdvAZJUJsR_1GnwInsRn5hDiRYpC83Gg2AXY-1cyn_HxVIiJXKxPZ5Ticbz5FnzZPM1aKkTe3QZivIX0crtffK1sInh-sTRmhOfbReL8C_2nyQer1LbGlB6N0IniDndE-prPU9TqGhBIuFm54TVfWKoHty_EroxPTtPZgX2dTOXUS1BqhKxh3hWF7GiaW5XKq9GdvtIWFi3Es1zkfih87GfE693kykABe17T7R86pT5AmGQbT3HLiH7Pkt8D7nDaXu7sW58SjDowYvcBxv57167ih_g8RdPc3Z67yZUkCO3JcSsbcUevAzMwK0KHGOq1WRBWyz-RlObH9NqJn7sQZ1OW-btFM79d0L1DwAJtoL7mRsB6C2_3L7uO6d2fukyXrV3gBmCGQqVtCx4VesNsRfNQGb1o9NCxDwWHq7JmfzKAXrxQpXs6Tr4THloHfpRoPZqIDlZcKLrL69a48PdmHfJUGAlSq8shd6DveiZWMdPamyBFmZQ6l7R6ZZUsRoIREFgEuNyLemKqoBDKJXI5GbGk4NqH8isBS_ncVNOzQGf6f5IEosxmnsjZjVELac9a1aAkZuSFOAD4Ev9QPD8Md5NZpaGbQIcQGpRbAPMFzmKmnEMmByNXl7BY5sdDswaKZCfHXIgk47lFkk3cXKk1lXXMOWer9vB16GMJNrvw8rL6PNBIIv9i9j-pGXJp62dqW9RyoEJJGWDxt0775trOYbsKpfGetTzIpJZp6WBRWsqE4Q3Js4HjUdx7oybq5c2G1ZW3YpCbnMqrLsb1insGb6gky95FiOxx0pcW0mUxxGRnVqVPuwQICTFonnPJXRnPnzuzzRggSwAt9YWffSxVixYVlBxjbAwu8emnYhbI8otJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame D055 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 02:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 02:46:07 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 21F1
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

106ms
83ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D&documentReferer=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.mensxp.com&random=5848265873774&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 47309a503f6a4bbe4d221477468f74f5446454690f0f0985c24e0f5d2a1f0203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 85581000084671600710626011801005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 892
Expires: Tue, 07 Dec 2021 12:33:37 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D&documentReferer=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.mensxp.com&random=5848265873774&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 07 Dec 2021 12:33:37 +0100

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 745A 0
0 52ms
52ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNFExTrsOlsmIOf9jwKfUWonW5ZZsXzQTKxr0AbHs8IPGkmKhLcCxu5ndc_I_P6INRi-LomK85gBZAd-C771q61Y9npqQCcgDGrBkPK4K-_T4t-YNCL64mK0Vy_1Gg4uDbnnRkxuYPcMRiO1X5XHj4nQpoSSq4ivDEFKRM6mvU7g0x19nhUyg1l3_hYQag7Zc6YX-IXvmkr7Lll7yM7LSgpWeJmOrDH2OSzgMtKoUpg3eRlj7c8QPO-sVrejcdmWVa6D15B6bLH4mHwgn9HcSHHzwQVlOr5jVttsPdbK58Km-2x25vevtor7qTvAHymDTdQXL3EBIW_dIYlIQarSMNcQDX37IN07qo1WB2FkP2GEYQdRPG4uPs2GSjlLYL_w&sai=AMfl-YSy7zBzBWy8_REku_Kv69mvdJczr-Kk2G10yDrQJaTf3dwsnQczXRBOEv7jXPNoN78gQkEYHfkw_Q6kDBuPZlsZdFauuUVdHKd-pFg90PZ51683Sf1j8G3GaAvJQx2B&sig=Cg0ArKJSzPdsTBIel5mtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/timesinternet_lifestyle/mensxp/ Frame 745A 59 KB
14 KB 246ms
191ms Script
application/x-javascript 2606:4700::6812:417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/timesinternet_lifestyle/mensxp/tags.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59ef3a6537b92168c520919af1d045b4f98e7ffdd74f12dc96f8defb26488cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14160
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 5
etag: 5306709588907266667
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 6b9dc89279f4839d-MXP
expires: Tue, 07 Dec 2021 13:33:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 745A 119 KB
36 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D055 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzjkYoVSvYc27HIj4gAeqiLeYCwAAAAA4AeAEAg&bg=!vr2lvfnNAAaQHwIOkB87ACkAdvg8WuioRcBPQevxebgxh7CtmHlsdVy08U_8_YFiMCNr6MA56RIqHgIAAABpUgAAAA1oAQeZA0m_Ia8Z23kNf8BP_fOFeSp36wcZfXgKkZmaykoVIl7YLvYhkbKzG871EW5VTsbunRraF9BWMhZ_4dsiAMTAqMMv_EqefAUrtUBAEzWQFtKZtiajkaN0PMQKkfAe2Jk7Zz9JOhkrk3sF3W-pO4MDEV2Ut_whGBOrcGhYV0veeN0_8iUcaXQ_a_9NevPCz97o9kJXaB91aOkJEDLzOMTNiqsy4soo9bXcoPUYIENIoEEK0TKN00WYgobSHXYtT09HhzIk1WyWwTIM4ra01ln-dOKns8p7uXvuRZfXN7SSOYkOTO97G_wL52AoTLZ4F5xk1BcDvNqQh-ZaNpyBkxV7MGM5Jc7XXUYMnLpbJhDRd1eTyUNJrm7Jz2ZKkSDrw_qgweRXpvJfh9-IopGbSx8VwwzsBAC3p9EHJvhXcVyhoSlljFNaZvD-gVGpFkn2Q7jPgAe9WDzrw2VjmUuFI1cqJRst6ipkQb5KRzIUeHahPRcPRdfXJVzvpPI9L2vjV4fvmrIWfY9AHIKSSknQ7vRWd2gy6b1w8r7BGIyjqimkYeismE68lrN84PBYkVAtc17uGBIMctoZUzjQkSnEj_q8jHmapcKZPgizE_vTksa9fJzuTcr2MuaVVYMDUbVZMfjimicCb2EN7fLukLEpeKHi7-GEzZ3p7N18-vwvYqaRXPyBW8Y4MCKiN6BRIzW3Q9TphUhYcy5_Nnv0M-Yj7m1cYVnajdDkWbzZvW0MuT4d_xorWYO4xu7HvAb-x7nMw9USDe_UOgFny9OYBGO8G-olQF6L2qCejDnIerwpzZENahM2JpK3TQZ_i2nFCsE0JMjbWEcJhzuEz1HN8LowU7GF3x1ZpumNR3Xs0ju-C_dTfWmfalsMV2YF49gt_0-plzM7MT0UggCAwH8fdMCDNjfSZlS7Juid4lFeCIYUZUL3qAo7IRvYOvRsL8vKBwepjuIdmYhXwdFkH-7MiXNcvlh6B1GTIoCMm3IJpV48xRukkkH1u7b3AGbCY_0FA3QzhHdb-M9rJ7XTuEoVbdiGtxSxJf0maKtQelt2fIQK2Uuk82WlpIqEe7P0xE6Qz424HGQXGlcG5ND8Py7h_7lpjDO6RtYv9D3NaZJHWrXh

Requested by

Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33 Show response
5994599.fls.doubleclick.net/ Frame 0BC7
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33?

390 B
346 B

41ms
25ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33?

Requested by

Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

69132f2186afe86571f8c1c7c684c1ad2175b3728b360a91f008c7083c1346c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 12:33:37 GMT
expires: Tue, 07 Dec 2021 12:33:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 12:33:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 0B0B 7 KB
3 KB 39ms
15ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=7sx2ojnml039&nw=20&renderingType=javascript&namespace=28dc1cfc77&subid=&uid=b2da3abe7656949f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpp3ooVSvYcqbBvmB7_UPvO6wYLXN-YNXlNu5q-UM8C4QASDtgvgfYJXikIKgB8gBCakCf0-26Wnwsj6oAwGqBOQBT9COxt87V_Do8cETNwP45KpvlH7UdPtY6d1gB8p414z53IytbgHgTxgQcAF8sZHhuJm8H9G6e2fpEnydyhzLKdwka2qp_KgZuUMj0EZD7KTGC_EHo2qzB66EMSIVEEmNLpw3egFlY8AcWkLN6jVAy9NbYWXZybKvaalZj1KKy8M2wUWTqFcKYIjc8cc6Cxrx1CMZprEwPcXjYWk4MrlsqjPhF5ix25bOPX9XQKB-m8f8PPjQ4lGs7uooprqn5dOB8z0tMbcdDrnocLfV_Kb5iHILupYeDjoUoQzI3kh1U9HqxJWAwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo_YBbcMyUDDlzy-vXRRrQjenPLA%26sig%3DAOD64_1EIh6aUNLMJpliex4L9TYKFlp5og%26client%3Dca-pub-2230723027927371%26dbm_c%3DAKAmf-ChSP51KfYL9qo-7XX_X2Ly4iB4AVxGKXVOj9oNo7xCK2l84ZuOqUc5tNlTQTjkx5ErCDpSxK2MGgR3vMkzO1Jv2tOcZaDlZOs79lohEY3vwM6bb8_4QXSlR8Pb6g5bWVh3KpP95k2COqd4IFB5vgU7U2mkpg%26cry%3D1%26dbm_d%3DAKAmf-B944NKT3ma8bB93upU2mC8NGWPJILdDKr1bpjHwLbmOZochDGcPXnSux6SxSW7Q5pQLBwihS-Y-Dg9hmK5-BWv2pdm7SOjmj-J_6_FELClVqF4VLUIlAnP4O-vtV_1r0SNZc7dNNWeIAE7PKP4nXgKBdruGHryj_tK7ReZ_81omxH6AdbLY6s89Xy8w9W6UzI6eRiHinITMuz6oUeBTDmchFEjOrNNL7YYP3456IrnzEd9TwPw4o8LiLDKtXkSVXKPbQW1vDy-YPNwHIlK1x43DvEKCgpaK4NZBLjKeVxkSBA7B__ONdtaARfzaRQfWWFVfRqsBLa9D6QpMztfBz4FPHFA-s2VCArQulI1Swfa33nasNlLRwGp8JZ-_Po8zDrcf63XiV3Qyx4zLYt9F4J8WBkoOf1gdAzY0UZhR1S2kdSRdz6X9r2PZVupyanv0YsH5YrCVvZnSl91_-Z2bw84_XooJYcfeOUTt7xtnyjQNVLZRoLUuB9byybcg2V9NRrmI7qYVrqSQ1iiHLAMwucJWT23eQyGpZaIKJre2nOt7VJKpnEJUC1ITmz1j4RrTz-jXZW2%26adurl%3D&documentReferer=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.mensxp.com&random=5848265873774&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1da79c61536acac08c1eedf222a0863a1157c305e44f1fb4104b90b6d7296ac2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/

Response headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 07 Dec 2021 12:33:37 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2307
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 21F1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3a38c498cd441d66e5661ed635179b219fdf0f7bd0dc8bc05c32d3aa0403ec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 0B0B 89 KB
32 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 06:41:39 GMT

