graham-wjxt.zeustechnology.com Open in urlscan Pro
52.222.214.89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://graham-wjxt.zeustechnology.com/
Submission: On May 19 via manual (May 19th 2022, 6:53:15 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 27 domains to perform 131 HTTP transactions. The main IP is 52.222.214.89, located in United States and belongs to AMAZON-02, US. The main domain is graham-wjxt.zeustechnology.com. The Cisco Umbrella rank of the primary domain is 351622.
TLS certificate: Issued by Amazon on April 15th 2022. Valid for: a year.

This is the only time graham-wjxt.zeustechnology.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.222.214.89 52.222.214.89	16509 (AMAZON-02) (AMAZON-02)
1	104.84.57.8 104.84.57.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.84.56.214 104.84.56.214	16625 (AKAMAI-AS) (AKAMAI-AS)
16	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.92.100.195 104.92.100.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	52.208.250.69 52.208.250.69	16509 (AMAZON-02) (AMAZON-02)
7 7	142.250.74.130 142.250.74.130	15169 (GOOGLE) (GOOGLE)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a05:d018:d29... 2a05:d018:d29:3601:1561:4315:e511:ac5f	16509 (AMAZON-02) (AMAZON-02)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	18.156.107.10 18.156.107.10	16509 (AMAZON-02) (AMAZON-02)
8	18.66.112.52 18.66.112.52	16509 (AMAZON-02) (AMAZON-02)
18	151.101.130.62 151.101.130.62	54113 (FASTLY) (FASTLY)
8	3.124.235.90 3.124.235.90	16509 (AMAZON-02) (AMAZON-02)
4	34.149.193.192 34.149.193.192	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.36.113.24 104.36.113.24	62713 (AS-PUBMATIC) (AS-PUBMATIC)
131	35

3 52.222.214.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-89.fra56.r.cloudfront.net

graham-wjxt.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.57.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.84.56.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

pubgw.ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.250.69 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-250-69.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:1561:4315:e511:ac5f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.107.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-107-10.eu-central-1.compute.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.112.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-52.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.130.62 (United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.124.235.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.193.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.193.149.34.bc.googleusercontent.com

feedr.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
traxex.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	176 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130	337 KB
18	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 6982	151 KB
17	celtra.com ads.celtra.com — Cisco Umbrella Rank: 3795 cache-ssl.celtra.com — Cisco Umbrella Rank: 4530 track.celtra.com — Cisco Umbrella Rank: 4343	177 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 439 image6.pubmatic.com — Cisco Umbrella Rank: 612 simage2.pubmatic.com — Cisco Umbrella Rank: 606 image4.pubmatic.com — Cisco Umbrella Rank: 875 image2.pubmatic.com — Cisco Umbrella Rank: 932 simage4.pubmatic.com — Cisco Umbrella Rank: 1170	23 KB
10	gstatic.com fonts.gstatic.com	80 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	249 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
4	gannettdigital.com feedr.gannettdigital.com — Cisco Umbrella Rank: 76213 traxex.gannettdigital.com — Cisco Umbrella Rank: 10497	1 KB
4	yahoo.com 1 redirects pubgw.ads.yahoo.com — Cisco Umbrella Rank: 12889 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	2 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 466	2 KB
3	zeustechnology.com graham-wjxt.zeustechnology.com — Cisco Umbrella Rank: 351622	84 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 572	745 B
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 571	950 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 615	772 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	665 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755	518 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 826	612 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 330	98 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	163 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 471	2 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 477	364 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 240	11 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 658	26 KB
131	27

	Domain	Requested by
18	www.gannett-cdn.com	40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com www.gannett-cdn.com
16	securepubads.g.doubleclick.net	graham-wjxt.zeustechnology.com securepubads.g.doubleclick.net 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
8	track.celtra.com
8	cache-ssl.celtra.com	ads.celtra.com
7	cm.g.doubleclick.net	7 redirects
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
4	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
3	match.prod.bidr.io	3 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ads.pubmatic.com	graham-wjxt.zeustechnology.com ads.pubmatic.com
3	graham-wjxt.zeustechnology.com	graham-wjxt.zeustechnology.com
2	traxex.gannettdigital.com
2	fonts.googleapis.com	www.gannett-cdn.com
2	feedr.gannettdigital.com	www.gannett-cdn.com
2	image2.pubmatic.com	ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	pubgw.ads.yahoo.com	graham-wjxt.zeustechnology.com
2	ap.lijit.com	graham-wjxt.zeustechnology.com
2	match.adsrvr.org	js-sec.indexww.com ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ads.celtra.com	graham-wjxt.zeustechnology.com
1	ups.analytics.yahoo.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	image6.pubmatic.com	ads.pubmatic.com
1	fastlane.rubiconproject.com	graham-wjxt.zeustechnology.com
1	htlb.casalemedia.com	graham-wjxt.zeustechnology.com
1	ib.adnxs.com	graham-wjxt.zeustechnology.com
1	js-sec.indexww.com	graham-wjxt.zeustechnology.com
131	41

This site contains no links.

Subject Issuer	Validity	Valid
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
celtra.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
usatoday.com R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.gannettdigital.com R3	`2022-04-17` - `2022-07-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://graham-wjxt.zeustechnology.com/
Frame ID: BDD241EFBFEDCAE95C0B85F63099B7BF
Requests: 30 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 1F1C69331D5FF45711A912498A9C93F2
Requests: 13 HTTP requests in this frame

Frame: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 592B8424C35ABF84DC2339C34A4915AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F397D131225CF981509BDEB17C1608AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91DFAD3E900D52A52A365A20F0ED5935
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193
Frame ID: 3D637D094FAD13A22EEB080B3788C707
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoaSFgAChXSCBQAj&gdpr=0&gdpr_consent=&_test=YoaSFgAChXSCBQAj
Frame ID: F0C4014E1F9172FBFA933C376350E0F7
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJIBE7FDSQAAEtu-XL90Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 98BD51AEBF51E7629C8C61C9FA1114AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f8086286-9216-4400-b6e1-0215afdb14f9&gdpr=0&gdpr_consent=
Frame ID: C5C2D4C31850B8D30D7FB2EB62A9D85F
Requests: 1 HTTP requests in this frame

Frame: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 79F59D25F2E149E5B5521052FCAF771C
Requests: 8 HTTP requests in this frame

Frame: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FEC17D43A84DC2FF9BCCC2E938454D2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujbpgr4Vuf3r93ojoGxB01K39pXWbbSUGEPLwGFoibvp4gkEznTWdknZNxYL3oKjQ7E1aWOOG_qwkZLlMFE050dsEAtAYS0ij3scLHG6S669PTh-iguVsubTVD2QnpMUX9iWhJvUck7Db0dF6-3iRKHDaVwlP3QLZ_cRAeKLt-1Ut7S11DrX1mJdruSXLczzR1u2_i-_W33aOvD9NBT5S86K_HlUag-XHBrGWLmKJK8roR8fc5cIvBV5-AhvB9Pr15y1ObcyZZY_GOrqubInhkReijq5XzWyJgOE_4l-p0Dif2XBdKPCbRfoovaEmVkm-DvOTLthxHnKfwJIlTN0JcCQ&sai=AMfl-YTXLsdVIYfuhFztOvBxxCGrHKCpy0krtLMHb_4FKHvWYjUsZzG42-maO2pLmMFvqWSt6Xzufd-prA6i5ZcWNBlsMhBZwM764Te9wBnCxRt40SPMOt9hLfBJyvBBTZELvQ&sig=Cg0ArKJSzCYdyGp__PVyEAE&uach_m=[UACH]&adurl=
Frame ID: D305C474C9C8A7CA8EF198839306C785
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIcX18tcULMQl2krZe65fMkAQR8nT5fPasW-b6EcwRATRBLVMsHHZBA4xWEzWvJcRM5hMzn4R5rb9h1hTe7VoA9M0R3xZWlYf40divcJvN6eXi6ZYt2uH8ZhsxVijeOvAv3JLq5lBtBkPh8nGGJoSHs-Vgjd0kw-h70qxfDE3yQ4tbjurnTEIemdfymxbT0yqVukBn0PaaYHEUaj6t-4XzZSVDamexJ46qtHHutProT4NzaJTWDxj1gDuTZ0RXkmf8ITjD0ofL-sMbAoc8TWT2s8G-Pv_eOV9IPZGGUP6ohU6BpFTviJNSu1RzZ3xmi2KBMkG4xSv_4zssV5tkSw&sai=AMfl-YSLgDYd93ZbfCWA0sjPcVdgnm6L5RCK5SxOMmPJw9N-8ELLP4-4I727VCc5hCBBl3dhMwv8OmLk7bOhioSWlf7jCz6417qH9-KIDvu4RgM1frR7C4bZqPRPS5xsDtk&sig=Cg0ArKJSzAhWe7QttivNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D396AC7F9E8D0627FBFB3688BFBC7B1B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss6b83GNRY3caz11htWql7LXeveQthuphuhRd7iSRm4TJGmm50u32vpaPC3qA1sxytmHtsa72Vh_G_AXzXm4McxT_lI4ZHoIC6N8P4OGBD52eUWH341kQy0e93qJUadb2ID4qyi6_ZEIQzm76M3of-hdXuJiYKY5l2Iu6-0o7RhYXHBidyZL7qO2VU-wsAqgpnmhEymBtcsL0ViqUd6AbQ9_zNjvUKJSnoZaK2oI943fO47OposrTQq0y6T5SL0hHHjBNqbC2IM5pAN6_cfap76FIKHyZ6PomsDPJi7xUgTD3Y-RUmMw-yYQuD0bK6UN310OIQyAlqKtDskBe48aOzfw&sai=AMfl-YSoMP9z1sVSsS8JjyhXFb7L6n43vhkcl-Z1K6cYMP6bUUXImsRPAZ5v2nflP3V4OMDvWAfnkz-K2nGuqWUKh5PLOpQR51yEGi2OSLORUwE5ULN97FSxNTE9QIiSudggHw&sig=Cg0ArKJSzArd3sv12biBEAE&uach_m=[UACH]&adurl=
Frame ID: 2D3FDB82562B6F3CBA94269C2AE7F448
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEbNLhvo6VkJqet6oO5AicBDp_jejR1URe8pGZhdio8JP5iwbIODtEn_ymIerHMur_HfiXKKEOvwGpR0xiFIcaMyeshBt6E9zKhRV2IHT5rXsV6MToJVNb61ITyHFoN8bA8cN-icAA2Hn7krmM8stviPSbTvvpGUQ6JJjC07eelJzoxShrPlMTYQyixAgEHFLNYPVaiNer_dWWwX7dXwrBG_PkXAtxFnbiALqx2qtdztzJeaFbMHg6q0vw1_e2OHppyqOQFE333-JLjT2HTI3TXanAgRCFEPJcaapbCFEmKL6nh76f2qB0-5xeX5pEaSXxa9DzegxC6PuyUUWgJNhXGA&sai=AMfl-YTCjb5zmgQb9ScgztT57M1_kTeSEfL0Lp1M-OyiKreiveAVSKEqXP-rMTlfaTiOLtt1uXflKstHLLvrH7vHYVsV-IrtvxrNo_s9tzoRjC4XqsNhmH0DncwUQB_mJE5DLg&sig=Cg0ArKJSzBatGykd3Gt8EAE&uach_m=[UACH]&adurl=
Frame ID: 28387D2F04BC1E064461AB6CEDE20F41
Requests: 7 HTTP requests in this frame