GET
H/1.1 200
OK office-970x250.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 0B0B 49 KB
49 KB 44ms
9ms Image
image/jpeg 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/office-970x250.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Last-Modified: Thu, 23 Jun 2016 13:50:03 GMT
Server: nginx
ETag: "576be90b-c36d"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 50029

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 0B0B 0
150 B 34ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=85581000084671600710626011801005&a=ccd50dd9&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=85581000084671600710626011801005&a=5d674cb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0B0B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 container.html Show response
914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 399A 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js?31063908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:33:37 GMT
expires: Wed, 07 Dec 2022 12:33:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33
adservice.google.com/ddm/fls/z/ Frame 0BC7 42 B
63 B 66ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO7_hqnZ0fQCFSIIBgAdk-UB0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8661164221448.33?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 745A 677 B
1 KB 239ms
191ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8394563596
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/timesinternet_lifestyle/mensxp/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81aa43571adb4c0af46e1e8118993d0e8b9b3fb600a3e03a0807d7ceb1e978fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 329
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 12
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 6b9dc8941a343757-MXP
expires: Mon, 07 Mar 2022 12:33:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 399A 0
0 50ms
50ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw-yuoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE1gJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1uIsc-9mMG1_iY1YB4ydXiW_YnpmXaLjl_pNKWNn3lWwdsFS96avgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMjMwNzIzMDI3OTI3MzcxGKvYEg&sigh=FZgxVQ0cQLY&uach_m=[UACH]&cid=CAQSPwCNIrLM1Sy_JnZEFknQAWVObvRUn0xS9U12zD74ST-nX6LbYlKzrhQAbWz_gTYLimFbtXZa0J63MRvOYc8sNxgB
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 399A 0
0 67ms
21ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U6D5ELr5RMwI-gGdg2ICAgAAAH7CS3HyXsXckcnaTsSTX2QQoFSvYXbDCU3xwqCL7dd2ABI&wp=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 225931

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 98C6 168 KB
52 KB 154ms
110ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Requested by: Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: b8ec160182aba1d6538501a6106eec652d3c1077d2946c51ba7cdc90d3860b51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=w8sCxoJRMqX_SL9c4qHT0Wv30s94ZQH0Kp9XaMEtHwlW7jQiFlbPMrY06LXAYzjRvk4VTk3jo_5uG4V3RU4POYSrEsRIAKyu3-8ND3wSsSszcYUs2Ct-Yd9gdJcZUf7VmmMB6tX6ydmk7LOUcZ8M3xVa6ahtOezcmyK5n4IpHUoC5PflNNrIIa2g7Vv7FrQlgV96wdr4Tuju6SkRHXGfJSeTSdMb9nu4SQTZ34rNiIiK0K5M59HF6DIUki3n-su4k2ctCw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 89915284
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 399A 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:30:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 399A 119 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:33:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 399A 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:21:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 399A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQYSs_ritO7ob9pkhbZjAsXbbrfbmrvh8hqmbHpx6_VvLJl7c9yA5pHyuvxFwo7KOjXgI6RssPt4BejwJKH5CTr-tqUQ
Requested by: Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 399A 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
URL: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
DATA 200
OK truncated
/ Frame 399A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebb442953a3ce0364f5a98860024930173edded92576e08737001ba98d3fb6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 98C6 2 KB
1 KB 75ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 98C6 2 KB
1 KB 53ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 98C6 308 B
608 B 53ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 98C6 507 B
807 B 54ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 98C6 43 B
344 B 46ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kHJnouik6cOJv9UiCzZOjigcEJ-fd5HU1EpmqrrzETtUitmfRJvwujf3LiQ5mwywPfS141CW1tKb-pRVeWneKVH-a7U6u1OP7gpitJaQCy7yXgk8mYr0K5c4shmrNlapAKH_nB6UMxYWVr69YFiKcN846chJPThQMJ3bBlD0JzDb5qasKNRMojFbGQJ15LgUS3Rc1cQ_rUibUYslwDiPE73zyZJhpclEy3ESTTMcDEe1gJtWiAj_6RYA867Ypzi8Agh3-HqCOafhAIYZj4zQ9_0LNy-DK6OE3zXTPiAIeQTfIPsGow57wvGPzvByNbEvvnrTwEa5qdAN23U7rpAxVrS5CiJzLzTiwD6WciFMENeoHS3gKnIJ_7kUbwbsS3CznrA8G1jg0i2mFw5bKfmkZWyIoiBnopUaXAnzaSvcy-OgZbR2xppeiZpc1w4YBvluWPRhmg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:37 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5632
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 98C6 12 KB
5 KB 35ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 401306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F%2BxAIiCnks4vvkrwPghs8hy1hUYDbNv6uCk2cpjkQMqI7LNb9iin8DevkPEz7SoYj7dxvbI2b3%2FsrqY7jpg8%2FWXzV34qW7fEPBpKmVXoq9zIvEiz7BzGhzz%2BXFJb990BWgqwd05Ry%2FzyWr4u%2FFFaPQd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dc8950ae06945-FRA
x-cache-tag: abcd1234
expires: Sun, 27 Nov 2022 12:33:38 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 98C6 56 KB
56 KB 49ms
18ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 98C6 58 KB
58 KB 68ms
38ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 98C6 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 11 KB
11 KB 50ms
16ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=196&s=RvA-WjfBax7olbus7qDMZRq0
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 232a6ac91462da5b10eeab6cd35f3fb33f84f3436184f3cd1f568a7fc0da1152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29436157
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11239
expires: Sun, 13 Nov 2022 05:16:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 435 KB
436 KB 254ms
221ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F211029%2Fb28d7448d05343ce86af17d7d6faa62c_img_horizontal_1.png&v=3&w=1200&s=PZ9WAMlq684QaWyJDPdJjeq6
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: f763a4452aca651b5eeeece1c272f3d24331e6dd788972a99983c944058ef24c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30402055
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 445703
expires: Thu, 24 Nov 2022 09:34:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 40 KB
40 KB 50ms
17ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fff75619c-beff-4515-9bb6-9b5e9e679d6c_cf23c738-dbc6-40eb-b838-56e3eb13410e.jpg&v=3&w=400&s=_OZTeigQSt9REmYRcOvVyeLF&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: de324a5293260093af17e6a5c2546553f28120371ed47704577f529e354a1124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=434794
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40638
expires: Sun, 12 Dec 2021 13:20:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 31 KB
31 KB 60ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F1928b8d0-6533-47e4-8ee5-b56ed7271d8c_bdf8da3d-6fc7-4778-980e-99f835f9483d.jpg&v=3&w=400&s=BU_C-Ga5GKUv0fvjJBsNj3Fx&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 466c3f9fecc0b16fb84ffe5704da26c2399d139e24284407066a158d97d1bc3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=75635
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31514
expires: Wed, 08 Dec 2021 09:34:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 2 KB
3 KB 59ms
26ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fstatic.nl.eu.criteo.net%2Fimages%2Fautoscout24%2F360.png&v=3&w=400&s=HE5zFt-Hi8cRniF2WNdfrG1X
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 1f5f52de805763f0ef3b2677ea164b585a96abdbc5fc7a5a2a0eb057276d09cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28499517
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2404
expires: Wed, 02 Nov 2022 09:05:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 42 KB
42 KB 63ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffe65d815-a836-4ed9-888e-bdbf0dadbc3f_9086ebf9-1333-463e-85c2-9335221c70fe.jpg&v=3&w=400&s=zBBfL3HRp76Ye0XeTOdJMsLJ&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: f88c3c0063d829a8775850a573133dffc8b789c9609d0f2779b260093cb73135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=519674
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42970
expires: Mon, 13 Dec 2021 12:54:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 25 KB
25 KB 33ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fffb33bfc-009f-433b-a8ab-237aaeed5c51_fe725eeb-81c1-4b6c-82e7-0b283052c7a5.jpg&v=3&w=400&s=RGgscXH5-TkABkHpW3252RTb&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: dce45dbbdad7149580fbece36328b518cee0e6e261964d689eeaa1af8a5119a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1202235
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25488
expires: Tue, 21 Dec 2021 10:30:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 12 KB
13 KB 32ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fff21c283-5dda-44e3-a949-779627b77e15_243b9cdf-407a-4743-af99-db96e733807e.jpg&v=3&w=400&s=Wrh_QxZRsgL9mT3WLS7VbayI&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: cb817b5f2fae4d27b5ca198abce00c992a82790c8cb9c30e216a81026dca93a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1146705
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12742
expires: Mon, 20 Dec 2021 19:05:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 39 KB
39 KB 34ms
33ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fffd247d7-afe8-4672-9b75-67eb5746deac_bc869141-02be-404e-b259-82083629a88c.jpg&v=3&w=400&s=h8UJXKiIn1FHCEg8cauTCHPS&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 81e311f3f559c06d96b7029d6d355365a4408e0485f0f1600bfab8c089a46761

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=190232
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40176
expires: Thu, 09 Dec 2021 17:24:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 54 KB
55 KB 39ms
38ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffff70d6a-9d90-4d1a-9b72-6c44191df211_6f1839e2-542f-4347-b796-1d8c96910090.jpg&v=3&w=400&s=awovM7hmZgk03Han_khOJaWX&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 91593b245760eb08b4aaaaf38a83f5ef613221e934aee313f7b24d9cfc0889ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1209018
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 55698
expires: Tue, 21 Dec 2021 12:23:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 16 KB
16 KB 38ms
37ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffda785ec-c6de-49fa-bc9d-d9c3031a5621_e60a310e-fee0-4f96-a2f0-984a65de0c44.jpg&v=3&w=400&s=nCM27mCAPFwM_kKpPsDnPxm3&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: d8e7aed871a4dbc9f6bfcf8cb7a3eecbed835c45e6b0a46291ec3e9906577d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=781316
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15972
expires: Thu, 16 Dec 2021 13:35:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 35 KB
35 KB 40ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffed7399e-a197-486b-b785-f2804b1303c6_9026f564-b176-4a7f-92ea-dfc050135284.jpg&v=3&w=400&s=ogPrzyeso4LYdGzJoVCdNLQT&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 57207633bdce0138ab26d3190b51c4fe9ae8dd012876393d5ea2de1a0eea5d5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=340044
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35528
expires: Sat, 11 Dec 2021 11:01:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 28 KB
28 KB 37ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F38134223-8b47-485b-a69f-03620fb37841_ae22b2a2-fbbb-4de3-99c0-f1a387afa929.jpg&v=3&w=400&s=G66hyO2TXb0okk72a4EXCDN6&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad30a24726b95ca72ecf80ef2bdf9e0ccc64a85893e0ec3201ae953d9f1f7fcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=442328
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28736
expires: Sun, 12 Dec 2021 15:25:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 25 KB
25 KB 38ms
37ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fff9a81bb-9ebc-46f4-9106-979e60aa9230_b80d8776-97e8-442b-947f-de94fe69176a.jpg&v=3&w=400&s=0vb-5QKgScOasbLCIFq0Bsvl&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 4d4e478e7e74931dbade16ed699ed577e3d9f1bd7dbdd2adffc978aa9a232c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=536743
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25424
expires: Mon, 13 Dec 2021 17:39:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 98C6 38 KB
38 KB 39ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F75d63fa1-d6b4-4af3-a586-8f091487c6e7_342e36ba-33ec-43ce-925d-afcd17f8ace0.jpg&v=3&w=400&s=ppK-YQuZHZhCfSAcZisZDtHy&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 34e78f5251e9e3f089b698cadf08ab9fd972bf13beefba104f2542fcd244a3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=890681
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39052
expires: Fri, 17 Dec 2021 19:58:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 98C6 0
99 B 51ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=w8sCxoJRMqX_SL9c4qHT0Wv30s94ZQH0Kp9XaMEtHwlW7jQiFlbPMrY06LXAYzjRvk4VTk3jo_5uG4V3RU4POYSrEsRIAKyu3-8ND3wSsSszcYUs2Ct-Yd9gdJcZUf7VmmMB6tX6ydmk7LOUcZ8M3xVa6ahtOezcmyK5n4IpHUoC5PflNNrIIa2g7Vv7FrQlgV96wdr4Tuju6SkRHXGfJSeTSdMb9nu4SQTZ34rNiIiK0K5M59HF6DIUki3n-su4k2ctCw&sds=2&rev=79542&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:33:38 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 98C6 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 98C6 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Dec 2022 12:33:38 GMT

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 745A 7 KB
4 KB 207ms
192ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8394563596&tagKey=3525434971&site=timesinternet_lifestyle&adSpace=mensxp&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&f=1&p=338801&tKey=a5mneMUd3fXF39XUB6XTaN4VUsUWPtDf&a=1&adContainerId=richmedia_2&rnd=336199
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/timesinternet_lifestyle/mensxp/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d492fa0f52c5c9fb64bf3309576d4a0d31f89507eb34767c421dee5fbd1062c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3207
pragma: no-cache
x-function: 101
server: cloudflare
x-reuse-index: 1719
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 6b9dc89569de2c22-FRA
expires: 0

GET
H2 200 tf_adChoice11.js Show response
cdnx.tribalfusion.com/media/common/adChoice/ Frame 745A 4 KB
1 KB 58ms
49ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 66486
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-function: 301
last-modified: Mon, 22 Mar 2021 08:13:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
cf-ray: 6b9dc896b89c3757-MXP
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 745A 2 KB
1 KB 86ms
18ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26792913&plc=318659091&sid=6596925&dvregion=0&unit=728x90
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8394563596&tagKey=3525434971&site=timesinternet_lifestyle&adSpace=mensxp&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.mensxp.com%2Fentertainment%2Fcelebrities%2F97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html&f=1&p=338801&tKey=a5mneMUd3fXF39XUB6XTaN4VUsUWPtDf&a=1&adContainerId=richmedia_2&rnd=336199
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:12 GMT
Server: Microsoft-IIS/10.0
ETag: "e066f48b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1168

GET
H/1.1 200
OK dvbs_src_internal100.js Show response
cdn.doubleverify.com/ Frame 745A 56 KB
18 KB 28ms
28ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26792913&plc=318659091&sid=6596925&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:33:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fb3411b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18242

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 745A 2 KB
1 KB 76ms
10ms Script
text/javascript 213.254.244.25
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_219499659676&jsTagObjCallback=__tagObject_callback_219499659676&num=6&ctx=3758893&cmp=26792913&plc=318659091&sid=6596925&advid=&adsrv=&unit=728x90&isdvvid=&uid=219499659676&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=12&fcifrms=11&brh=2&fwc=0&fcl=249&flt=36&fec=2135&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=148&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3E6%3FDIA%5D4%40%3ETau6%3FE6CE2%3A%3F%3E6%3FETau46%3D63C%3AE%3A6DTauhfbfh%5CG%3AG6%3C%5C%4036C%40%3A%5C6IA%40D6D%5C3%40%3D%3DJH%40%405%5C%3D%4033J%5C4F%3DEFC6%5C3%3A2D6D%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3E6%3FDIA%5D4%40%3ETar9EEADTbpTauTauHHH%5D%3E6%3FDIA%5D4%40%3E&dvp_exetime=8.00&callbackName=__verify_callback_219499659676
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.25 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d7753780abcb9fc05fbc573cc2d5fbfa743f1d7670e73974e053ae953b3a6244

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Tue, 07 Dec 2021 12:33:38 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/6/2021 12:33:38 PM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame 745A 807 B
1 KB 51ms
8ms Ping
image/gif 213.254.244.25
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=84e9fd5ef842484995a987bc717d9e75&vfdur=77&cbust=1638880418547370
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.25 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.mensxp.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/6/2021 12:33:38 PM

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 8ED3 638 B
893 B 176ms
175ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a2mT09mdAtVWJ7XF3iXrQgXaasSUMBWbvSVdF2ob7mRUjmXTrq3EZba5a32nq7AYUU6WWrRmPvBncfuoWnB5Enk2dyM4PFKnFbGYsfU1cnXXG7nnqfW3r3UWrnFUAMTPTnRQsZbqQdbw0WvpT6Yy2VQYXrZbKUA2n26n7RmjK2HZbrXW3AnW2O36UU5cMcTcMjWs78S6JmUHnPTrbS5UZaxUqjvTTJlQbbZc5bZbvNZblL2I&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0deac67dad15ab85928b74ad8411e6e5f088097704a26c5c5654e9664fb867

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 32
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe282c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 595F 654 B
902 B 174ms
173ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a3mT0936YR3sr7VsQaWcjhPPnOTdnWTrFP3rPpUa3oTTQ7PEnZbQGJCQrEtSdMaWVbV2UenmtaOXT6n2tMHSGJD56FEptamTHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxPF7MYTFr5Ebh5E7YoTBHYUFbUdMQnmYKps3pmWvJ3TZbh5teN5mvLprQKXGrXYcnV0Vbnmar23rnQWFfZbUmnWREbQScZbMQGnNWEbDyXyk26&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 964106cd3b0c3c1eeb07605615d498f04a0e52897a50cd930e794d4ad412a13a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 179
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe2c2c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 2D93 760 B
960 B 186ms
186ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a4mT09prMZd0GnQ1sQ0XVrupTZbS5F3QWFJZcWPj5RTU0ScUpPdbMYd7uW6YM3V33XUZbKV6am4A3ePArI2HUtXWMZdmtPn4mMU5VjeUVJ8UcJiPP3oTWYWTbJR2U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0ETw4trZdQVrG2mQHoWXnVWbbYU361Fj90qeMSUFZdUrr4WtQToFBuRUrN1EFy5bnlRWMfOgNC2N&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40f3b99a1ddb483358d889ae0b34cb8a90e7f2fde309fd7131692932722ac91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 517
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe2d2c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame F521 688 B
929 B 176ms
176ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a5mT09VWJ60bnd1FJl0qAqPbFHTrMYWHnWmb3mRFFr1E3o4Ebi2qvRnTBGXUJ7UHMQoP7LnVnwod7L3TUf5tZan4PrFmbYIYsfXXVFYXGZbOpT742bUWWrZbHVm75REvQQsYNQdUy1dJtWAbu4sM0Xr3ZdTPip56M9RPBD4H3O0HBKpdEo5PBT3s77TcB9VGJ8RAYoTWJ5UUJ32bExUEMwTTJlSTBFSdrJ2GaCMwyVkY&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea785e94025af92ff4bc8ae7d0e48d6838517c576319d171f66c12517235fa3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 831
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe312c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 27C7 703 B
938 B 175ms
175ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a6mT093sr7VcQbWcFlSAJxWdMPUbjY2rauWa7oTEvaSTYLRG7KRb6vSH38VsvW4b6ootyrXaup2HjZbQVjE2mrIptTOUHjdYrfiXbYiXaApPbQZbUUn0WWQ3nFQmRUfNYTQO5EUj4qQ3nqMD1rfcUdjTm6fImsQnmtUA5T373dmq3A7GnFbJ0GQUYcnY0cZbnnEb42bJ4VbFDVAvWRqrRScZbMStUr1G3p0SvINx1pBL&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00b5cdf6d8deefc2606bfafef558115588580880ffdda30dd9d8b1dcf643316e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 815
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe3a2c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame D18F 658 B
909 B 169ms
169ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a7mT090GnQ1c341c7NpEjW5UZbUWrBGVAYTPTf0SsMsStZbx0dJmTmMp3sM1YrQLTPip2AF8PmjK2tFM0HYIpd6M4mZb04cQcUGJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4WYGSVbZa46JZbmdAyTdQc0b7aXbU60EAMRrUZbTbZbQVWM0nrJuRbbM1EFy3TUa4UFYyd7pMvNaw6&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb693ed90afc9a4bad56dd95c829c6a31ba67ab1dbd8656be3f22fdb73df5cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 6
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe3e2c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 63D9 621 B
864 B 182ms
182ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mT090bnb1UBe0aiNPUMEWUM1VWvUnrfxPFvr1Trt3TZbg5qQ0oEbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3AFJmbfHYVUVXcFT1svNpTZbP5U32VFbAUPvYQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4dnsXHQAnt2u36YY5GjdVcrcVsJgPAnoUtY3TFnR3FerVqrwTaYiSTBFQVQCPE2o4qMWyHd2VD&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8789101ffb6504a2717a19ab7c856d8188c0d716657b6851b5ec632f980b4174