Frame: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
Frame ID: 1507A970654C5B92045145504BC065E4
Requests: 16 HTTP requests in this frame

Frame: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
Frame ID: D585E47AF44E0F72D6931C03DEAAC5C0
Requests: 16 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Roboto:300/3_webfont.woff2?subset=ADENPX
Frame ID: 70528DB0D1D56F3B5648AC803BE172B7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

graham-wjxt Test Index Page

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

131
Requests

95 %
HTTPS

33 %
IPv6

27
Domains

41
Subdomains

35
IPs

7
Countries

1326 kB
Transfer

3293 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://c1.adform.net/serving/cookie/match?party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193

Request Chain 26

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YoaSFgAChXSCBQAj HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoaSFgAChXSCBQAj&gdpr=0&gdpr_consent=&_test=YoaSFgAChXSCBQAj

Request Chain 27

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKSUJFN0ZEU1FBQUV0dS1YTDkwUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJIBE7FDSQAAEtu-XL90Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 28

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f8086286-9216-4400-b6e1-0215afdb14f9&gdpr=0&gdpr_consent=

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FIi64MPTMO_GpskiRfxkw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FIi64MPTMO_GpskiRfxkw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 31

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=622f6286-9216-4700-9376-081bb4cf53ec

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA1MjIyRUItODMwRi00Q0MzLUJGMUEtOUIyNDg5MTdGMTkz&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA1MjIyRUItODMwRi00Q0MzLUJGMUEtOUIyNDg5MTdGMTkz&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBV5DM3tSl-gQqyZskBeMeI&google_cver=1

Request Chain 35

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2387553211071522135&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 38

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E05222EB-830F-4CC3-BF1A-9B248917F193&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v34fEXNE2uUHaz7a.WotybFko6yVD0w-~A&gdpr=0&gdpr_consent=

131 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
graham-wjxt.zeustechnology.com/ 6 KB
2 KB 439ms
407ms Document
text/html 52.222.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://graham-wjxt.zeustechnology.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77127ee6b7169577d071cc806cc157598e7d86b1d4d99835d6c69558aa02808c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600,s-maxage=3600
content-encoding: br
content-type: text/html
date: Thu, 19 May 2022 18:53:09 GMT
etag: W/"8c4377f2727b00878ef67c11b4730999"
last-modified: Wed, 11 May 2022 18:31:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
x-amz-cf-id: F9w7UrJ2I7EsuX37yP0kDGr1p5sOKW7mcJwvM_7Nh1r0V65euV-pQA==
x-amz-cf-pop: FRA56-P3
x-amz-version-id: IAE4YimOSf3gMahI8CLOlyX37_xwCAQL
x-cache: RefreshHit from cloudfront

GET
H2 200 main.js Show response
graham-wjxt.zeustechnology.com/ 236 KB
59 KB 8ms
8ms Script
application/javascript 52.222.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://graham-wjxt.zeustechnology.com/main.js
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f66aa6c35591e7d118e0e786fbac0c102d4453e87b4820ab3c65e5130212b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: Q3V7zMTBdAz2v19j_lXghivJsNahI4j9
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:31:18 GMT
server: AmazonS3
age: 384
etag: W/"284738e2fa664229e2a6f1274d1e6f09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Thu, 19 May 2022 18:46:44 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: jT6wwF1ep_70OS0XjOEAEfRd8jgBXUgJ2_GqaJPcwDQ2KQjJw9qqfw==

GET
H/1.1 200
OK 192789-135758754412126.js Show response
js-sec.indexww.com/ht/p/ 85 KB
26 KB 60ms
7ms Script
text/javascript 104.84.57.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/192789-135758754412126.js
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.84.57.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-57-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 035a862ce3d6630dd76876ef5ed7b94d8d24b352317e462faf4e3142dd51b8d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 18:53:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 17:51:20 GMT
Server: Apache
ETag: "76451c-15466-5df61057abb34"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=78
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26345
Expires: Thu, 19 May 2022 18:54:26 GMT

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 433ms
8ms Script
text/javascript 104.84.56.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.84.56.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:08 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=77921
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Fri, 20 May 2022 16:31:49 GMT

GET
H2 200 iris-main.js Show response
graham-wjxt.zeustechnology.com/iris/ 71 KB
23 KB 420ms
420ms Script
application/javascript 52.222.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://graham-wjxt.zeustechnology.com/iris/iris-main.js
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cd9dc48f529174f1c5240d963a4a4f3c7e48d9d4908607e02daecfbf1b6f050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: lwwA3AK6gd3JuGMfu7K.pK4yC8QmDjh.
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 16:43:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"d7ffba33d9d2044804420cfe39ec5215"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
cache-control: max-age=60,s-maxage=60
date: Thu, 19 May 2022 18:53:09 GMT
x-amz-cf-id: BEu8XNvUL8Ph7FQLXXgDJ7QRjSS88y-iWC7kFX9tBvuvrU9IbPxQhw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 150ms
49ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

6fd35bdb7c3e3d5885d927a971852662d4b3130641adb3d89c6a415001a3f1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29176
x-xss-protection: 0
server: sffe
etag: "1220 / 711 of 1000 / last-modified: 1652958421"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 19 May 2022 18:53:08 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
401 B 100ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=192789
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/192789-135758754412126.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: b85486a48777deb93c521cdeebc6174af4108a4aa875f482ce85c583fa5ea116

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 19 May 2022 18:53:08 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://graham-wjxt.zeustechnology.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 18 Jun 2022 18:53:08 GMT

GET
H2 200 pubads_impl_2022051901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 40ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127573
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:36:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 May 2023 10:46:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 52 B
91 B 127ms
48ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=graham-wjxt.zeustechnology.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e9fbcdf651a938d0c3ddfe6a72dc73cb13473ef40fc9783d7f470981324b2294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Thu, 19 May 2022 18:53:08 GMT

OPTIONS
H/1.1 200
OK bid
ap.lijit.com/rtb/ Frame 0
0 97ms
26ms Preflight
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://graham-wjxt.zeustechnology.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: https://graham-wjxt.zeustechnology.com
Allow: HEAD,POST,GET,OPTIONS
Content-Length: 24
Content-Type: text/plain
Date: Thu, 19 May 2022 18:53:08 GMT
X-Sovrn-Pod: ad_ap4ams1

OPTIONS
H2 200 zeus
pubgw.ads.yahoo.com/bid/sra/ Frame 0
0 206ms
23ms Preflight 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pubgw.ads.yahoo.com/bid/sra/zeus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://graham-wjxt.zeustechnology.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://graham-wjxt.zeustechnology.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 19 May 2022 18:53:09 GMT
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=15552000
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-request-id: 2979dbb8-5ce5-42e9-96b5-1c032f2c2684
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 29 KB
11 KB 244ms
197ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5ca1bd2f26dbaeab77660c49f780b8c74c6a02f98e4a304a98a7b2c4c96f4427

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Date: Thu, 19 May 2022 18:53:09 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b4fd7bc2-a80c-409d-bb2f-21d91bb227c6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://graham-wjxt.zeustechnology.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 58 B
364 B 149ms
115ms XHR
application/json 104.92.100.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?ac=j&s=661808&v=7.2&sd=1&r=%7B%22id%22%3A%22c5e6632d-adf9-4cf6-87a4-0c0555ded30a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2274f5931cdeb72134%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661821%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_AUTO_INCREASE1%22%7D%7D%7D%2C%7B%22id%22%3A%2293393f23922937d3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_DISPLAY1%22%7D%7D%7D%2C%7B%22id%22%3A%229fd4d591c176427e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_DISPLAY1%22%7D%7D%7D%2C%7B%22id%22%3A%225869159f79069a19%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%2232d60b673bfea36d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%2242d2585910d58006%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%2268b2b2b4bbcb91c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%22c4593a9b5cf87623%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%7D%5D%7D%7D
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-100-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d231b16e312c3d41b39d50233cd5fe21906b72db6b6039d32a72aee92edd4d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:08 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.162], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://graham-wjxt.zeustechnology.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 58
x-ak-client-geo: 12
expires: Thu, 19 May 2022 18:53:08 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 507 B
2 KB 49ms
16ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16482&site_id=349420&tk_flint=custom&slots=3&size_id=2%3B15%3B2&alt_size_ids=%3B10%3B55%2C57%2C113&zone_id=1856174%3B1856172%3B1856170&rp_floor=0.01&p_gpid=15466288%2Fzeus_AUTO_INCREASE1%3B15466288%2Fzeus_DISPLAY1%3B15466288%2Fzeus_LEADER_BOARD1
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25da3eb567fb269c956b34feb6efb4a322c110f0e6d04c362718ee565e30cbd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://graham-wjxt.zeustechnology.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 507
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
772 B 110ms
75ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 0e417be8ba3f323e115d6428704c76d559b7fce5a9c2fec92b804eb14ab4daec

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 19 May 2022 18:53:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://graham-wjxt.zeustechnology.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 109

POST
H2 204 zeus Show response
pubgw.ads.yahoo.com/bid/sra/ 0
661 B 458ms
159ms XHR
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pubgw.ads.yahoo.com/bid/sra/zeus

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
x-content-type-options: nosniff
age: 0
x-envoy-upstream-service-time: 81
strict-transport-security: max-age=15552000
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-xss-protection: 1; mode=block
x-request-id: 69297b3d-422e-49af-af84-2b5e6cceb5e6
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-max-age: 600
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://graham-wjxt.zeustechnology.com
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F1C 15 KB
6 KB 8ms
7ms Document
text/html 104.84.56.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.84.56.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=37262
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 18:53:08 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 20 May 2022 05:14:10 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1F1C 2 KB
3 KB 875ms
160ms Script
text/html 192.82.242.209
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26125598&p=160134&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e1d2a4c7b1c731ef4b6d0b0134bda8ca00291a0b8c88af5dd97f0918c4745c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:08 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=graham-wjxt.zeustechnology.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
57ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=graham-wjxt.zeustechnology.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
21 KB 545ms
545ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2780476515445255&correlator=2284675877906765&eid=31067635%2C31067705%2C31067488&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=15466288%2CWJXT%2CWEB%2CTOP_STORIES&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%2C320x50%7C300x600%7C300x250%2C320x50%7C728x90%7C970x250%7C970x90%7C1000x300%7C1000x40%2C1x1%2C320x50%7C300x600%7C300x250%2C320x50%7C728x90&fluid=height%2Cheight%2Cheight%2C0%2Cheight%2Cheight&ifi=1&adks=1890678921%2C622255232%2C4063884295%2C2483972560%2C957652000%2C226606345&sfv=1-0-38&ecs=20220519&fsapi=false&prev_scp=zeus_rendercount%3D1%26zeus_slot%3Dzeus_AUTO_INCREASE1.init.dsk%26zeus_appnexus%3D0%26zeus_auctionid_appnexus%3D36dda5506b0b7fd0%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_DISPLAY1.init.dsk%26zeus_appnexus%3D1%26zeus_auctionid_appnexus%3Df4221b510254fde0%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_LEADER_BOARD1.init.dsk%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PIXEL.init.dsk%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PREMIUM1.init.dsk%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PREMIUM_BANNER1.init.dsk&eri=1&cust_params=zeus%3Dapplied%26zeus_15466288%3Dgraham-wjxt.zeustechnology.com%26url%3Dhttp%253A%252F%252Fwww.my-site.com%252F%26pl%3Dhomepage%26foo%3Dbar&sc=1&cookie_enabled=1&abxe=1&dt=1652986389537&lmt=1652293878&dlt=1652986388459&idt=376&biw=1600&bih=1200&adxs=800%2C800%2C800%2C800%2C800%2C800&adys=348%2C417%2C487%2C1157%2C1227%2C1297&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1544x69%7C1544x69%7C1544x69%7C1544x69%7C1544x69%7C1544x69&msz=1x0%7C1x0%7C1x0%7C1x0%7C1x0%7C1x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=877790652.1652986390&ga_sid=1652986390&ga_hid=1409362998&ga_fc=false&btvi=0%7C0%7C0%7C0%7C1%7C2&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

f7233255e2c75a1f8d249d5c635f4f0654b90b9e2abf8932abf4367798b9f839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21732
x-xss-protection: 0
google-lineitem-id: 5877504695,5877504695,5947859175,5957012107,5947859175,5947859175
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377402658,138377405115,138384492536,138385386152,138384492527,138384492542
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://graham-wjxt.zeustechnology.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 141ms
54ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