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 319
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe402c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 9970 681 B
920 B 173ms
173ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a9mT09VcQcUcbeRmnvTdMTWrJR2UTpWaUvVEFaSEnZcQVJZaQbInPWviVVYQ5bypmHqs0a6v2trZdQcMZc46QZdmdapUH3eYrU81bY71TqoPbMDWUYSWHU1mrbqQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5qne5d6N5PvZaprMEXsfW1cnU0sJNmqZb43FY2WrMZaW6UYQEMRSV3NStUrYtvuVQBuPF3kMWoRZcb&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856cb384c3b76541b6f840b2089ad92cd8343460ea87418bbe4d699bdbac831f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 878
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe422c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 948C 592 B
855 B 186ms
186ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aamT091c33XG7wmqnU3UQUTFFBUPY2Qq3QQsBsSdbNYt7sWmUx4cYUYUnZbUPmo4mZb7RmrA2H3O0tJCntEw36MV4c7fUsr7UsM6S6FMWdnSWrbP3bTqWTUmWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESsJF26YHotXsVWJhXUf91Ujh1TEtRbMZbUF3SWHFUmUbsQUjM1qUO3TUa2a7RmbYDUGJRy4bA9B&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.mensxp.com
URL: https://www.mensxp.com/entertainment/celebrities/97379-vivek-oberoi-exposes-bollywood-lobby-culture-biases.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a1e8982954388091f1f1f5f02246d863c1d33c5b8db0d5ea51c4d09d2feaa1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 398
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9dc897fe432c22-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 745A 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 745A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e6835f7b4e661bfbc33b9bbbfb0e082331dbdc0aee7fd73413c9d3a16c61cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame D18F 13 KB
5 KB 115ms
72ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a7mT090GnQ1c341c7NpEjW5UZbUWrBGVAYTPTf0SsMsStZbx0dJmTmMp3sM1YrQLTPip2AF8PmjK2tFM0HYIpd6M4mZb04cQcUGJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4WYGSVbZa46JZbmdAyTdQc0b7aXbU60EAMRrUZbTbZbQVWM0nrJuRbbM1EFy3TUa4UFYyd7pMvNaw6&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa6de8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 595F 13 KB
5 KB 121ms
78ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a3mT0936YR3sr7VsQaWcjhPPnOTdnWTrFP3rPpUa3oTTQ7PEnZbQGJCQrEtSdMaWVbV2UenmtaOXT6n2tMHSGJD56FEptamTHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxPF7MYTFr5Ebh5E7YoTBHYUFbUdMQnmYKps3pmWvJ3TZbh5teN5mvLprQKXGrXYcnV0Vbnmar23rnQWFfZbUmnWREbQScZbMQGnNWEbDyXyk26&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa71e8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 8ED3 13 KB
5 KB 112ms
73ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a2mT09mdAtVWJ7XF3iXrQgXaasSUMBWbvSVdF2ob7mRUjmXTrq3EZba5a32nq7AYUU6WWrRmPvBncfuoWnB5Enk2dyM4PFKnFbGYsfU1cnXXG7nnqfW3r3UWrnFUAMTPTnRQsZbqQdbw0WvpT6Yy2VQYXrZbKUA2n26n7RmjK2HZbrXW3AnW2O36UU5cMcTcMjWs78S6JmUHnPTrbS5UZaxUqjvTTJlQbbZc5bZbvNZblL2I&mediaDataID=2713736&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa73e8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame F521 13 KB
5 KB 119ms
79ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5mT09VWJ60bnd1FJl0qAqPbFHTrMYWHnWmb3mRFFr1E3o4Ebi2qvRnTBGXUJ7UHMQoP7LnVnwod7L3TUf5tZan4PrFmbYIYsfXXVFYXGZbOpT742bUWWrZbHVm75REvQQsYNQdUy1dJtWAbu4sM0Xr3ZdTPip56M9RPBD4H3O0HBKpdEo5PBT3s77TcB9VGJ8RAYoTWJ5UUJ32bExUEMwTTJlSTBFSdrJ2GaCMwyVkY&mediaDataID=8039566&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa7ae8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 27C7 13 KB
5 KB 112ms
73ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mT093sr7VcQbWcFlSAJxWdMPUbjY2rauWa7oTEvaSTYLRG7KRb6vSH38VsvW4b6ootyrXaup2HjZbQVjE2mrIptTOUHjdYrfiXbYiXaApPbQZbUUn0WWQ3nFQmRUfNYTQO5EUj4qQ3nqMD1rfcUdjTm6fImsQnmtUA5T373dmq3A7GnFbJ0GQUYcnY0cZbnnEb42bJ4VbFDVAvWRqrRScZbMStUr1G3p0SvINx1pBL&mediaDataID=5436426&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa75e8fb-MXP

GET
H2

200

i.match
a.tribalfusion.com/ Frame D18F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662300927415963&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662300927415963&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=e7752ac3-5759-11e...
https://a.tribalfusion.com/i.match?p=b19&u=e7752a74-5759-11ec-811a-141922060206

43 B
605 B

176ms
175ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=e7752a74-5759-11ec-811a-141922060206
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a7mT090GnQ1c341c7NpEjW5UZbUWrBGVAYTPTf0SsMsStZbx0dJmTmMp3sM1YrQLTPip2AF8PmjK2tFM0HYIpd6M4mZb04cQcUGJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4WYGSVbZa46JZbmdAyTdQc0b7aXbU60EAMRrUZbTbZbQVWM0nrJuRbbM1EFy3TUa4UFYyd7pMvNaw6&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc89a389f3757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 12:33:38 GMT
Server: nginx
Location: https://a.tribalfusion.com/i.match?p=b19&u=e7752a74-5759-11ec-811a-141922060206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 132
Connection: keep-alive
Content-Length: 43

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 9970 13 KB
5 KB 115ms
77ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a9mT09VcQcUcbeRmnvTdMTWrJR2UTpWaUvVEFaSEnZcQVJZaQbInPWviVVYQ5bypmHqs0a6v2trZdQcMZc46QZdmdapUH3eYrU81bY71TqoPbMDWUYSWHU1mrbqQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5qne5d6N5PvZaprMEXsfW1cnU0sJNmqZb43FY2WrMZaW6UYQEMRSV3NStUrYtvuVQBuPF3kMWoRZcb&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa77e8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 2D93 13 KB
5 KB 116ms
78ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a4mT09prMZd0GnQ1sQ0XVrupTZbS5F3QWFJZcWPj5RTU0ScUpPdbMYd7uW6YM3V33XUZbKV6am4A3ePArI2HUtXWMZdmtPn4mMU5VjeUVJ8UcJiPP3oTWYWTbJR2U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0ETw4trZdQVrG2mQHoWXnVWbbYU361Fj90qeMSUFZdUrr4WtQToFBuRUrN1EFy5bnlRWMfOgNC2N&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa7ce8fb-MXP

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 63D9 13 KB
5 KB 117ms
79ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mT090bnb1UBe0aiNPUMEWUM1VWvUnrfxPFvr1Trt3TZbg5qQ0oEbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3AFJmbfHYVUVXcFT1svNpTZbP5U32VFbAUPvYQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4dnsXHQAnt2u36YY5GjdVcrcVsJgPAnoUtY3TFnR3FerVqrwTaYiSTBFQVQCPE2o4qMWyHd2VD&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa78e8fb-MXP

GET
H2

200

i.match
a.tribalfusion.com/ Frame 595F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662300927415963&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://a.tribalfusion.com/i.match?p=b20&u=Ya9UoTTk.JIWfJTKJioSMQAA

43 B
541 B

181ms
181ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=Ya9UoTTk.JIWfJTKJioSMQAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a3mT0936YR3sr7VsQaWcjhPPnOTdnWTrFP3rPpUa3oTTQ7PEnZbQGJCQrEtSdMaWVbV2UenmtaOXT6n2tMHSGJD56FEptamTHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxPF7MYTFr5Ebh5E7YoTBHYUFbUdMQnmYKps3pmWvJ3TZbh5teN5mvLprQKXGrXYcnV0Vbnmar23rnQWFfZbUmnWREbQScZbMQGnNWEbDyXyk26&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc8999f053757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://a.tribalfusion.com/i.match?p=b20&u=Ya9UoTTk.JIWfJTKJioSMQAA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 255
Expires: Tue, 07 Dec 2021 12:33:38 GMT

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 948C 13 KB
5 KB 122ms
85ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamT091c33XG7wmqnU3UQUTFFBUPY2Qq3QQsBsSdbNYt7sWmUx4cYUYUnZbUPmo4mZb7RmrA2H3O0tJCntEw36MV4c7fUsr7UsM6S6FMWdnSWrbP3bTqWTUmWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESsJF26YHotXsVWJhXUf91Ujh1TEtRbMZbUF3SWHFUmUbsQUjM1qUO3TUa2a7RmbYDUGJRy4bA9B&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://s.tribalfusion.com/
Origin: https://s.tribalfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b9dc899aa79e8fb-MXP

GET
H3

200

i.match
a.tribalfusion.com/ Frame 8ED3
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662300927415963&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
858 B

171ms
171ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a2mT09mdAtVWJ7XF3iXrQgXaasSUMBWbvSVdF2ob7mRUjmXTrq3EZba5a32nq7AYUU6WWrRmPvBncfuoWnB5Enk2dyM4PFKnFbGYsfU1cnXXG7nnqfW3r3UWrnFUAMTPTnRQsZbqQdbw0WvpT6Yy2VQYXrZbKUA2n26n7RmjK2HZbrXW3AnW2O36UU5cMcTcMjWs78S6JmUHnPTrbS5UZaxUqjvTTJlQbbZc5bZbvNZblL2I&mediaDataID=2713736&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc89adb372c22-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Date: Tue, 07 Dec 2021 12:33:38 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame F521
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662300927415963&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662300927415963
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662300927415963&cookieRequired=true

0
132 B

17ms
17ms

Image
text/plain

188.65.124.38
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662300927415963&cookieRequired=true

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5mT09VWJ60bnd1FJl0qAqPbFHTrMYWHnWmb3mRFFr1E3o4Ebi2qvRnTBGXUJ7UHMQoP7LnVnwod7L3TUf5tZan4PrFmbYIYsfXXVFYXGZbOpT742bUWWrZbHVm75REvQQsYNQdUy1dJtWAbu4sM0Xr3ZdTPip56M9RPBD4H3O0HBKpdEo5PBT3s77TcB9VGJ8RAYoTWJ5UUJ32bExUEMwTTJlSTBFSdrJ2GaCMwyVkY&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.38 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

icscale-01-pub-ix7.vip.dailymotion.com

Software

nginx/1.19.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dm-lb-name: icscale-01-01.adm.ix7.dailymotion.com
date: Tue, 07 Dec 2021 12:33:39 GMT
server: nginx/1.19.3
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

location: /dspreply?dspId=15&dspUserId=18072662300927415963&cookieRequired=true
date: Tue, 07 Dec 2021 12:33:39 GMT
server: nginx/1.19.3
content-length: 113
strict-transport-security: max-age=15724800; includeSubDomains
x-dm-lb-name: icscale-01-01.adm.ix7.dailymotion.com
content-type: text/html; charset=utf-8

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 27C7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662300927415963&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662300927415963&expires=180

0
239 B

34ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662300927415963&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mT093sr7VcQbWcFlSAJxWdMPUbjY2rauWa7oTEvaSTYLRG7KRb6vSH38VsvW4b6ootyrXaup2HjZbQVjE2mrIptTOUHjdYrfiXbYiXaApPbQZbUUn0WWQ3nFQmRUfNYTQO5EUj4qQ3nqMD1rfcUdjTm6fImsQnmtUA5T373dmq3A7GnFbJ0GQUYcnY0cZbnnEb42bJ4VbFDVAvWRqrRScZbMStUr1G3p0SvINx1pBL&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1528
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc8997ecb3757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662300927415963&expires=180
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9970
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662300927415963&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662300927415963

0
338 B

105ms
30ms

Image
text/plain

54.77.169.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662300927415963
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a9mT09VcQcUcbeRmnvTdMTWrJR2UTpWaUvVEFaSEnZcQVJZaQbInPWviVVYQ5bypmHqs0a6v2trZdQcMZc46QZdmdapUH3eYrU81bY71TqoPbMDWUYSWHU1mrbqQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5qne5d6N5PvZaprMEXsfW1cnU0sJNmqZb43FY2WrMZaW6UYQEMRSV3NStUrYtvuVQBuPF3kMWoRZcb&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 54.77.169.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-169-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1638880419
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1855
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc8997ec83757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662300927415963
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2D93 43 B
131 B 22ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a4mT09prMZd0GnQ1sQ0XVrupTZbS5F3QWFJZcWPj5RTU0ScUpPdbMYd7uW6YM3V33XUZbKV6am4A3ePArI2HUtXWMZdmtPn4mMU5VjeUVJ8UcJiPP3oTWYWTbJR2U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0ETw4trZdQVrG2mQHoWXnVWbbYU361Fj90qeMSUFZdUrr4WtQToFBuRUrN1EFy5bnlRWMfOgNC2N&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 63D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662300927415963
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDCRnXGVVC_za8d7gY4KQtw&google_cver=1&google_ula=2786954,0