636df9cf300a66283e036d197e3bd6729a829c26f0163d9b19507ca71f7da9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10502
x-xss-protection: 0

GET
H2 200 container.html Show response
40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 592B 6 KB
4 KB 167ms
44ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:53:09 GMT
expires: Fri, 19 May 2023 18:53:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F397 13 KB
5 KB 213ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:37:04 GMT
expires: Fri, 19 May 2023 18:37:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 91DF 783 B
1 KB 219ms
47ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84bebac0fbacf2009ebb1b9ed7ec79d3c199026f7d819fca106b877fd80116a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vDb_JuGhB0Du70q7pVeAUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vDb_JuGhB0Du70q7pVeAUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:53:10 GMT
expires: Thu, 19 May 2022 18:53:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 3D63
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193

35 B
467 B

21ms
20ms

Document
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 19 May 2022 18:53:10 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Thu, 19 May 2022 18:53:09 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E05222EB-830F-4CC3-BF1A-9B248917F193
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F0C4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoaSFgAChXSCBQAj&gdpr=0&gdpr_consent=&_test=YoaSFgAChXSCBQAj

1 B
222 B

164ms
16ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoaSFgAChXSCBQAj&gdpr=0&gdpr_consent=&_test=YoaSFgAChXSCBQAj
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 19 May 2022 18:53:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 19 May 2022 18:53:10 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YoaSFgAChXSCBQAj&gdpr=0&gdpr_consent=&_test=YoaSFgAChXSCBQAj
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4058-HHN
x-timer: S1652986390.106701,VS0,VE0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 98BD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKSUJFN0ZEU1FBQUV0dS1YTDkwUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJIBE7FDSQAAEtu-XL90Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

154ms
16ms

Document
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJIBE7FDSQAAEtu-XL90Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Thu, 19 May 2022 18:53:09 GMT
transfer-encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 19 May 2022 18:53:10 GMT
Server: nginx
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJIBE7FDSQAAEtu-XL90Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C5C2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f8086286-9216-4400-b6e1-0215afdb14f9&gdpr=0&gdpr_consent=

42 B
343 B

84ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f8086286-9216-4400-b6e1-0215afdb14f9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 19 May 2022 18:53:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 19 May 2022 18:53:10 GMT
Expires: Thu, 19 May 2022 18:53:09 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4409 ba5503e master cdg-pixel-x26 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f8086286-9216-4400-b6e1-0215afdb14f9&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FIi64MPTMO_GpskiRfxkw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4FIi64MPTMO_GpskiRfxkw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

10 KB
10 KB

12ms
11ms

Image
text/html

104.84.56.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.84.56.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=37260
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Fri, 20 May 2022 05:14:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 1F1C 0
98 B 136ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E05222EB-830F-4CC3-BF1A-9B248917F193
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1F1C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=622f6286-9216-4700-9376-081bb4cf53ec

0
128 B

15ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=622f6286-9216-4700-9376-081bb4cf53ec
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 19 May 2022 18:53:10 GMT
Server: MT3 4409 ba5503e master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=622f6286-9216-4700-9376-081bb4cf53ec
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 May 2022 18:53:09 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA1MjIyRUItODMwRi00Q0MzLUJGMUEtOUIyNDg5MTdGMTkz&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTA1MjIyRUItODMwRi00Q0MzLUJGMUEtOUIyNDg5MTdGMTkz&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

161ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBV5DM3tSl-gQqyZskBeMeI&google_cver=1

42 B
346 B

162ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBV5DM3tSl-gQqyZskBeMeI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBV5DM3tSl-gQqyZskBeMeI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1F1C 43 B
612 B 109ms
15ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 18 May 2022 18:53:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F1C
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2387553211071522135&gdpr=0&gdpr_consent=&us_privacy=

1 B
405 B

308ms
15ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2387553211071522135&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2387553211071522135&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 19 May 2022 18:53:09 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1F1C 70 B
264 B 32ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 E05222EB-830F-4CC3-BF1A-9B248917F193
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F1C 43 B
991 B 125ms
32ms Image
image/gif 2a05:d018:d29:3601:1561:4315:e511:ac5f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E05222EB-830F-4CC3-BF1A-9B248917F193?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:1561:4315:e511:ac5f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1F1C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E05222EB-830F-4CC3-BF1A-9B248917F193&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v34fEXNE2uUHaz7a.WotybFko6yVD0w-~A&gdpr=0&gdpr_consent=

0
260 B

195ms
17ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v34fEXNE2uUHaz7a.WotybFko6yVD0w-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-v34fEXNE2uUHaz7a.WotybFko6yVD0w-~A&gdpr=0&gdpr_consent=
date: Thu, 19 May 2022 18:53:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 container.html Show response
40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 79F5 6 KB
3 KB 123ms
41ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:53:09 GMT
expires: Fri, 19 May 2023 18:53:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FEC 6 KB
3 KB 117ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 18:53:09 GMT
expires: Fri, 19 May 2023 18:53:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D305 0
0 76ms
75ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujbpgr4Vuf3r93ojoGxB01K39pXWbbSUGEPLwGFoibvp4gkEznTWdknZNxYL3oKjQ7E1aWOOG_qwkZLlMFE050dsEAtAYS0ij3scLHG6S669PTh-iguVsubTVD2QnpMUX9iWhJvUck7Db0dF6-3iRKHDaVwlP3QLZ_cRAeKLt-1Ut7S11DrX1mJdruSXLczzR1u2_i-_W33aOvD9NBT5S86K_HlUag-XHBrGWLmKJK8roR8fc5cIvBV5-AhvB9Pr15y1ObcyZZY_GOrqubInhkReijq5XzWyJgOE_4l-p0Dif2XBdKPCbRfoovaEmVkm-DvOTLthxHnKfwJIlTN0JcCQ&sai=AMfl-YTXLsdVIYfuhFztOvBxxCGrHKCpy0krtLMHb_4FKHvWYjUsZzG42-maO2pLmMFvqWSt6Xzufd-prA6i5ZcWNBlsMhBZwM764Te9wBnCxRt40SPMOt9hLfBJyvBBTZELvQ&sig=Cg0ArKJSzCYdyGp__PVyEAE&uach_m=[UACH]&adurl=

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame D305 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 18:48:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D305 135 KB
42 KB 164ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D305 0
0 48ms
47ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwpzmNsbYBgCQL7RyfwAdguVuUy7vsnwHNr40coOTwZgIOuuZH-nO47tZAmmD-WZeLuzIz
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 181809423698064202
tpc.googlesyndication.com/simgad/ Frame D305 98 KB
98 KB 41ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/181809423698064202

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84baa65a31996370cb5364dbd41c9ceb524bfdc3e257f642f7755eab33b3f1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:23:46 GMT
x-content-type-options: nosniff
age: 268164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99860
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 14:17:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 16:23:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D396 0
0 74ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIcX18tcULMQl2krZe65fMkAQR8nT5fPasW-b6EcwRATRBLVMsHHZBA4xWEzWvJcRM5hMzn4R5rb9h1hTe7VoA9M0R3xZWlYf40divcJvN6eXi6ZYt2uH8ZhsxVijeOvAv3JLq5lBtBkPh8nGGJoSHs-Vgjd0kw-h70qxfDE3yQ4tbjurnTEIemdfymxbT0yqVukBn0PaaYHEUaj6t-4XzZSVDamexJ46qtHHutProT4NzaJTWDxj1gDuTZ0RXkmf8ITjD0ofL-sMbAoc8TWT2s8G-Pv_eOV9IPZGGUP6ohU6BpFTviJNSu1RzZ3xmi2KBMkG4xSv_4zssV5tkSw&sai=AMfl-YSLgDYd93ZbfCWA0sjPcVdgnm6L5RCK5SxOMmPJw9N-8ELLP4-4I727VCc5hCBBl3dhMwv8OmLk7bOhioSWlf7jCz6417qH9-KIDvu4RgM1frR7C4bZqPRPS5xsDtk&sig=Cg0ArKJSzAhWe7QttivNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D396 135 KB
41 KB 260ms
150ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D3F 0
0 74ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss6b83GNRY3caz11htWql7LXeveQthuphuhRd7iSRm4TJGmm50u32vpaPC3qA1sxytmHtsa72Vh_G_AXzXm4McxT_lI4ZHoIC6N8P4OGBD52eUWH341kQy0e93qJUadb2ID4qyi6_ZEIQzm76M3of-hdXuJiYKY5l2Iu6-0o7RhYXHBidyZL7qO2VU-wsAqgpnmhEymBtcsL0ViqUd6AbQ9_zNjvUKJSnoZaK2oI943fO47OposrTQq0y6T5SL0hHHjBNqbC2IM5pAN6_cfap76FIKHyZ6PomsDPJi7xUgTD3Y-RUmMw-yYQuD0bK6UN310OIQyAlqKtDskBe48aOzfw&sai=AMfl-YSoMP9z1sVSsS8JjyhXFb7L6n43vhkcl-Z1K6cYMP6bUUXImsRPAZ5v2nflP3V4OMDvWAfnkz-K2nGuqWUKh5PLOpQR51yEGi2OSLORUwE5ULN97FSxNTE9QIiSudggHw&sig=Cg0ArKJSzArd3sv12biBEAE&uach_m=[UACH]&adurl=

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 2D3F 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 18:48:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D3F 135 KB
41 KB 229ms
122ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D3F 0
0 45ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBkapGOBHlc1n4yHuXNhtuJYNkKPo8tHI-N9U6JFWGdghxYvKEuGETsdnInSBj9um_DJpH
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 11829703404084964200
tpc.googlesyndication.com/simgad/ Frame 2D3F 78 KB
78 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11829703404084964200