43 B
558 B

181ms
181ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDCRnXGVVC_za8d7gY4KQtw&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mT090bnb1UBe0aiNPUMEWUM1VWvUnrfxPFvr1Trt3TZbg5qQ0oEbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3AFJmbfHYVUVXcFT1svNpTZbP5U32VFbAUPvYQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4dnsXHQAnt2u36YY5GjdVcrcVsJgPAnoUtY3TFnR3FerVqrwTaYiSTBFQVQCPE2o4qMWyHd2VD&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc8998ef03757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDCRnXGVVC_za8d7gY4KQtw&google_cver=1&google_ula=2786954,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 948C
Redirect Chain

https://pixel.advertising.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true
https://pixel.advertising.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&apid=UPe7728273-5759-11ec-91b4-069b4222f4ee
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662300927415963&_origin=1&redir=true&apid=UPe7728273-5759-11ec-91b4-069b4222f4ee&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=UPe7728273-5759-11ec-91b4-069b4222f4ee

43 B
545 B

178ms
178ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=UPe7728273-5759-11ec-91b4-069b4222f4ee
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamT091c33XG7wmqnU3UQUTFFBUPY2Qq3QQsBsSdbNYt7sWmUx4cYUYUnZbUPmo4mZb7RmrA2H3O0tJCntEw36MV4c7fUsr7UsM6S6FMWdnSWrbP3bTqWTUmWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESsJF26YHotXsVWJhXUf91Ujh1TEtRbMZbUF3SWHFUmUbsQUjM1qUO3TUa2a7RmbYDUGJRy4bA9B&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9dc89a48c63757-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=UPe7728273-5759-11ec-91b4-069b4222f4ee
date: Tue, 07 Dec 2021 12:33:38 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 2D93 0
168 B 13ms
13ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a4mT09prMZd0GnQ1sQ0XVrupTZbS5F3QWFJZcWPj5RTU0ScUpPdbMYd7uW6YM3V33XUZbKV6am4A3ePArI2HUtXWMZdmtPn4mMU5VjeUVJ8UcJiPP3oTWYWTbJR2U2pUqnvVE3iQEBZaSG7ZbQUuoPH39WsrS4b6onWEq0ETw4trZdQVrG2mQHoWXnVWbbYU361Fj90qeMSUFZdUrr4WtQToFBuRUrN1EFy5bnlRWMfOgNC2N&mediaDataID=6546596&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89a29ff2c22-FRA
vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 399A 42 B
64 B 59ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHPo73hgVlg2ghRyjgCEutyI0Eln8jVOS4KB41bZKqFAuoYTXFt9HmbN-pesJMo0NUD3lByq0jFUknUohV6tKe&sig=Cg0ArKJSzHpAnpkfCBNdEAE&id=lidar2&mcvt=1003&p=134,250,384,1350&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3578026800&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638880417869&rpt=79&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 63D9 0
168 B 10ms
10ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a8mT090bnb1UBe0aiNPUMEWUM1VWvUnrfxPFvr1Trt3TZbg5qQ0oEbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3AFJmbfHYVUVXcFT1svNpTZbP5U32VFbAUPvYQqb0ScQMQdBs1dvnVmUy3VB40UnZaTPys4mZb7QPZbB4dnsXHQAnt2u36YY5GjdVcrcVsJgPAnoUtY3TFnR3FerVqrwTaYiSTBFQVQCPE2o4qMWyHd2VD&mediaDataID=4056396&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89aaae32c22-FRA
vary: Origin

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 595F 0
167 B 11ms
11ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a3mT0936YR3sr7VsQaWcjhPPnOTdnWTrFP3rPpUa3oTTQ7PEnZbQGJCQrEtSdMaWVbV2UenmtaOXT6n2tMHSGJD56FEptamTHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxPF7MYTFr5Ebh5E7YoTBHYUFbUdMQnmYKps3pmWvJ3TZbh5teN5mvLprQKXGrXYcnV0Vbnmar23rnQWFfZbUmnWREbQScZbMQGnNWEbDyXyk26&mediaDataID=6530936&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89aaaee2c22-FRA
vary: Origin

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 27C7 0
168 B 11ms
11ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a6mT093sr7VcQbWcFlSAJxWdMPUbjY2rauWa7oTEvaSTYLRG7KRb6vSH38VsvW4b6ootyrXaup2HjZbQVjE2mrIptTOUHjdYrfiXbYiXaApPbQZbUUn0WWQ3nFQmRUfNYTQO5EUj4qQ3nqMD1rfcUdjTm6fImsQnmtUA5T373dmq3A7GnFbJ0GQUYcnY0cZbnnEb42bJ4VbFDVAvWRqrRScZbMStUr1G3p0SvINx1pBL&mediaDataID=5436426&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89adb2e2c22-FRA
vary: Origin

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
182 B 62ms
13ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=23105
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/23105/3447/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:33:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.mensxp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame F521 0
168 B 9ms
9ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a5mT09VWJ60bnd1FJl0qAqPbFHTrMYWHnWmb3mRFFr1E3o4Ebi2qvRnTBGXUJ7UHMQoP7LnVnwod7L3TUf5tZan4PrFmbYIYsfXXVFYXGZbOpT742bUWWrZbHVm75REvQQsYNQdUy1dJtWAbu4sM0Xr3ZdTPip56M9RPBD4H3O0HBKpdEo5PBT3s77TcB9VGJ8RAYoTWJ5UUJ32bExUEMwTTJlSTBFSdrJ2GaCMwyVkY&mediaDataID=8039566&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89b2bbb2c22-FRA
vary: Origin

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame D18F 0
168 B 15ms
14ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a7mT090GnQ1c341c7NpEjW5UZbUWrBGVAYTPTf0SsMsStZbx0dJmTmMp3sM1YrQLTPip2AF8PmjK2tFM0HYIpd6M4mZb04cQcUGJlVVMjPPnyWd33TFBS3FIxVEjoTTUlQEUGSGQLPbIsSd7dUVYP4bmtmHqsYEXu4WYGSVbZa46JZbmdAyTdQc0b7aXbU60EAMRrUZbTbZbQVWM0nrJuRbbM1EFy3TUa4UFYyd7pMvNaw6&mediaDataID=9148826&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89b4bef2c22-FRA
vary: Origin

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 9970 0
168 B 13ms
13ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a9mT09VcQcUcbeRmnvTdMTWrJR2UTpWaUvVEFaSEnZcQVJZaQbInPWviVVYQ5bypmHqs0a6v2trZdQcMZc46QZdmdapUH3eYrU81bY71TqoPbMDWUYSWHU1mrbqQbrr1EYy5EBd4q71mEZbHXUU8WHBWm6vZbnc7pptYC5qne5d6N5PvZaprMEXsfW1cnU0sJNmqZb43FY2WrMZaW6UYQEMRSV3NStUrYtvuVQBuPF3kMWoRZcb&mediaDataID=6807466&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89b4bf22c22-FRA
vary: Origin

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 948C 0
168 B 10ms
10ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=aamT091c33XG7wmqnU3UQUTFFBUPY2Qq3QQsBsSdbNYt7sWmUx4cYUYUnZbUPmo4mZb7RmrA2H3O0tJCntEw36MV4c7fUsr7UsM6S6FMWdnSWrbP3bTqWTUmWaJaST3FSGFBPbumRWQ9VsbT2F2qmHapXTew3WUESsJF26YHotXsVWJhXUf91Ujh1TEtRbMZbUF3SWHFUmUbsQUjM1qUO3TUa2a7RmbYDUGJRy4bA9B&mediaDataID=6347136&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89b5c122c22-FRA
vary: Origin

POST
H2 200 all
csm.eu.criteo.net/ Frame 98C6 0
99 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=w8sCxoJRMqX_SL9c4qHT0Wv30s94ZQH0Kp9XaMEtHwlW7jQiFlbPMrY06LXAYzjRvk4VTk3jo_5uG4V3RU4POYSrEsRIAKyu3-8ND3wSsSszcYUs2Ct-Yd9gdJcZUf7VmmMB6tX6ydmk7LOUcZ8M3xVa6ahtOezcmyK5n4IpHUoC5PflNNrIIa2g7Vv7FrQlgV96wdr4Tuju6SkRHXGfJSeTSdMb9nu4SQTZ34rNiIiK0K5M59HF6DIUki3n-su4k2ctCw&sds=2&rev=79542&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ya9UoQAI0kUIu8WIAAB10sJ_wDF_oeC_nr3ajg&u=%7CLTzTZ%2BlAYbyp3rNs43Klx9IyJItoTC4jEUN%2Bj3%2BJ2Xs%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8Qi0R9MHSDvviNbApSDsSLl1kBOnBABLmwYMQVw4gbYhE-5EmfFcPAMi3Cha9tYTXzZCIFDKcrRBZ1FOdHIy17MJVgxMvabOPR8i82TKoDHHa075uBuejNNOLt6M7FdxTmX6YmFskGwsPf6XWInFZdJJxXEK9aJLNTykn3AhZbU3mYbZmiPasRdaQWJmTND5apUtFyzOOwb5FwHJpxZzP4XDIuhcD2W_TbYGWnodncRkgcqg9iWpTCvNq6L9VT90tOJjYk-zxJBsc3Xz_iYZ4H4rmBcSwsweugowLdPBRR5BKmWYKAG72CmwiWngZD14pw8lXuzpLqUrqWqJ8cPp4q84qBijz7PiZSDysyr8m1drZC5VW6neYq6fGfreredIO-8DwgYwtWx81ajFORQ-Yg9WWCabQ9oir2UurXsPe26wWuDOHmQKUmKPLwFparFJMfIDhudZoPM65WrKr-FTCNm&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbbHIoVSvYcWkI4iL7_UP0uuB8A_JntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMzA3MjMwMjc5MjczNzGgAdW20uoDyAEJqQI6lOG_Ue-yPuACAKgDAaoE2QJP0GmmogivUy0drYPoHKXo3ostuKqqtDDLY9gpwGZQtId6SdAibZjE1ajBA3oZdlyJ8Ye0-mZb0u1ncak-8udI_YN-G8NBXrqLXVi20aC7kj8W36bsfaHT1TCkzjTXwOBu-719JKFPD0FcJxtiWlBJV_ZWWfUrsEVS53Jt--B0B7oTJIgkUIJQWkqcKkFD-IX2dsZ_a-KabqZJ8aP5UxJmFqRfwszQrSeSGRWn4dxExhyDOJcilfzfyUfi91G3D0o8ukitEPmFv8Yukk-z5IogjdCEsOaP7ytlVzKNFhhZRqzm6VVoYfTborkfyBvD0oVSifS6Dkfe1cjNAdjMaAp10jZCu295zFBPedgSw3cWMJyyRLmfWSKpcbITYv8nhEwR62bmSlVjUyBUS3lFrQB1-ok9aV4Dh0xd_0KiMxrxcWbMlC-dRqBnSlt3_itIi0AFNf45-hTP9lrgBAGABqOygujDjLCAmAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-3izpbsDJYzJNSjJDC-1Pd-byzA%26client%3Dca-pub-2230723027927371%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:33:38 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 745A 0
0 45ms
45ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBMQEaRT23WpBQV7LjhApfOpEOzFsdtgf3nHttJQkCoA5UVqw7G0RS6lb4-qbZeyq7VRM4JnPS3p8yWEqDuAFlarN3RzOtP_khFquG8pMQqORilKHyRdGwHzmv2f1w-mZmZV_LhhgJU3Jqkn8gCaq2iDInEwoS_D63Crco7HSez4S2oHXvWDB9-wuFNGTciETFIM20cQnyurndxWkK2qDeC17c9FJEegzZwMYOkL2PaKnbM7r-TK9qNCxmUjTMWg8kl6iKVLlVqS6DWa6lR-VBAGTU5522F7OfhaXDNkLdXKgSG4FO_EzDA1J87fnZsloZ4Q_Sn7gwRjpheUzaoVy62bImJAtSRBvLNrTgymq09lAGmQ&sai=AMfl-YRwTHfUs93tVcFoYGU8wn2PlUeyFb2XD3D8E1e0JkYyPdTtDHNQ6CgOmPuPpu5sAGM_bZI8uGK0c0XWKQzlWQvlxdQL_8GEX1K_hXrMn5GpdDpUuSlqdACGKMqXNt-B&sig=Cg0ArKJSzEsj57GnFMZzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:33:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:33:39 GMT