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bc29510283806210960b33c39c91d47c2c3e4d29c082934fcf21df4a4164db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 21:10:19 GMT
x-content-type-options: nosniff
age: 596571
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79931
x-xss-protection: 0
last-modified: Thu, 29 Jun 2017 20:03:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 May 2023 21:10:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2838 0
0 74ms
73ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEbNLhvo6VkJqet6oO5AicBDp_jejR1URe8pGZhdio8JP5iwbIODtEn_ymIerHMur_HfiXKKEOvwGpR0xiFIcaMyeshBt6E9zKhRV2IHT5rXsV6MToJVNb61ITyHFoN8bA8cN-icAA2Hn7krmM8stviPSbTvvpGUQ6JJjC07eelJzoxShrPlMTYQyixAgEHFLNYPVaiNer_dWWwX7dXwrBG_PkXAtxFnbiALqx2qtdztzJeaFbMHg6q0vw1_e2OHppyqOQFE333-JLjT2HTI3TXanAgRCFEPJcaapbCFEmKL6nh76f2qB0-5xeX5pEaSXxa9DzegxC6PuyUUWgJNhXGA&sai=AMfl-YTCjb5zmgQb9ScgztT57M1_kTeSEfL0Lp1M-OyiKreiveAVSKEqXP-rMTlfaTiOLtt1uXflKstHLLvrH7vHYVsV-IrtvxrNo_s9tzoRjC4XqsNhmH0DncwUQB_mJE5DLg&sig=Cg0ArKJSzBatGykd3Gt8EAE&uach_m=[UACH]&adurl=

Requested by

Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 181809423698064202
tpc.googlesyndication.com/simgad/ Frame 2838 98 KB
98 KB 67ms
66ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/181809423698064202

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84baa65a31996370cb5364dbd41c9ceb524bfdc3e257f642f7755eab33b3f1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:23:46 GMT
x-content-type-options: nosniff
age: 268164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99860
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 14:17:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 16:23:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 2838 3 KB
1 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 18:48:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2838 135 KB
41 KB 268ms
166ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2838 0
0 45ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS79tNWAF7KCou9BJKHPXxK9fWy_x7b2wVUkgeUTsSmxg43tX6R4pJkNDdiovZlGUdzbBXX
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/2393970e/ Frame D396 14 KB
5 KB 52ms
17ms Script
application/javascript 18.156.107.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/2393970e/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuk98W1GBxClEOyBldzNAam_De6imnIu_Z9eRBILWyOcpnm3zpJD-zeqpHsNdQhERXSEYDRQtaXrZ8WMq0Qjezpx6l1S8ULDA9R_kpS45tV_ocihBuc9HJxlTZnsYIgOI99lJZKLzZuPGUK5DdzwRBadRODkepV5cepQ8BesstLUVSciSl2gclT-HVX0n17ckVtEo-gZrljJaJ5O4_6TH5Dk4vJwXVyLKdGeUvZ5LxgXHgBmBzimDHzZ9gPA72s-wQXm_RJq4pl6XecMNxmFE5kYnabMxwf4kUDuKT8hTFNP1vd-9WSvOBFs7Rfwp_2x-11PQQv-5Yv0c4BrQ%26sai%3DAMfl-YSm63VTtag1xhqH3tPMIM-hG0EI5pT3kGm9ys1DRuy-bptbR_l0xbX9GRMWBdZc5cP7DdWQBRrxySPXEO56JfVNPgJxU5PCCVmp7smyX5Nj4LWQnijzQxgFWMG4lkc%26sig%3DCg0ArKJSzEvjFepmDLAoEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&sticky=bottom&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138385386152&externalCreativeId=138385386152&externalPlacementId=188961168&externalSiteId=14466408&externalSiteName=zeustechnology.com&externalLineItemId=5957012107&externalCampaignId=2998480730&externalAdvertiserId=192161688&coppa=0&scriptId=celtra-script-1&clientTimestamp=1652986390.153&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=35451715320071453
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.107.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-107-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 98ea351ad1ffef2ee5c76df375e482450ab9e2d31538cf40ee9294a3ad0fddb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4875
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 91DF 0
0 159ms
80ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=2780476515445255&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame F397 35 KB
13 KB 120ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:06:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 18:06:18 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/2f1ba6ea/compiled/ Frame D396 483 KB
117 KB 67ms
9ms Script
application/javascript 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/2f1ba6ea/compiled/web.js?v=2-5aefa59a54&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/2393970e/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuk98W1GBxClEOyBldzNAam_De6imnIu_Z9eRBILWyOcpnm3zpJD-zeqpHsNdQhERXSEYDRQtaXrZ8WMq0Qjezpx6l1S8ULDA9R_kpS45tV_ocihBuc9HJxlTZnsYIgOI99lJZKLzZuPGUK5DdzwRBadRODkepV5cepQ8BesstLUVSciSl2gclT-HVX0n17ckVtEo-gZrljJaJ5O4_6TH5Dk4vJwXVyLKdGeUvZ5LxgXHgBmBzimDHzZ9gPA72s-wQXm_RJq4pl6XecMNxmFE5kYnabMxwf4kUDuKT8hTFNP1vd-9WSvOBFs7Rfwp_2x-11PQQv-5Yv0c4BrQ%26sai%3DAMfl-YSm63VTtag1xhqH3tPMIM-hG0EI5pT3kGm9ys1DRuy-bptbR_l0xbX9GRMWBdZc5cP7DdWQBRrxySPXEO56JfVNPgJxU5PCCVmp7smyX5Nj4LWQnijzQxgFWMG4lkc%26sig%3DCg0ArKJSzEvjFepmDLAoEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&sticky=bottom&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138385386152&externalCreativeId=138385386152&externalPlacementId=188961168&externalSiteId=14466408&externalSiteName=zeustechnology.com&externalLineItemId=5957012107&externalCampaignId=2998480730&externalAdvertiserId=192161688&coppa=0&scriptId=celtra-script-1&clientTimestamp=1652986390.153&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=35451715320071453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9734f1caba421d99aa77808561264e6f8352c53a7028e5ebcf954abeec4e49ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 12:19:14 GMT
content-encoding: gzip
age: 23635
x-cache: Hit from cloudfront
content-length: 119309
access-control-allow-origin: *
server: Apache
etag: "bc9011b2ae41ea3ee5fa9cda6be7850f259d07a9615007333480442ce314c053"
vary: Accept-Encoding
x-varnish: 17531296 33423706
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: jBGQtrcrFx74WnIITA4X7LdW_0wLkieI7ZdbHAmESeycEM1thJRU4g==

GET
DATA 200
OK truncated
/ Frame D396 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5b3dad41-9783-40a0-88e3-039ebe0a9dd3
https://graham-wjxt.zeustechnology.com/ Frame D396 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://graham-wjxt.zeustechnology.com/5b3dad41-9783-40a0-88e3-039ebe0a9dd3
Requested by: Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7FEC 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 07:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 May 2023 07:48:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FEC 135 KB
41 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 79F5 22 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 07:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 May 2023 07:48:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79F5 135 KB
41 KB 172ms
172ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FEC 0
0 74ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCPPnE2SCvS9gfzZsfT1uSPSfifmN_E522EHAYs6rhODiH5nJVFPbg_qZTcmFwGSxJyfre_TV7WP2PSFCaRC4CDb_j-CuAvWH8Ah8H03w3Ue1rQbJfiyTkWGZt8nB2U7mBdkIlcy9BkPA6bGIR0KizmTF4jWszSklUk06bzT0-v9zTRQCKE4P6_7iaXen24EgztIykXtrN2tTkZ-bX8Vm8gcknoVUX3O5wlNw3iVfAnLvsalke-4QUNo0km5THz6Yr_yvKhx1wdQpbeqAeQCjKOeeVdCupgGIRENn04eLsM2yQC2EjenLPHeQXKKfatQX7zl3379TO8rsqFwdzDA&sai=AMfl-YQ7rTIflOZP9HQMzXVA0nqxUWp_leh4LbttHul5461hIpkZyFRPZJxPIO9m9Gb2-8gjRXS6HBq09uPDRIY-QRU2qrNQQM0rOvWHR2ZyvFx5Y7ywvaI94MzX1MqnJ8FaWw&sig=Cg0ArKJSzGg244mtRETMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 indexa.html Show response
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame 1507 48 KB
4 KB 217ms
172ms Document
text/html 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

65deb65657a8c3fa726902222428caeab2b5b8c6175b0c13a328074f8fe25dda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=2592000
content-encoding: gzip
content-length: 4018
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Thu, 19 May 2022 18:53:10 GMT
etag: "d9f12bb648e4755568e5406ec9776fe8"
expires: Thu, 19 May 2022 18:53:10 GMT
last-modified: Tue, 04 Jan 2022 20:51:10 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: UploadServer
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-goog-hash: crc32c=5qxl/A== md5=2fErtkjkdVVo5UBuyXdv6A==
x-goog-storage-class: MULTI_REGIONAL
x-guploader-uploadid: ADPycdtI0UsiztxC5jHuaM_gmdAwLJbbT8uE3jcG4PKNIsL0ot21GcWNMQy1BFXWNmb0RkPs3hiYoyBZMe1L1UkENfmgYwAZYoAR
x-served-by: cache-iad-kiad7000170-IAD, cache-hhn4059-HHN
x-timer: S1652986390.353630,VS0,VE165

GET
H2 200 pixel-transparent.png
www.gannett-cdn.com/ads/images/pixels/ Frame 7FEC 34 B
106 B 54ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/ads/images/pixels/pixel-transparent.png

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5046f0b92ed05899e581e8925fa44843ae79b2182ee54e8c29caeb85de36f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=om7kaA==, md5=MH7mAANLFidgCYAO1A+Npg==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4433031
x-guploader-uploadid: ADPycdsyYSrtJMcMlSiJiYByVe8zcYVzs9STHeTWcNfwefEuwo_q_5lbXalf2wEaqjmG8btPSEXails452o8UGZWNGO51bKEGA
x-cache: HIT, HIT
fastly-io-info: ifsz=97 idim=1x2 ifmt=png ofsz=34 odim=1x2 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
x-served-by: cache-iad-kiad7000036-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986390.353574,VS0,VE1
etag: "TIXdxAG8FdFdlOxa5MQ88La2lsK5TWScLow7B3nNNXA"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 29 Mar 2022 11:29:19 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1027, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79F5 0
0 73ms
73ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp2vqMcyufzJDrOlnIFeqj02TIUR1aNTARfZ0CMqWL0YePMfZ3MsQCySBTrRYNycDzBSWid45mWxwFDnMpbAIjR0BmNpS94MApQjIQryCQWSTCQ6mjyLUwb4_oyx8VKs9Ne8CbA44rjwdKCmc3FuVR22ySxaL3-9wZed4QgSlPR99wZ7AA5nN7NekkWy_xL3R7-gX-YlVLfVoXG6BAIrppviMQoTdvLT4xMuDQ-xlWPYojUXkI-z7tsX-6CxU_QkcFc8iy28Glbztp5KluPE-aX8r0yMKQg-jLYtDKi7umxK71xeZRcmvGQ7CXbNx7i_1Fxhv_Cbr-ia0iDckIKw&sai=AMfl-YR_65ksAdClxTe77Kaeob6AYa-gTWL9kAY9EWY2w7v9JPoI-HgF7GEhBippx8bsgcG6zTh41iExgjC1uDBpttAsBnZ0tUBAvSCa4rfoiCXihy2tyDUtnunGUqAPQbey5g&sig=Cg0ArKJSzJOL4D77LyuDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel-transparent.png
www.gannett-cdn.com/ads/images/pixels/ Frame 79F5 34 B
847 B 51ms
8ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/ads/images/pixels/pixel-transparent.png

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5046f0b92ed05899e581e8925fa44843ae79b2182ee54e8c29caeb85de36f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=om7kaA==, md5=MH7mAANLFidgCYAO1A+Npg==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4433031
x-guploader-uploadid: ADPycdsyYSrtJMcMlSiJiYByVe8zcYVzs9STHeTWcNfwefEuwo_q_5lbXalf2wEaqjmG8btPSEXails452o8UGZWNGO51bKEGA
x-cache: HIT, HIT
fastly-io-info: ifsz=97 idim=1x2 ifmt=png ofsz=34 odim=1x2 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
x-served-by: cache-iad-kiad7000036-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986390.353532,VS0,VE1
etag: "TIXdxAG8FdFdlOxa5MQ88La2lsK5TWScLow7B3nNNXA"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 29 Mar 2022 11:29:19 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1027, 1

GET
H2 200 indexa.html Show response
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame D585 48 KB
4 KB 175ms
134ms Document
text/html 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=

Requested by

Host: 40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
URL: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

65deb65657a8c3fa726902222428caeab2b5b8c6175b0c13a328074f8fe25dda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=2592000
content-encoding: gzip
content-length: 4018
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Thu, 19 May 2022 18:53:10 GMT
etag: "d9f12bb648e4755568e5406ec9776fe8"
expires: Thu, 19 May 2022 18:53:10 GMT
last-modified: Tue, 04 Jan 2022 20:51:10 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: UploadServer
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-goog-hash: crc32c=5qxl/A== md5=2fErtkjkdVVo5UBuyXdv6A==
x-goog-storage-class: MULTI_REGIONAL
x-guploader-uploadid: ADPycduxDCF10SnqqJ_pc8nkGRj1smV3Z2LrIO3g_bMpLW-NQO61zFOC0M7pP4JB0E5Zt3PXeUJBsOlcnorznYEfc7pH
x-served-by: cache-iad-kiad7000100-IAD, cache-hhn4059-HHN
x-timer: S1652986390.353591,VS0,VE126

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D305 0
0 75ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYZAF0j5Z1sCJVWYFOF2kFQD9mEv84fw1B41JYsBFCQZa2tgo-pJwgycmyhEdyHbmgDBelGX_C2OHNz8S77lZTWcW10vcZHuWhYPbSR0daQeZPDN7sXzdy5eMkFjTnef9OQ0RQrWibPpov09EMWi8CfNxANwYp2pE5QZJ8MbMB2QYxGWknm1ZrLz4AcREw1EtKRDCqL59OnjDeq8wtifNQZIlXqHxQYbVgcUM3YI4NO72qV2YQOYjrm1B0V0uhTLnIYVnA_q-N38NWxl_eSsKORGMV_bUU2FYeZbhLiOfu4Q_wKCGGReTtoUxSO-GxsqyBemitF_EqHYiuKBlQLKuqpC4z&sai=AMfl-YQzI4WugrE1WZm4dBDMzU-nHkCzBEv5XJeh7AyAK-9XK1EWA0lSxAtF-0Ie-Fnn-UdKRXDLBeReDEiTaAtt8E8ObLmkEeQa7IE-GFlYPuNrpwy1LNmKqQMUDXxrrBDlpg&sig=Cg0ArKJSzGb0b3BYucS7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
DATA 200
OK truncated
/ Frame D305 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fbe65559e75d396c066d180a80ec512ebda0f97334f6a212afceffaa7ae12da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 51ms
11ms Image
image/gif 3.124.235.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC4zNzksIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=2989427671
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FEC 0
0 77ms
77ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskGzZKToqm50B_Ozdt5R0cYR3r8n_O2iw1qEGt2qTiF5w_v-5HCgIPSJqvl3i4IpBGtaekuS-CMBUJ-e8fWJw8-BxOc1GnmGuXIeo_wMOs5Is3avVvOztEpZYwz6zLVQ7w0EIXGXC6FM60qElWmAbqfnjCfb1qEnXmIfdD1nNbcTp27zyu2YM4RIItenob6kSQigCqCrXq_7IEYO0RDigs_0S5dsE4VC8kSwKe6RTMjUtLi_xnfevj5OUKkHPSIG2kkg6WpDZjVOevTf1elBdyB_db1D5Uf-Z7Sr9t4TRg-wPBIcskh1Q5pN53DEA1IiY-ChehuOcDfKO0CAgmEOTB&sai=AMfl-YRQ-L6SxUyKCR6w_AdxcLqzfwzcuBVT9Dp1gXDtVJVE5fjmHneWlyI1IIScgRgfsxZiTvrjkPnKplvFpBmWFX2tMxUrGNyhWj55Cvx0iKDaWUSNf_wZafPQAAiotedtEA&sig=Cg0ArKJSzGJjNnE-2CtfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D3F 0
0 75ms
75ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxYE6yrnufaY-yx2OccUjuqa4PC9SUxNhuBECY6Zl1SafGmU-DY20ylmVZsVBz2HlF8SBJrFrNfrpPBfj3393VmK8Et8uunt1Dx6qkU4ZQkblISmpFP8UCXCn9uU7f-Q3rxlfP0RRkm9fsC-BtvBEQcf0gZ3ENkjYMYEo9Zhk8IwU8pIPb7BinSuP_hhFWF1ulwdkMzzLS_R8fQnpYEprUSz1wj4V-lW6_BrpR6_7l6lLRYyqJnOOtNz0qrzFPX9FfobgTcL5nBmfdWMyPjHmVcBvfGgVoYJ-NdPnhXNVLYC7r7AoZwiOJ_-1h6iOFefd00t3nKdKbwA_SlB7Pkz0j4UVp&sai=AMfl-YRlfrYyiJBMqx9LIbwcEl5NbxIl8rTHTyc7jUJHuMVWp61_Xvd6-X8CvAdI_I8ZsQ4Wu2Ssw2zlcjw6-6OW-L9gRLzoL037ZWy6t4Hd97f01i3LgOoqqeijcKXhE2tHNQ&sig=Cg0ArKJSzIrh1kmJx16eEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
DATA 200
OK truncated
/ Frame 2D3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd09df52edc94165d02838c737d44f3e9751e4aff0b62ed1e4efe5d775b24cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7FEC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b98e8e7c8742d071627884d36fff225c093d8ffa8a4ea37124d11892c6414f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D396 0
0 74ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuB3dr1oyCB-1qGg9aHtTIeUBYscaa3OPRDdy2ntwIMzbvmm9xIC33b7rDV7BzTwC_RCA9m-T1ApCHBtsUsecKa2punJyIKYnZfO17HZS16c8x_GdwQQStF1GkamrGbyfFXuVMZaq_snn3nhMSBla-HiyogJFnV4bQHd5nec2CS2uB8WxoOZof8qJtuGi9eaJb93hQQ3cg6utm19VomsNLaNybRTaez3HInwxBdsGmNNBZZ422zNPMcvevNkX-nY9dPuqmDI3LzGj32PWuL-a8zB3AIhQ2rJOg13e-h7vjQKegLV2eMziBXsqSoNC5t16eCqa9jLeZhNKq6mJnYC3T2&sai=AMfl-YQUgky08_ZuH6mv7Dl2jzCVX3CKJWFn-RhS7gKElLd4pp0sRudXPI4qbmUq0t7VI2pLqys5D9eIRRwMDU__ThsLbiE3AyjgY4YnXRrAA3HHLLvFPz0M_xUoj26BvkY&sig=Cg0ArKJSzONmkBCk6hltEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2838 0
0 74ms
73ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDZa3DLo5cqRKb7tzjv12d67KqNLgLOYRuCU14EXtzWQhETwAuGuQ4rv5daeagMHLL_TN-uJWY9CjmpXjeikuOk3fW5P37lAxb-mxhslffJxXgMgaVMdk-IHCwTvPkXg4mSyponxwmm2knLmhU_x3J-Gr5GoyZeQE17b9qslq1ogWhFqTCpC3VS8zzjQP2DKYMXJcS5LeMRYKftamLuanDEC2-leMm9CVFzUeGu-f9jAB4wWW_x138fLcVGicjZ5gPHV20Qe4Fh9lWFDVPKxK-dIvs1paiUBEx7q0kZh1-oyiyckiVPDSbx8EAoV4P3MVBFnvZgJMn9Cra2RPJqJ1XxitT&sai=AMfl-YT0aCEWzTn8xqIq_Y7s3SjJTLl7TrKzHCGV0UhGOqhbBnjwg1DDk5ex2ubeTNJkPvRjLhUTzrDs8Uf-BHi7kEap_lZI62YSkCqdDLkEGl2aN0GB69-8BF0PvG-aAuR9EA&sig=Cg0ArKJSzIFpddOb5QVdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
DATA 200
OK truncated
/ Frame 2838 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f6c4c34cd0c86e724e9c308ee3d7901147b912747ded37dc03d1a8cf7735c8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79F5 0
0 74ms
74ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFeJ05hel_-EejRbFBL37fkngmpmQUDsbOlQClalT0AiHF9cL9htWLdjj1V_whBSBfbxxK9cPqZKU6TnJHPu492vXf_9Zdk6WyT11S9_wB1oTAmlQvPRFoc14GWunNlAlD2kTxo6LJP2GRZ9DhxhVyOycYrhetQNpMnr4hKGnuL_DaSqDzcNH_a8h1Ti8aZLzf93Q4zYx9SaufcGCp74lQvQFIwZvflvLFutLoFuNhl2GyFX2OqYsFtg3PV-4IFJVcRQ_CA6udGI24XTEwQettMvIVUUnCviPw3n4A5YtEZPdevGc9MiO2tNQwK7cTS4ICQMDV5kBZt34dvnu6CK6I&sai=AMfl-YQy6S6PI8MnDgMOvSmgMSqO2QZAjpOEtpK0kzY-m46kyroIV_FbsjnDVxMCGcZ-G70z_5BMrkLh2yo8v-zYGxKKORl7NkinM0yDx25qCxgMOKOR5OEcSJI_8fdQbWDn2g&sig=Cg0ArKJSzAnBx_0lOvPrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 18:53:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 May 2022 18:53:10 GMT

GET
DATA 200
OK truncated
/ Frame 79F5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9feeddb7799235e79701cef36b3bbcea245e599504537b0fe96d970c9129a01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F397 0
9 B 42ms
41ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?srS-jA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 adapt-2-10-0.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame D585 95 KB
32 KB 9ms
8ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1dea90386c11f1da5d474b875450f6b5295661804784789e4b3643ad8545b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=UrSRQw==, md5=uSocWvVEIRy00Dg5/DKE9A==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2335079
x-guploader-uploadid: ADPycduUk-wGOrxVx7sgFgx3-1NwhHXk7QOXHa-wh9gM8bBBMg_wIgyk1jO5U09qicvFabd7w5GCkfkAEEyB0Cfi_lHa
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 32418
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100122-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:54:03 GMT
server: UploadServer
x-timer: S1652986391.554320,VS0,VE1
etag: "b92a1c5af544211cb4d03839fc3284f4"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 18:15:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 144, 1