POST
H3 200 rum Show response
s.tribalfusion.com/cdn-cgi/ Frame 8ED3 0
168 B 11ms
11ms XHR
text/plain 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.tribalfusion.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://s.tribalfusion.com/p.media?clickID=a2mT09mdAtVWJ7XF3iXrQgXaasSUMBWbvSVdF2ob7mRUjmXTrq3EZba5a32nq7AYUU6WWrRmPvBncfuoWnB5Enk2dyM4PFKnFbGYsfU1cnXXG7nnqfW3r3UWrnFUAMTPTnRQsZbqQdbw0WvpT6Yy2VQYXrZbKUA2n26n7RmjK2HZbrXW3AnW2O36UU5cMcTcMjWs78S6JmUHnPTrbS5UZaxUqjvTTJlQbbZc5bZbvNZblL2I&mediaDataID=2713736&mediaName=frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://s.tribalfusion.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b9dc89bfd622c22-FRA
vary: Origin

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0AA4 0
260 B 89ms
20ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=23105&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 745A 513 B
897 B 26ms
25ms Image
image/png 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:40 GMT
cf-cache-status: HIT
age: 16424
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 513
x-function: 301
last-modified: Mon, 22 Mar 2021 08:13:56 GMT
server: cloudflare
etag: 1616400836
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 6b9dc8a39b1f2c22-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 745A 2 KB
2 KB 33ms
33ms Image
image/png 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mensxp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:33:40 GMT
cf-cache-status: HIT
age: 72237
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1608
x-function: 301
last-modified: Mon, 22 Mar 2021 08:13:56 GMT
server: cloudflare
etag: 1616400836
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 6b9dc8a39b212c22-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame 745A 807 B
1 KB 7ms
7ms Ping
image/gif 213.254.244.25
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=84e9fd5ef842484995a987bc717d9e75&pltfrm=Linux%20x86_64&cbust=1638880420547927
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.25 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://www.mensxp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:33:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.mensxp.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/6/2021 12:33:40 PM

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 16:31:28	Name: UID Value: 1FGJTI6CJO8VTXYDWY3QZAg1638880415
.mensxp.com/	1970-01-20 16:45:52	Name: _ga Value: GA1.2.178687869.1638880415
.mensxp.com/	1970-01-19 23:16:06	Name: _gid Value: GA1.2.470555048.1638880415
.mensxp.com/	1970-01-19 23:14:40	Name: _gat Value: 1
.mensxp.com/	1970-01-20 08:00:16	Name: optout Value: 1
.clmbtech.com/	1970-01-23 14:50:40	Name: _col_uuid Value: 4b9c2686-442b-4041-b86f-f472c13c8188-10u7w
.indiatimes.com/	1970-02-06 23:14:40	Name: deviceid Value: 3xncd5ypn5lnl2bn9h6hempyf
.mensxp.com/	1970-01-20 08:00:16	Name: geo_continent Value: "EU"
.mensxp.com/	1970-01-20 08:00:16	Name: geo_country Value: "DE"
.mensxp.com/	1970-01-20 01:24:16	Name: _fbp Value: fb.1.1638880415653.805332755
.facebook.com/	1970-01-20 01:24:16	Name: fr Value: 0QCO6t7J6y9OQXFib..Bhr1Sf...1.0.Bhr1Sf.
.google.com/	1970-01-20 03:38:11	Name: NID Value: 511=po1VZv1ihZovb561Iy1pPGI9WAvgPmdEeyC4egev-t2jI7iUEz0RFb1YtmluuENCzjWwn8nOHLHK6nKpVL7DFsEzaq9vSi-UTj75QwYUq8k8irvVJUg-XIlyuBR0kk-gWP4yJE-sJ1EcRkuKi2wLqd6K0jvkgwJxCBXooHghYYM
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: F8gTjeTS2_8
.pubmatic.com/	1970-01-20 01:24:16	Name: KADUSERCOOKIE Value: 27624D57-B0BB-4D74-A64B-C5F76FA1DFBD
.pubmatic.com/	1970-01-20 01:24:16	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:16:06	Name: pi Value: 23105:2
.pubmatic.com/	1970-01-20 01:24:16	Name: SyncRTB3 Value: 1640131200%3A35%7C1640044800%3A220_13_161_3_21_7_54_56_8
.adnxs.com/	1970-01-20 01:24:16	Name: uuid2 Value: 5563382784128976257
.quantserve.com/	1970-01-20 08:44:54	Name: mc Value: 61af54a1-54478-a740e-8bd00
.casalemedia.com/	1970-01-20 08:00:16	Name: CMID Value: Ya9UoTTk.JIWfJTKJioSMQAA
.casalemedia.com/	1970-01-20 01:24:16	Name: CMPS Value: 5205
.mathtag.com/	1970-01-20 08:40:35	Name: uuid Value: 872761af-54a1-4c00-b59d-b5aec770a28e
.adform.net/	1970-01-19 23:59:18	Name: C Value: 1
.de17a.com/	1970-01-20 07:53:04	Name: guid2 Value: 1.3940066813531833442
.doubleclick.net/	1970-01-20 08:36:16	Name: IDE Value: AHWqTUmJ-dkM4gZW0y3MUWH6Ol55nSrgqBWturi43OBNVYsjyCI5Dv0rYjusCXLUJIU
.adsrvr.org/	1970-01-20 08:00:16	Name: TDID Value: c5d32968-8ba7-41b2-b7cc-a37223244681
.adform.net/	1970-01-20 00:41:04	Name: uid Value: 881386468935151845
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_57 Value: 22776-5563382784128976257
.pubmatic.com/	1970-01-20 01:24:16	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_153 Value: 1923-lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU&KRTB&19420-lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU&KRTB&22979-lCdQBJciUFOPIwVWlS4cA5UiAQePLlMGkiZ1LgAU
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_80 Value: 22987-CAESEFhaKi7duQPbyIhKIikaiLE&KRTB&16514-CAESEFhaKi7duQPbyIhKIikaiLE&KRTB&23025-CAESEFhaKi7duQPbyIhKIikaiLE
.simpli.fi/	1970-01-20 08:01:42	Name: suid Value: BD7133C9396247ABA7C2D1D8DE6FC5B8
.casalemedia.com/	1970-01-20 01:24:16	Name: CMPRO Value: 1179
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_336 Value: 5844-3940066813531833442
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_27 Value: 16735-uid:872761af-54a1-4c00-b59d-b5aec770a28e&KRTB&16736-uid:872761af-54a1-4c00-b59d-b5aec770a28e&KRTB&23019-uid:872761af-54a1-4c00-b59d-b5aec770a28e&KRTB&23114-uid:872761af-54a1-4c00-b59d-b5aec770a28e
.pubmatic.com/	1970-01-19 23:57:52	Name: PugT Value: 1638880416
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_391 Value: 22924-881386468935151845&KRTB&23263-881386468935151845
.adsrvr.org/	1970-01-20 08:00:16	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiosNCx-uGcOhAFGAUgASgCMgsIpJCS3pDinDoQBTgB
.pubmatic.com/	1970-01-19 23:57:52	Name: KRTBCOOKIE_377 Value: 6810-c5d32968-8ba7-41b2-b7cc-a37223244681&KRTB&22918-c5d32968-8ba7-41b2-b7cc-a37223244681&KRTB&23031-c5d32968-8ba7-41b2-b7cc-a37223244681
.quantserve.com/	1970-01-20 01:24:16	Name: d Value: EKUBEgHzJPijC_vLEA
.adnxs.com/	1970-01-20 01:24:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?eib_j=!]tbPl1M>e)ZlrFUfJ+tGXxo3UBu^[E`'88Y7967U!'m$Dyju>]5+X?L`JIpbpRzqF1`b`vP@UY[
.doubleclick.net/	1970-01-19 23:14:41	Name: test_cookie Value: CheckForPermission
.redintelligence.net/	1970-01-20 01:24:16	Name: 8lcfmzhxc8d6_uid Value: 4d358dd74b045476
beacon.lynx.cognitivlabs.com/	1970-01-20 08:00:16	Name: UID Value: f9832eba-ced6-47a0-a572-91c238837755
beacon.lynx.cognitivlabs.com/	1970-01-20 08:00:16	Name: ss Value: K14V%2FVMCkKnPmCaGRL%2FMRV%2Be22imqiCqliW%2BMxfiYssVUx4YKlKmMiv%2Bcaz6qRb8ndwkRMApZhCwfwHEEZOZWw%3D%3D
.mensxp.com/	1970-01-20 08:36:16	Name: __gads Value: ID=f0c33aef8694b813-2268fac045cc00bc:T=1638880417:S=ALNI_Masnwfk25z-Dx4M504VIiror9emfA
.casalemedia.com/	1970-01-20 08:00:16	Name: CMRUM3 Value: f161af54a105a0&e661af54a12760&5161af54a105a0&8361af54a2276018072662300927415963&5a61af54a105a0&0861af54a12760f9832eba-ced6-47a0-a572-91c238837755&2761af54a10b40&da61af54a12760&2d61af54a12760CAESELyH8ux51mR1ex_Twghg7Us
.casalemedia.com/	1970-01-19 23:16:06	Name: CMST Value: Ya9UoWGvVKIA
.advertising.com/	1970-01-20 08:01:42	Name: APID Value: UPe7728273-5759-11ec-91b4-069b4222f4ee
.spotxchange.com/	1970-01-20 08:00:20	Name: audience Value: e7752a74-5759-11ec-811a-141922060206
.yahoo.com/	1970-01-20 08:00:38	Name: A3 Value: d=AQABBKJUr2ECEAYNLp7Iny3YJx71nIUghSMFEgEBAQGmsGG5YQAAAAAA_eMAAA&S=AQAAAiz7nlDCOapUkuFuTUVnfx8
.analytics.yahoo.com/	1970-01-20 08:01:42	Name: IDSYNC Value: 18gs~21yc
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPe7728273-5759-11ec-91b4-069b4222f4ee
.yahoo.com/	1970-01-19 23:16:06	Name: APIDTS Value: 1638880418
.dmxleo.com/	1970-01-20 06:26:40	Name: dmxId Value: 23280503DC7A37500EMJBLJFUSVQIIQQM
.krxd.net/	1970-01-20 03:33:52	Name: _kuid_ Value: OhsYCxFA
.tribalfusion.com/	1970-01-20 01:24:16	Name: ANON_ID Value: a1nPomMwTkZd6Xlypr6jBMyiEf9f9cZaDNZduXlgZbItOSWunyj60IZaaxQTW7odRFkvu3PgORJBoTsRSCXHKrjUEMn2Tx7gZbGIQJ2FT7DPh08iZbmbXdwpKoyeVqrThvGZdk8dmQKPrb3LJkwYmRLwvZdJZcQHbF36EtQuFdVOvSZcOPIZaN3wUb0YQyZc83WJZa
.pubmatic.com/	1970-01-19 23:57:52	Name: SPugT Value: 1638880419