GET
H2 200 adapt-2-10-0.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame 1507 95 KB
32 KB 7ms
7ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1dea90386c11f1da5d474b875450f6b5295661804784789e4b3643ad8545b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=UrSRQw==, md5=uSocWvVEIRy00Dg5/DKE9A==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2335079
x-guploader-uploadid: ADPycduUk-wGOrxVx7sgFgx3-1NwhHXk7QOXHa-wh9gM8bBBMg_wIgyk1jO5U09qicvFabd7w5GCkfkAEEyB0Cfi_lHa
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 32418
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100122-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:54:03 GMT
server: UploadServer
x-timer: S1652986391.607847,VS0,VE0
etag: "b92a1c5af544211cb4d03839fc3284f4"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 18:15:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 144, 2

GET
H2 200 adapt-2-10-0-owned.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame D585 999 B
1 KB 8ms
8ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-owned.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

11cda5deb5eab99ea93cca9c1bc86346b2a344d9761cfa6f6fee585318a2696d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=Spa2uQ==, md5=X8n6YddqSGdjwmYthSxYfA==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1163781
x-guploader-uploadid: ADPycdtxv7IljxHL-5Q34VeOOmtt0PZGMVj5jlUyGg2TwM9nmj8cUhfh5IbRUF-lcH3rFLDWaZgxQuC4kJd5XWBge0dlqA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 591
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000177-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Wed, 05 Jan 2022 15:55:48 GMT
server: UploadServer
x-timer: S1652986391.620351,VS0,VE1
etag: "5fc9fa61d76a486763c2662d852c587c"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 06 May 2022 07:36:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Roboto:300/ Frame 7052 2 KB
3 KB 22ms
8ms Font
application/font-woff2 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Roboto:300/3_webfont.woff2?subset=ADENPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1

Request headers

Referer: https://graham-wjxt.zeustechnology.com/
Origin: https://graham-wjxt.zeustechnology.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 05:00:12 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
age: 6961978
x-cache: Hit from cloudfront
content-length: 2188
server: Apache
etag: "9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1"
x-varnish: 6222634 11970051
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/font-woff2
x-amz-cf-id: WLro8XfUt7JolMuVLaZrgCMK4Y5QOBNO1lnfGiRWp-l55Luxe7PJng==

GET
H2 200 adapt-2-10-0-owned.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame 1507 999 B
681 B 7ms
7ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-owned.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

11cda5deb5eab99ea93cca9c1bc86346b2a344d9761cfa6f6fee585318a2696d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=Spa2uQ==, md5=X8n6YddqSGdjwmYthSxYfA==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1163781
x-guploader-uploadid: ADPycdtxv7IljxHL-5Q34VeOOmtt0PZGMVj5jlUyGg2TwM9nmj8cUhfh5IbRUF-lcH3rFLDWaZgxQuC4kJd5XWBge0dlqA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 591
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000177-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Wed, 05 Jan 2022 15:55:48 GMT
server: UploadServer
x-timer: S1652986391.640810,VS0,VE0
etag: "5fc9fa61d76a486763c2662d852c587c"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 06 May 2022 07:36:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 Minimize.png
cache-ssl.celtra.com/api/blobs/d058f332ec79c6e00f1045d5a28488b6241a5d0ec5e6a8d36e64b63a2eb4f5e3/ Frame 7052 93 B
607 B 8ms
7ms Image
image/png 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/d058f332ec79c6e00f1045d5a28488b6241a5d0ec5e6a8d36e64b63a2eb4f5e3/Minimize.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 04:13:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 2990369
x-cache: Hit from cloudfront
content-length: 93
server: Apache
etag: "65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd"
x-varnish: 175851 15636342
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: XM0H0Sno4SkA3KLrsZciFsFSRtxJSdi8uWnptdpF0h1DkZC7-zlWOQ==

GET
H2 200 Min_Over.png
cache-ssl.celtra.com/api/blobs/57a521c8096594b6b3215dcb74d37533419962d2712c12f70fa052c9bbb4d0a8/ Frame 7052 229 B
744 B 9ms
8ms Image
image/png 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/57a521c8096594b6b3215dcb74d37533419962d2712c12f70fa052c9bbb4d0a8/Min_Over.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 04:13:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 2990370
x-cache: Hit from cloudfront
content-length: 229
server: Apache
etag: "5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28"
x-varnish: 39458571 7638866
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: BUTaNEFqfW4TdCB93xA9qVl5nSSvLEQiFa8SxxMa__or2YLJb1CZ0g==

GET
H2 200 140x120.jpg
cache-ssl.celtra.com/api/blobs/ecfbe6fb1a8883a6fe41a0138417385e60cb76fc3e367546c031e374814a6505/ Frame 7052 6 KB
6 KB 8ms
7ms Image
image/jpeg 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ecfbe6fb1a8883a6fe41a0138417385e60cb76fc3e367546c031e374814a6505/140x120.jpg?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3369aaedec4ff28fcd9d3c4bbd39b3846fb1c1465863d17a14004db373f12b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 04:08:23 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 2472287
x-cache: Hit from cloudfront
content-length: 6073
server: Apache
etag: "3369aaedec4ff28fcd9d3c4bbd39b3846fb1c1465863d17a14004db373f12b99"
x-varnish: 5286830 6038877
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: EKgCDKpzBeKfPAi7GYCYq3aoQCIOgbBTjUwS7FztUyTSMQayCSL1LA==

GET
H2 200 1028x120.jpg
cache-ssl.celtra.com/api/blobs/947c29357b5208f5638bcf173e8cdd8b6086c560094613ca6e9739343f88d242/ Frame 7052 39 KB
39 KB 8ms
8ms Image
image/jpeg 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/947c29357b5208f5638bcf173e8cdd8b6086c560094613ca6e9739343f88d242/1028x120.jpg?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7187b08f7b1449446220ed1cf9ae691070e50c8e492eb15672d7af278a4a8ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 04:00:20 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 2472770
x-cache: Hit from cloudfront
content-length: 39726
server: Apache
etag: "7187b08f7b1449446220ed1cf9ae691070e50c8e492eb15672d7af278a4a8ec4"
x-varnish: 5904362 7845019
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 5YVl5hlaNSfPlvmfFiwoWaqbxZWlMLDHNY2bHKUzd1tKbE_fcX2H3g==

GET
H2 200 consume Show response
feedr.gannettdigital.com/api/feeds/d167e4b7-bad7-414b-aa14-70cf26e4b888/ Frame D585 2 B
151 B 253ms
178ms XHR
application/json 34.149.193.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feedr.gannettdigital.com/api/feeds/d167e4b7-bad7-414b-aa14-70cf26e4b888/consume?filterMode=any&filter[siteDomain]=zeustechnology.com&filter[iOSBundleID]=undefined&filter[androidPackageName]=undefined

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-owned.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: HIT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200134-IAD
x-response-time: 9
access-control-allow-origin: https://www.gannett-cdn.com
server: nginx/1.21.1
x-timer: S1652986391.802221,VS0,VE28
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-max-age: 3628800
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 varnish, 1.1 google
vary: Accept-Encoding, Origin
cache-control: max-age=7200
accept-ranges: bytes
fam-ttl: 120.000
x-cache-hits: 1

GET
H2 200 consume Show response
feedr.gannettdigital.com/api/feeds/d167e4b7-bad7-414b-aa14-70cf26e4b888/ Frame 1507 2 B
557 B 243ms
174ms XHR
application/json 34.149.193.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-owned.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

nginx/1.21.1 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200071-IAD
x-response-time: 9
access-control-allow-origin: https://www.gannett-cdn.com
server: nginx/1.21.1
x-timer: S1652986391.801569,VS0,VE28
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-max-age: 3628800
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 varnish, 1.1 google
vary: Accept-Encoding, Origin
cache-control: max-age=7200
accept-ranges: bytes
fam-ttl: 120.000
x-cache-hits: 0

GET
H2 200 close-up.svg
cache-ssl.celtra.com/api/static/v5aefa59a54/runner/clazzes/CreativeUnit/ 1 KB
2 KB 7ms
7ms Image
image/svg+xml 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/static/v5aefa59a54/runner/clazzes/CreativeUnit/close-up.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 12:15:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 23834
x-cache: Hit from cloudfront
content-length: 1084
server: Apache
etag: "d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b"
x-varnish: 720927 720906
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: TbP-qnbTY8a8zP5RGVuSj7InnCNsrW0SWFRa4JC-Tr19EuLL_w0LXg==

GET
H2 200 close-down.svg
cache-ssl.celtra.com/api/static/v5aefa59a54/runner/clazzes/CreativeUnit/ 1 KB
2 KB 8ms
8ms Image
image/svg+xml 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/static/v5aefa59a54/runner/clazzes/CreativeUnit/close-down.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 12:15:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 23834
x-cache: Hit from cloudfront
content-length: 1164
server: Apache
etag: "93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0"
x-varnish: 458771 819211
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: msY3mx7cqlN8LWvztNHmxtANXIoyYgZnphljFOmSiTbysqoUitN3sQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC4zOTksInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjoxLCJoZWlnaHQiOjF9LCJuZXN0aW5nIjp7ImlmcmFtZSI6dHJ1ZSwiZnJpZW5kbHlJZnJhbWUiOnRydWUsImlhYkZyaWVuZGx5SWZyYW1lIjp0cnVlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjF9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vZ3JhaGFtLXdqeHQuemV1c3RlY2hub2xvZ3kuY29tIiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjM4LCJuYW1lIjoiZW52aXJvbm1lbnRJbmZvIn0seyJzZXNzaW9uSWQiOiJzMTY1Mjk4NjM5MHhiNGFkMWE5NDIxNDllZngxMTU5NzA0OCIsImFjY291bnRJZCI6IjdjZWVjMTAyIiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTgyMDIxODIzMDI5MDg0NSIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2NTI5ODYzOTAuNjY1LCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjp0cnVlLCJjZG5WYXJpYW50Ijoibm9uZSJ9XX0=?crc32c=69156284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42NzgsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42NzgsIm5hbWUiOiJ1c2VyRXJyb3IiLCJ1c2VyRXJyb3JJZCI6InVuaXRWYXJpYW50c0RvTm90Rml0UGxhY2VtZW50In0seyJzZXNzaW9uSWQiOiJzMTY1Mjk4NjM5MHhiNGFkMWE5NDIxNDllZngxMTU5NzA0OCIsImFjY291bnRJZCI6IjdjZWVjMTAyIiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTgyMDIxODIzMDI5MDg0NSIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2NTI5ODYzOTAuNjc5LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42NzgsIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjEwMjggeCAxMjAiLCJjbGF6eiI6IkNyZWF0aXZlVW5pdFZhcmlhbnQiLCJkZXNpZ25TaXplIjp7IndpZHRoIjoxMDI4LCJoZWlnaHQiOjEyMH0sImF2YWlsYWJsZVNpemUiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6NTB9fSx7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42ODQsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjo0LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42ODMsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2NTI5ODYzOTB4YjRhZDFhOTQyMTQ5ZWZ4MTE1OTcwNDgiLCJhY2NvdW50SWQiOiI3Y2VlYzEwMiIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6Ijk4MjAyMTgyMzAyOTA4NDUiLCJpbmRleCI6NywiY2xpZW50VGltZXN0YW1wIjoxNjUyOTg2MzkwLjY4NCwibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifV19?crc32c=1882428472
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MC42OTMsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjUyOTg2MzkwLjY3OSwidG8iOjE2NTI5ODYzOTAuNjc5fV19?crc32c=2147976572
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 adapt-2-10-0-tracking.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame 1507 2 KB
1 KB 9ms
9ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-tracking.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1b57721349a9a6ffbbbac8165684d409b795baef591bebd4d6f223909c2a217e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=PspzDA==, md5=TLWEvS4WUrn9oeubo+ffFg==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2335079
x-guploader-uploadid: ADPycdsy6cWLOjzwQmNaGqMPRbvDOfVWhI_VW94PFtp7CBlGsx8GGAMDV3Z-My9xMylIQ1SkLZPe5P56ZH3taBzlFnkOiA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 944
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100077-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:54:02 GMT
server: UploadServer
x-timer: S1652986391.896227,VS0,VE1
etag: "4cb584bd2e1652b9fda1eb9ba3e7df16"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 18:15:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 236, 1