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://frontend-api-navik.mensxp.com/v1/api/staticbox/detail/2?locale_id=1 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
914c725917cd9e4ecfd8ba2238b6f72e.safeframe.googlesyndication.com
a.tribalfusion.com
accounts.google.com
ade.clmbtech.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
ase.clmbtech.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.contentspread.net
cdn.doubleverify.com
cdnjs.cloudflare.com
cdnx.tribalfusion.com
cm.g.doubleclick.net
comment.mensxp.com
connect.facebook.net
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
frontend-api-navik.mensxp.com
geoapi.indiatimes.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
img.mensxp.com
js-sec.indexww.com
jsso.indiatimes.com
jssocdn.indiatimes.com
match.adsrvr.org
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
rtb.nl.eu.criteo.com
rtb0.doubleverify.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
shopapi.mensxp.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.clmbtech.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.search.spotxchange.com
t.pubmatic.com
tags.bluekai.com
tags.expo9.exponential.com
timesinternet-d.openx.net
tpc.googlesyndication.com
tps20519.doubleverify.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.mensxp.com
www.youtube.com
103.238.100.148
104.111.215.191
13.225.87.102
138.201.63.165
142.250.185.194
142.250.185.226
142.250.186.166
159.122.14.34
178.250.0.163
178.250.2.135
178.250.2.148
178.250.2.150
18.194.17.206
18.210.218.247
185.29.132.241
185.33.221.11
185.64.189.110
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.81
185.94.180.125
188.65.124.38
2.18.233.180
2.18.234.21
2.21.111.28
209.54.180.3
213.155.156.166
213.254.244.25
2606:4700::6810:135e
2606:4700::6810:5f41
2606:4700::6812:417
2606:4700::6812:d05
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::200d
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2016
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:26f0:6c00:199::3621
2a02:26f0:6c00:1ab::216f
2a02:26f0:6c00:281::216f
2a02:26f0:6c00:28a::2a5b
2a02:26f0:6c00:2b2::4469
2a02:26f0:6c00::210:bb20
2a02:26f0:6c00::210:bb3a
2a02:26f0:6c00::210:bb43
2a02:26f0:6c00::210:bb69
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
34.98.64.218
37.157.2.239
51.75.147.170
52.223.40.198
54.77.169.115
63.35.205.32
69.173.144.138
00b5cdf6d8deefc2606bfafef558115588580880ffdda30dd9d8b1dcf643316e
033bc8316bd05070fbc5d73612e743cfd69ba39d3e49f7840b4256dc193afe70
0625657ca9ebf2b533f45de77a2b9a9677609db288f87650e991af43dd01c901
0743de693c1bf235d80a7ede79541819dd9070a722f98da8be8ebb9573830620
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c984ff7f8de894773afc30f2737205f3cf8e7e5a271c8d5b88404c6684991c7
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e07d7ff063c6da393601ad5528d4e0c7fd611dd9092af9d47121ec63640d7d2
0eb7c48d1f1442bf77419c7346711cf1e223b4d24f2e0e7cecfff9e124edf6ad
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1174ec7ef582e89eba71929e1fd6d218e89ce759bb5404c003b9e9ace6ec72ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12969b3c12ea8eecb5d4a1865812c4e7a95d2ffb49b31ace9d8c8c5d8a904c21
132f0dddb372f4236708c1b89a59772ec6336523acbcd36938532d18902af1e9
13f702795e15a5af2e9ee1536768be720927aff20541803c982d7bba9c11540a
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
16728aa2871679b3e498eb2412881ebe6fa3aa5eaa0bf267a89efe268426a833
17d23d0db7da15eb43d6534270daf62f55b786837fac25daec2b5d8c9638840b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19364440919593172205d89c97153832ea73f90f40fd0765db1e35f1f3d213e1
1951210bbe47433b23e462bd32713d6ab81fa4301a47209819e4ff7952c14ddf
1a0d6386b6302c5dba7d833a4ec257d2d76ebca814df6e2b7083221249b7caca
1a940d3259d90d653f1127e35e09e64e2b062ea41292124c88aff6f76819d796
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
1b168e569fcfb233d0dcc8355972de057285b8ffcc0f9b9db8898e5ba0db7194
1d91201d92d0fe92fe145b806430a610913308ef939cd36da9ef9d68eec0f414
1da79c61536acac08c1eedf222a0863a1157c305e44f1fb4104b90b6d7296ac2
1eb61548edcfe684fb7da6ce9be99222c6dc45c5604451e454e83b545b4f9469
1f5f52de805763f0ef3b2677ea164b585a96abdbc5fc7a5a2a0eb057276d09cb
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
232a6ac91462da5b10eeab6cd35f3fb33f84f3436184f3cd1f568a7fc0da1152
24da24caa15683000e7f5503739d3d1033c596e3a26bbb55845f1c1c11d97d2e
254821f8ff38689c8aa12e9b617dddc1b2d552ae8839987ccbdb996b08c902dc
2788ac75a6e812fdd2e7ed0d41363dd7a88bd6c4149507be8b6e21a781298e2f
27a8668e3ae566a8ccca26935d64294d16513d3d5f64726d6e68e108f8ab2c38
27b9c2230b4e6f130bf4a0d342dedb5fea7bc3bd23b6b045f7498d473156f37a
29af0c8109de86bcf0f69ab6f293c71bff84e52c48bdc4193e2e9583f291f726
2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca
2c5e712bb2ee82a7169c92c058b7feb1cd09ea1b5371ec0d7b116071567db0a9
2d6454f5044dbf558cf8adc5b37725afbe41c659f7ef94b37e50e308425b441c
2f509dc59b610fc94eb6ae2e52a04d298a0ca88a95b16c03f4b6e2361f3adfcb
3066939d1537fe174cb34ded58c2ca6fefd2a3f87aefe45d231c7ca13b9b2d37
3295d12e8cb4ce9aa313fc60eca2a02baca108a6290f7b60c24c7c6897456687
33c21f71226e827860c943f7b78fcc9c8e47867ffc180eea594ec4e3fe412f8b
34e78f5251e9e3f089b698cadf08ab9fd972bf13beefba104f2542fcd244a3a5
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36a79135803869f257cae495ca43ee3d321aaaa2ea929856859444522d64cca8
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3975e4ed8fca32df98d0bb50a3bd21f8fe5918558418d0c165d54aeda06b85cf
3b761b98bd1823100e68ab9dea233049cfcf01a97cde70b84beb5d7938ac955e
3d776ad05de09002667c34dcef93d81380cbdcb79c2b28c89da392152028d2a1
3f38d82d65420e2a1315753f2ac864f5113ecff662c3ed21cd6ef5a6f08f84fd
3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f
40b7671ca072f19e1f8a1f1272abd64491a787ab24f6d4b154d1159a51914e8d
4212095932a75294e5b7e2a00d63a9c065a857e9f5d0e25a93df753072896abd
43d8bc325dd2e3ba1997dc14e40ca10ae04064d41e878d24f1976d3db25921bd
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81
466c3f9fecc0b16fb84ffe5704da26c2399d139e24284407066a158d97d1bc3d
47309a503f6a4bbe4d221477468f74f5446454690f0f0985c24e0f5d2a1f0203
4873e68693098d194e3243a26e4f9a58fa08a47e64dfdd924c2528c25d2061cd
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6
49de74fe7b85dd3a9528a3930c8c09a7e998fcd3d5a5ea14d5632dcc7eebefad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c67b557b9b377fca780f02ad85e6b077654e160aeff5a64629f1a427b25c5a1
4ca8570ae77c0b963a918056bdeef90226cb11625118c7ab47b142eb477bfbcb
4d329d4388e984803eab7ea8e1c966ab469825ebeaf2d535698f2f34160a52d2
4d4e478e7e74931dbade16ed699ed577e3d9f1bd7dbdd2adffc978aa9a232c21
4d7c7045d421442d0c03152dea5bacedd328a2ceac3626a9bc05a7d7a65e58bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f20ce925379ec62bd9273732cee26593c660c4cf147bf974c7abc071fb55b
4e1a9a6545e3a3e984d936213b12909cbbe9d3937aad27ed015b5f5fb7909a36
4f9ec5ec45141e8f0ab53da178ca622dae036ad5d7b86d236d0b414d88b0cf36
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522732b39590fc0563a7daf62ef0caf84aa4fc6a5c0c6a0b2cc8a4aab7b97d00
538aef741c54ee0cf9999dd62e7abc29e0fd604b81244e0f2bea2fdfdb11830c
54f71eaab19553c62c10439190374fb024be13f4d263c4f9edbdfbd140a3151a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57207633bdce0138ab26d3190b51c4fe9ae8dd012876393d5ea2de1a0eea5d5e
581f3b3795c71847af7ff7a581eddc9fbbfb402114dd309bd3735f381c455827
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419
5dd377e8e3720586fdbd4ab38b146563dc4ef292fad2e96530bed7a614e5fcd1
60c5b08a39edcde099852d230be55b8ab7f873c483dc1e9d306d996fb8701e62
617d9629681a5478d2aa5a6a52fc0bf8673a721ae5a68af0414eecb995a519b1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
63cdac29c37b4266926c41523d93cfdfd7c645be9bb3f806bd81f32f1d7e0f63
642f6393e5dd0d52d15059d0505c34cec3c9aeddb2052c18f316cc212254f397
654ac19b3da3a556d718c72c1dc98082b44dc5eb23bb08fc3273a176297821b2
66015f899ffae6b37c228a51c4a140d61b592da1ac57497248afd033a762ee9c
660b76c05743d9d3764b7df4a2199e50908c475c3036c5827423287e19401899
66a1e8982954388091f1f1f5f02246d863c1d33c5b8db0d5ea51c4d09d2feaa1
67a05925ae62ef30e4141ff6d7984ba71bc24001d3ee5375e3781910372e3484
67e710a210c8f00d9ba41f2983929c546dc73401fa7cd8321fa08c50befdf7c0
69132f2186afe86571f8c1c7c684c1ad2175b3728b360a91f008c7083c1346c3
69738a39c41ad722f6588996e433f0768beaa9931a3f0778674839123c04a4ac
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
6aad48dde0907d035bdb01024f52600bec81a2c05bcc6b81469751d567faed27
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6e78f024fd4308a09426ced6a69fd3c70655b23d77b1263fbd2611be8ec55ef2
716bca2035b9b06b16e76d050f079027510cdac4aea76df756637b5785cca97f