GET
H2 200 adapt-2-10-0-tracking.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame D585 2 KB
1 KB 7ms
7ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-tracking.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1b57721349a9a6ffbbbac8165684d409b795baef591bebd4d6f223909c2a217e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=PspzDA==, md5=TLWEvS4WUrn9oeubo+ffFg==
date: Thu, 19 May 2022 18:53:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2335079
x-guploader-uploadid: ADPycdsy6cWLOjzwQmNaGqMPRbvDOfVWhI_VW94PFtp7CBlGsx8GGAMDV3Z-My9xMylIQ1SkLZPe5P56ZH3taBzlFnkOiA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 944
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100077-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:54:02 GMT
server: UploadServer
x-timer: S1652986391.898696,VS0,VE0
etag: "4cb584bd2e1652b9fda1eb9ba3e7df16"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 18:15:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 236, 2

GET
H2 200 bg-image-zo5ll6_layout1.jpg
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame 1507 10 KB
11 KB 9ms
8ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/bg-image-zo5ll6_layout1.jpg?cb=ilJLmylY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

73e6c530cfeb76dd5e887b4e4af457227ec79d83c2ea2c5d78dbff02e9aca4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v8sLkQ==, md5=OgbRuv8jjpWhIboat/mIxg==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3231223
x-guploader-uploadid: ADPycds62fsqlKr969wdVID2EMZtA1Xd5oXDn5ECOrpoSwbUgvfKoAlzJf9QxqSiS2VwrGIpvvsfn35NWFSR1451tAOr04HGDIPC
x-cache: HIT, HIT
fastly-io-info: ifsz=24125 idim=755x377 ifmt=jpeg ofsz=10596 odim=755x377 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 10596
x-served-by: cache-iad-kjyo7100115-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.919435,VS0,VE2
etag: "0upK53tKr13K/e7F/QFh18RioEpg+KmQ8sxFaVFotoo"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 12 Apr 2022 09:19:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 logo-image-b5cjyq_layout1.png
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame 1507 2 KB
2 KB 9ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/logo-image-b5cjyq_layout1.png?cb=J1nZctQt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1e94cee658ea38b235b30b21fa361f0bbee57077449cecf3c20dbb666c28ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=F8xEHg==, md5=ml2yhYRvolrE0wJ5M19HCw==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2604243
x-guploader-uploadid: ADPycdtKrpwOcHUbvvn9KyMKqWRKBaN0Dr5Ctr88cLF-8h1ehnBdXFHDF1B0yT-J3i4AelFI5yRls8oSSobSXdJ7b79b
x-cache: HIT, HIT
fastly-io-info: ifsz=2178 idim=306x50 ifmt=png ofsz=1868 odim=306x50 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1868
x-served-by: cache-iad-kiad7000157-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.919519,VS0,VE2
etag: "D9YYt924J2+HpTI+IONqXqCViV6JzvRYTY1tjLMyQLE"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 19 Apr 2022 15:29:07 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 image-image-wjgr8n_layout1.jpg
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame 1507 22 KB
22 KB 10ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/image-image-wjgr8n_layout1.jpg?cb=K1HMDJkV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0141bf6fc4de34b7ef2e25bd44cdeb937a82f5d1deb3b41ed9dba382238d49de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ySUHAg==, md5=cZjGfhv1/BZHlY2/AWtQFQ==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1937744
x-guploader-uploadid: ADPycdtvzyGcGYJYWOrpnXsij7d5X27wke7b_2j77RWK383uUIc5oVbqduIuZ-jb7oj6iasnTnMRqm3RifRLkmb8T81AhQ
x-cache: HIT, HIT
fastly-io-info: ifsz=29472 idim=544x306 ifmt=jpeg ofsz=22232 odim=544x306 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 22232
x-served-by: cache-iad-kiad7000134-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.919628,VS0,VE2
etag: "ykrjSXQmNunFdB9A/nTKvtyRz953oV6AawaZZpVIkMs"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 Apr 2022 08:37:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 css
fonts.googleapis.com/ Frame 1507 1 KB
624 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c6219be288a53bacf1e381342ec01f50f59a81220b61c633e2720aaad161a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:53:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 18:53:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 18:53:11 GMT

GET
H2 200 event
traxex.gannettdigital.com/ Frame 1507 35 B
234 B 175ms
109ms Image
image/gif 34.149.193.192
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://traxex.gannettdigital.com/event?id=3604952c-7523-50e7-9534-08a0d31b78ec&type=impression&adapt_id=a&cb=2037897252&dsp_advertiser=4978696319&dsp_campaign=2963034690&dsp_creative=138377405115&dsp_name=gam&dsp_line=5877504695&order_mgmt_id=cbd2022&order_mgmt_name=orderhub&orientation=landscape&platform=desktop&size=300x250&site=zeustechnology.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:11 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0

GET
H2 200 bg-image-zo5ll6_layout1.jpg
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame D585 10 KB
11 KB 9ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/bg-image-zo5ll6_layout1.jpg?cb=ilJLmylY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

73e6c530cfeb76dd5e887b4e4af457227ec79d83c2ea2c5d78dbff02e9aca4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v8sLkQ==, md5=OgbRuv8jjpWhIboat/mIxg==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3231223
x-guploader-uploadid: ADPycds62fsqlKr969wdVID2EMZtA1Xd5oXDn5ECOrpoSwbUgvfKoAlzJf9QxqSiS2VwrGIpvvsfn35NWFSR1451tAOr04HGDIPC
x-cache: HIT, HIT
fastly-io-info: ifsz=24125 idim=755x377 ifmt=jpeg ofsz=10596 odim=755x377 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 10596
x-served-by: cache-iad-kjyo7100115-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.932740,VS0,VE1
etag: "0upK53tKr13K/e7F/QFh18RioEpg+KmQ8sxFaVFotoo"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 12 Apr 2022 09:19:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 logo-image-b5cjyq_layout1.png
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame D585 2 KB
2 KB 9ms
8ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/logo-image-b5cjyq_layout1.png?cb=J1nZctQt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1e94cee658ea38b235b30b21fa361f0bbee57077449cecf3c20dbb666c28ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=F8xEHg==, md5=ml2yhYRvolrE0wJ5M19HCw==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2604243
x-guploader-uploadid: ADPycdtKrpwOcHUbvvn9KyMKqWRKBaN0Dr5Ctr88cLF-8h1ehnBdXFHDF1B0yT-J3i4AelFI5yRls8oSSobSXdJ7b79b
x-cache: HIT, HIT
fastly-io-info: ifsz=2178 idim=306x50 ifmt=png ofsz=1868 odim=306x50 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1868
x-served-by: cache-iad-kiad7000157-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.932710,VS0,VE1
etag: "D9YYt924J2+HpTI+IONqXqCViV6JzvRYTY1tjLMyQLE"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 19 Apr 2022 15:29:07 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 image-image-wjgr8n_layout1.jpg
www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/ Frame D585 22 KB
22 KB 8ms
8ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/image-image-wjgr8n_layout1.jpg?cb=K1HMDJkV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0141bf6fc4de34b7ef2e25bd44cdeb937a82f5d1deb3b41ed9dba382238d49de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ySUHAg==, md5=cZjGfhv1/BZHlY2/AWtQFQ==
date: Thu, 19 May 2022 18:53:10 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1937744
x-guploader-uploadid: ADPycdtvzyGcGYJYWOrpnXsij7d5X27wke7b_2j77RWK383uUIc5oVbqduIuZ-jb7oj6iasnTnMRqm3RifRLkmb8T81AhQ
x-cache: HIT, HIT
fastly-io-info: ifsz=29472 idim=544x306 ifmt=jpeg ofsz=22232 odim=544x306 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 22232
x-served-by: cache-iad-kiad7000134-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
server: UploadServer
x-timer: S1652986391.932728,VS0,VE0
etag: "ykrjSXQmNunFdB9A/nTKvtyRz953oV6AawaZZpVIkMs"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 27 Apr 2022 08:37:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 css
fonts.googleapis.com/ Frame D585 1 KB
1 KB 122ms
46ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c6219be288a53bacf1e381342ec01f50f59a81220b61c633e2720aaad161a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:53:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 18:53:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 18:53:11 GMT