75ffa5ba4e5e95e51d42cdc8f2876b270361e0db0c4b11911991f74c5d21effb
7643d7db2a9e32b9bedc6324a37d0012c65fca684cb3d378a9f0ab2eec06c165
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7eb693ed90afc9a4bad56dd95c829c6a31ba67ab1dbd8656be3f22fdb73df5cc
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
816c1eebe720fccc09d76d4f239838516a1c65831c00af3586a59ed253239119
8181bc41cc60be17c40dd9dfb5771f7e9bf45718a9727c0ab719d9879a28f49c
81aa43571adb4c0af46e1e8118993d0e8b9b3fb600a3e03a0807d7ceb1e978fb
81c61cabb54883718e3e28733b3b16425b287d8ced984fa75fc33435622bc029
81e311f3f559c06d96b7029d6d355365a4408e0485f0f1600bfab8c089a46761
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856cb384c3b76541b6f840b2089ad92cd8343460ea87418bbe4d699bdbac831f
873d2fccec86f8c83f74fd2470b16953e304767c8466bc95909ee4a65962198f
8789101ffb6504a2717a19ab7c856d8188c0d716657b6851b5ec632f980b4174
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
890aa5604151b6c1af3890b9cbb7c30535fe2122e1a60679ffa42b32e50a475d
8a5a11591126cde6eabda13a258e4233c165f64b268dfb5977bff9f5d670045d
8b8a5b07517656a76981e91e72cdc17bc2c48ab4ea25274a42165ad996ccde03
8bd02ce25f6b0db0bffd4b64e96d7a35717930453ba1340a7b2d286457d155e7
8c07ac3ee1885070d928d3cd5ebec60a7cea001a3062e2ab0d4268c9465dcd0e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6835f7b4e661bfbc33b9bbbfb0e082331dbdc0aee7fd73413c9d3a16c61cda
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
91593b245760eb08b4aaaaf38a83f5ef613221e934aee313f7b24d9cfc0889ec
919517948df0d25d5b2c2c8026f15312feb2b665c5cd5f2ce3e53f3aebc87d2c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93c0c761432b10e2cc6e17dfd58073bcd4b883fdefc1caf1b5b17657d1b72df0
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
948c3f5f3534fe8ffeadadb14e56c502e019b2e6ae71822eb9d9a6257e12bade
9605c69b87e3a4587c7c917c5a9e123feb8d51a3d43fc5786dfeba1de148f9e3
964106cd3b0c3c1eeb07605615d498f04a0e52897a50cd930e794d4ad412a13a
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
975cad3364f2aa46842b23c804012b227df5f63a50724d4adbd5866a318d8a28
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9c6572a65cf6ee6acb87a380114b93aa3c8b5f20869d01460f2eaf39080ecbb0
9dbaff8a1cbe49c1dc34b1cd7af254937a75d2340e53c17a9819530f086482ca
9ea785e94025af92ff4bc8ae7d0e48d6838517c576319d171f66c12517235fa3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a205cb4a8613174b89e0d3c868be134b853badf6e0d8fd86307fbd467396d670
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a38c498cd441d66e5661ed635179b219fdf0f7bd0dc8bc05c32d3aa0403ec1
a4120b80fcc21c45c304448127cf125048120a61ad7a3b39e00f64ec21c3c1ce
a44588e115a7d3af52c304857aeb8a43885b3276a22666ea0577f1cb774271d1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59ef3a6537b92168c520919af1d045b4f98e7ffdd74f12dc96f8defb26488cb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad30a24726b95ca72ecf80ef2bdf9e0ccc64a85893e0ec3201ae953d9f1f7fcd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b353e602ef135ee0c14e1e14a6e60aa93afa5643f56bd58ea5fde0153448aa67
b461732e3db57588734c950ad579d3fa2a62ba4a55ab79221f2fcaa3c96d2151
b7443483c04ff53331f6e11776d0b9fe266c36d4bed603d193109df964491c50
b8ec160182aba1d6538501a6106eec652d3c1077d2946c51ba7cdc90d3860b51
ba0e9ab198a5f79676737b45a9d6e37c12bf13ea34bc2948ed348f4153208513
bde89f49e049eeeeddd05fcfcbbc89c2a867d1afc9748b36d80ef1415003f438
be35c8b812d2ba7ee41c258d9328671968095ec769be11881c1566001f31f3a3
bf0e53c1812ec6ecbf25020d53de992a11d2d2f38cccef80a5c10cbbdbcac97c
bf9401209831551b9c93e83c836d9f745cc2d669d9de417cf0be426d38789865
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27812f599016a5de7b7c29d7dce22956159bcf3f8c67e98a42be6ae254e5a16
c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef
c3f123aeaaaac1fdcdac82e99fa0a7949a6c6b0549170f49601df6df62569c52
c409854587bb80f34e59d25f0de60f28b46228a41462f662ae71a941f313791a
c86ad912333d6687f53a922ce905410a4caeb593bf11d9cd6799276991c61f50
c8944741601a4e077c2a1f4661f9128c09fbf8721aac08ed0f9cf97d921701a0
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ca56c2ea400aad18baebf9f47cd9bf0f5b5e4dcfc3de3ef4f6c6700e5ca5d684
cb1bca37bd241e837421f55226459df4fbba5dbfc4456eb85b917017058ab293
cb316ff85ec3464fbd269175e26ba65830d0e1d6344baefc567e2c69118e9c46
cb817b5f2fae4d27b5ca198abce00c992a82790c8cb9c30e216a81026dca93a2
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d199dd7763ec9875596960d016e0b8bf3b907779788d1d3fe8ce4e1e2af5e24e
d2d101743ce824428677bd91521557a967844c8b84533aa4c6fda81e9172cdb0
d33bca22293dfa9a43d898abe90ef2dfa12abc5acc3f7ec8fa5877cbdf5a3616
d369f41572a8b04f8bb1c964aadc307bed763e01caef3607df24bc8e5fd1f31b
d37891a2199795c5e942a0d8ac48699d9e704c9511e0c4237d5c5ef040bdca21
d492fa0f52c5c9fb64bf3309576d4a0d31f89507eb34767c421dee5fbd1062c6
d55ff5bce3ff0c6f71d190d5894c28711b74240ab5d6bc8106f0cb6bb7a1ee1a
d67956e704c6689202e9897a2b3aa5783ab78504c703afac0600b36686ed7d61
d7753780abcb9fc05fbc573cc2d5fbfa743f1d7670e73974e053ae953b3a6244
d7d1c0f53dc25d0d395a538fc0faada370a0d7608565479e6f4397bbf4783829
d89859e15fa9bb189cb0dbae882c2fb1901a792eb35060525a1219ec8ee12883
d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046
d8e7aed871a4dbc9f6bfcf8cb7a3eecbed835c45e6b0a46291ec3e9906577d13
d98ccc1b4efaa80cb2d94528aa1d7c5489529b4484fa852e8d1482a5ce5c8b4c
d9d2a11c68822a03416d53d8ae594e14e9093e19516f4877d43b78b10078b900
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
dbaadca2c5d1ea83866b56337f26780401867c072778ad83de3db8081b5d0027
dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b
dce45dbbdad7149580fbece36328b518cee0e6e261964d689eeaa1af8a5119a9
dd302acbe52837c6e36c3e15a93f9512eabf0add4eb7018044a7662d2892bcaa
de0deac67dad15ab85928b74ad8411e6e5f088097704a26c5c5654e9664fb867
de324a5293260093af17e6a5c2546553f28120371ed47704577f529e354a1124
de801d89e6f71bf92faa287b9d67520105e6188e703bf3d060223ec2072a95ca
dfc988ef34305abe67329eb84cb49ad709ba6a51f0d885dc041dae88483b158c
e09217dbdecf26a3d8b3e768d126f2b427e239f4fb20904e32ed2b2f710ab4d4
e0ca823b52a72fc78b060449b7821505b092021322af9af9d538bd9ae07a85c9
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e19a43a1dd47a9cb25fe1529363af077d2298ea029437c0bb861918de261531c
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6abf638f6c4627068f4d9cd5a282432b0099f11d1d209f7f14607c283ff49f8
e8b85346c4c48e8ae1a146cf10ad37ee3239522ae7e70733a589eb5265e22897
eac0c8aea9af2ec0b8e350226766bd73298c30791dba8ceb3a730b23ebd75f9b
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ebb442953a3ce0364f5a98860024930173edded92576e08737001ba98d3fb6b5
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
edd26c367e3e5f2310838b6b2a383502940e5af7292ea1986c071e8d4097bbb5
ee5a76f3f3cdb7ac2785c264b4fe5e8b171bcc50104dbaed67514c39dac9f3ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc99193649d9c75523df4a5e4c9689dc83c49033e767c684875fe3d1919b937
f0d12152b20793419741052db2957894577fc6db9c5f12b88529fa837c7958cc
f0f0777055b246f26132d2a91c0225eb8d6102808d68aa1d99e9f5ae8da037e1
f1b2968b59745094bcab953b05c8033234e4dbdc400c3966f55963c3f0905b9b
f339f9bcee479ad98c8f43a87455fa1e5e1fe456de504ca4db6463b4703b0abc
f3c57a38d37ac9805dfd0f9d3fb1e75a09d81bb37e19bc30457d750981f89a3c
f40f3b99a1ddb483358d889ae0b34cb8a90e7f2fde309fd7131692932722ac91
f45129e3da2b59d6067a5d193e132387e2da7011f54ad1ab8a5fbea0a8ab1bba
f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f655e9ddf53f4be18b9a517b0be6f4e1a847224a68952fa24d787b7dcd8bdd85
f763a4452aca651b5eeeece1c272f3d24331e6dd788972a99983c944058ef24c
f7641b6af1e26af4fee737068a32f8ab9e555b0b6dcd9ffc126057a7ca92699b
f77088058757d022422e4272c1a66a8755892d7d3cf850e385df9fd5b666e406
f7df9f2085d2c44ba5a75730444a590a336ede0587548d832a6d3ac79961a10c
f88c3c0063d829a8775850a573133dffc8b789c9609d0f2779b260093cb73135
fb5bd379a1ef72c564b7030a2991b151351cc61e888e2fc5cb935c9a734d9fb4
fd61f36aeea065261f037c48b74e8d99665f0a7e30f2dcbdf7d312677143e783
fda24ec409c9aeeae38bc6b5671b431cb2ad975fed8068abd63f2fcdf021ca09
fe81113299d7aa1d347c29330dc4cc350b3305fda9399ef139c67fe88d74fabd
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.mensxp.com Open in urlscan Pro 2a02:26f0:6c00:281::216f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

330 Requests

92 %HTTPS

49 %IPv6

47 Domains

85 Subdomains

65 IPs

9 Countries

3687 kBTransfer

8291 kBSize

58 Cookies

76 Outgoing links

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mensxp.com Open in urlscan Pro
2a02:26f0:6c00:281::216f Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

92 %
HTTPS

49 %
IPv6

47
Domains

85
Subdomains

65
IPs

9
Countries

3687 kB
Transfer

8291 kB
Size

58
Cookies

330 HTTP transactions
4 data transactions