GET
H2 200 event
traxex.gannettdigital.com/ Frame D585 35 B
97 B 167ms
113ms Image
image/gif 34.149.193.192
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://traxex.gannettdigital.com/event?id=3604952c-7523-50e7-9534-08a0d31b78ec&type=impression&adapt_id=a&cb=859083167&dsp_advertiser=4978696319&dsp_campaign=2963034690&dsp_creative=138377402658&dsp_name=gam&dsp_line=5877504695&order_mgmt_id=cbd2022&order_mgmt_name=orderhub&orientation=landscape&platform=desktop&size=728x90&site=zeustechnology.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:11 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame D585 9 KB
9 KB 137ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-4n0qyriQwlOrhSvowK_l52xwNpWtXTjtzPEE23Ma1EqdSES_TDhS6jRrTiVb_pyDvBgkWNcQxjfxOfUoWgE8OxDQU&skey=76f88370d7055e09&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c4ddf50d93a31a7a1378b4f90fa0919ab84b02f497b0d93e415dff8043367c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D585 9 KB
9 KB 131ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-4n0qyriQwlOrhSvowK_l52_wFpWtXTjtzPEE23Ma1EqdSES_TDhS6jRrTiVb_pyDvBgkWNcQxjfxOfUoWgE8OxDQU&skey=879600b205c1760&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f69b485124ead066d9c42f42011c225d32af629620d43de99aa79028a164211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:16:41 GMT
x-content-type-options: nosniff
age: 16590
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8776
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 May 2022 14:16:41 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D585 9 KB
9 KB 181ms
91ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-440qyriQwlOrhSvowK_l5OfjRlf8LZg8nYD0mzO9gy1dCBSPnMjyilWan5Zo7ezTzEgUiCegplYwyCUYCnF84&skey=379c1eccf863c625&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50a11f823a4a7023c825d3c041fb5620ca1fabab4c7d2a849aad7c291677b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9052
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D585 6 KB
7 KB 188ms
99ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmWUlvBgURCuTUuLh_SU-BORhcJ3GeHa5FYwfc-lyK9z5FuwpQtBMegamvNYGYMFROR7I&skey=c06e7213f788649e&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b89891bcbfedf293a69dd6adcd17613e5479e6e8dde3b90786f34dd3accf21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0
last-modified: Thu, 12 May 2022 15:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D585 7 KB
7 KB 175ms
86ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOkCnqEu92Fr1Mu52xKMRsdD-ffpbl8T06MQBpbJnKfEq9BYAbB-1u_9D9CuglRuxIbg6iwNIKZN1VMSQ&skey=c608c610063635f9&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb47324ca5956a4e576096d38ae593d8aacd2c75f1c14e0afb5bd2a868c1fb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7408
x-xss-protection: 0
last-modified: Thu, 12 May 2022 15:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1507 9 KB
9 KB 163ms
79ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-4n0qyriQwlOrhSvowK_l52xwNpWtXTjtzPEE23Ma1EqdSES_TDhS6jRrTiVb_pyDvBgkWNcQxjfxOfUoWgE8OxDQU&skey=76f88370d7055e09&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c4ddf50d93a31a7a1378b4f90fa0919ab84b02f497b0d93e415dff8043367c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1507 9 KB
9 KB 138ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-4n0qyriQwlOrhSvowK_l52_wFpWtXTjtzPEE23Ma1EqdSES_TDhS6jRrTiVb_pyDvBgkWNcQxjfxOfUoWgE8OxDQU&skey=879600b205c1760&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f69b485124ead066d9c42f42011c225d32af629620d43de99aa79028a164211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 14:16:41 GMT
x-content-type-options: nosniff
age: 16590
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8776
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 May 2022 14:16:41 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1507 9 KB
9 KB 188ms
105ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-440qyriQwlOrhSvowK_l5OfjRlf8LZg8nYD0mzO9gy1dCBSPnMjyilWan5Zo7ezTzEgUiCegplYwyCUYCnF84&skey=379c1eccf863c625&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50a11f823a4a7023c825d3c041fb5620ca1fabab4c7d2a849aad7c291677b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9052
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 21:30:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1507 6 KB
7 KB 194ms
112ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmWUlvBgURCuTUuLh_SU-BORhcJ3GeHa5FYwfc-lyK9z5FuwpQtBMegamvNYGYMFROR7I&skey=c06e7213f788649e&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b89891bcbfedf293a69dd6adcd17613e5479e6e8dde3b90786f34dd3accf21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0
last-modified: Thu, 12 May 2022 15:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1507 7 KB
7 KB 198ms
115ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOkCnqEu92Fr1Mu52xKMRsdD-ffpbl8T06MQBpbJnKfEq9BYAbB-1u_9D9CuglRuxIbg6iwNIKZN1VMSQ&skey=c608c610063635f9&v=v30

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:700,900,regular%7CRoboto:700,italic&text=GET%20SARD40%25OFwithandol15eyuc-8bsg2MNHICqpfr%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb47324ca5956a4e576096d38ae593d8aacd2c75f1c14e0afb5bd2a868c1fb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gannett-cdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:32:49 GMT
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7408
x-xss-protection: 0
last-modified: Thu, 12 May 2022 15:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 May 2022 18:32:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
89ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=2780476515445255&bg=!rq2lrenNAAZL3OSAa9w7ACkAdvg8WlIwBtA3_e8Cu1vQQRYjcd6Y-cmuQg9OYPreg0UkMxiRFNcgvwIAAAELUgAAAANoAQcKALunevKT8aGJxshhnTiox9ZY4oDKTojvd4ipZwrbHIKDTR697KXf5LV9zpDDUCMSrbm7BDBfme7GsVrQ7oapF-DJFMfu5FyUnTII00yqbSVeZ6BVWmyewAueyEv5xAMxRNymTS-886XNTxZYOPNXRJXCV8ZUFJa_3JySgSoz7cJS5MHCfVfThc07dv4IjnjShR-cKBlgaI8y8y2Za2KkV_IpVtKddXa7udOCZ2nyDFjfnQwylN2geNxKszkbmQKrQaHXG1mEOHCvCbltSq1z2FXRDmuekCeKFRhGU8ieta1KkBn41SHutTdUCk297xmMYHWq31Tjg8iov_jxT7y3C5aH2AA6eIC1LocjwRMqn6STwno-oZO9q7r8a653W5IUQBfd134yDyCxvPeYAo5BZZgNuRB-5dZnHCcTYaf-VyjuT3ow4mEQxqw8J1twILjX75G6oARRoe7vthLmQoGeT7N0vdMYKQ_3Y7Hb5f8D2IF3o1YDTk8IcQA-POIJmfoCu0jeG8DWGbrXram1wsZJT97alzYltP3y4wVm_97jCDnNfM5iENhAq4t4s8qy9iR7lK5od3e8mbS2772ox2Rjege-bD_Ln_0HDCRFvxGhnJQ9nZe8dKgVY7kO7Orlz5gAWvc_HnnXEVFIC2jsT8917T91hbH0ESRg-l-9Vv89vO9yIVwHLZN0nPd8I0fkVuklM0DqvBbssMV8vecTvGQwjTt8A4xj4KpSP50b0vF6uT-QbhmuA-YyYkfEs1cXaQnmQoFqXZlJW-kQdJrcvMNd6N_3NU85Fw9CwISCbvZBkMrau0e6M5_07APb7Ik959a_02Sd_N02qfVL8EBrEmyQET_mKBK5K4dyxNp5Ccqfr2h_uBEJYIdgtDd0j_jtjsIdT70Y-6tCyOsZ5KPY3ayKbhVGusxD8bsd4aBRZMO7-s7V1iIPeo8ix4JQuAsQCBaW0inx52pGgLiXpZBSwVO3256qKk_H276St7tOCj63VcpWIqZMvEQ9Id7wBYKAEscaKd4fPhaNqfxHegM1NOtth7OSm4oatds83QTOMr3xwd6Be8_BVRGg38DlEbp-kMGY8syhmgh93diI_HHAZxe_cUu2SKR63k9fccQAIo9lsOQyjN1z-HKYNMXJPjWHTQ0gPqxvf9GmPxjm2nQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 adapt-2-10-0-script.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame D585 4 KB
2 KB 8ms
7ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-script.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b5cf94809d39ae594fff4e57bd136fa9b320ef0c90fb5e1fcd99c3f77045b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377402658&dspLine=5877504695&dspName=gam&o=859083167&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=/3JONw==, md5=JgAwbzrPmlDX1hlfZy9WMA==
date: Thu, 19 May 2022 18:53:11 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 876143
x-guploader-uploadid: ADPycdutfArPSpkriIzv15NF05qm6x1H6PiMcGwF8CbnGgqfTsX8771x2EQNlp5STtZnT7sFm5HUZJq5RwX4p_pT0ezm-rwG0Gv3
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1179
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000036-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:53:54 GMT
server: UploadServer
x-timer: S1652986391.258283,VS0,VE1
etag: "2600306f3acf9a50d7d6195f672f5630"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Mon, 09 May 2022 15:30:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 1

GET
H2 200 adapt-2-10-0-script.js Show response
www.gannett-cdn.com/gps/applications/adapt/scripts/ Frame 1507 4 KB
1 KB 7ms
7ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0-script.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/gps/applications/adapt/scripts/adapt-2-10-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b5cf94809d39ae594fff4e57bd136fa9b320ef0c90fb5e1fcd99c3f77045b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gannett-cdn.com/gps/applications/adapt/published/2022/01/closets-by-design/gm-cbd2022/indexa.html?dspAdvertiser=4978696319&dspCampaign=2963034690&dspCreative=138377405115&dspLine=5877504695&dspName=gam&o=2037897252&site=zeustechnology.com&ct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=/3JONw==, md5=JgAwbzrPmlDX1hlfZy9WMA==
date: Thu, 19 May 2022 18:53:11 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 876143
x-guploader-uploadid: ADPycdutfArPSpkriIzv15NF05qm6x1H6PiMcGwF8CbnGgqfTsX8771x2EQNlp5STtZnT7sFm5HUZJq5RwX4p_pT0ezm-rwG0Gv3
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1179
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000036-IAD, cache-hhn4059-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.267_19-af5af5d3e47916713a267140ca03ea9c
last-modified: Thu, 09 Dec 2021 20:53:54 GMT
server: UploadServer
x-timer: S1652986391.271986,VS0,VE0
etag: "2600306f3acf9a50d7d6195f672f5630"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/javascript
access-control-allow-origin: *
expires: Mon, 09 May 2022 15:30:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D305 42 B
64 B 144ms
69ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucb6tpP7Akp9TGAB_6CMwFMlcXeIdZdITn8jKdcTiBRw6d-jnC41FAxcw5KRj97AVir6wjIlo3iTaDf00y3DQ7GFyoJ7GYQR-U9ZJKRJ73po9fZYtb&sig=Cg0ArKJSzEPTyLIz-7tKEAE&id=lidar2&mcvt=1000&p=827,436,917,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4063884295&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652986390122&rpt=252&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FEC 42 B
64 B 94ms
70ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcSO6pqRSCgRTQjHSpWGknHsbR5lOyGfPPXB3yxgtogNFfhwOBfsn80iforn8a7Tc7iKuYlJ3huJK2rytOUf1QDVvLim301VvqIBTRRdzDNYu7MGxX&sig=Cg0ArKJSzH3KiweWkdVUEAE&id=lidar2&mcvt=1019&p=507,650,757,950&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=622255232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652986390111&rpt=297&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79F5 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiXQBvGWnHXI1dd-i8duSpxt-Qe1M6mZlZiSrv_xFiZtP3_NwrUdUX8rEawD_KKXEsfRT87C-cs0zDsDLdNyloln3C02bDr37QVsfqKcUf2hu4F-uC&sig=Cg0ArKJSzCejggM5qMLuEAE&id=lidar2&mcvt=1001&p=348,436,438,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1890678921&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652986390107&rpt=372&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 18:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjksImNsaWVudFRpbWVzdGFtcCI6MTY1Mjk4NjM5MS42OCwibmFtZSI6InZpZXdhYmxlNTAxIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiI1MC8xIiwicmF0aW8iOjAuNSwidGltZSI6MTAwMH19XX0=?crc32c=783816105
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjEwLCJjbGllbnRUaW1lc3RhbXAiOjE2NTI5ODYzOTEuNzA5LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY1Mjk4NjM5MC42NzksInRvIjoxNjUyOTg2MzkxLjY5NH1dfQ==?crc32c=2437559571
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1F1C 0
260 B 744ms
158ms Script
text/plain 104.36.113.24
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160134&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160134&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 18:53:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjExLCJjbGllbnRUaW1lc3RhbXAiOjE2NTI5ODYzOTIuNzI2LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY1Mjk4NjM5MS42OTQsInRvIjoxNjUyOTg2MzkyLjcxfV19?crc32c=149764930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUyOTg2MzkweGI0YWQxYTk0MjE0OWVmeDExNTk3MDQ4IiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5ODIwMjE4MjMwMjkwODQ1IiwiaW5kZXgiOjEyLCJjbGllbnRUaW1lc3RhbXAiOjE2NTI5ODYzOTMuNzQyLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY1Mjk4NjM5Mi43MSwidG8iOjE2NTI5ODYzOTMuNzI2fV19?crc32c=1750586285
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.235.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-235-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graham-wjxt.zeustechnology.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 18:53:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 11:55:22	Name: khaos Value: L3DDF0KA-11-9XZ7
.rubiconproject.com/	1970-01-20 11:55:22	Name: audit Value: 1\|hLZGFuTafB2J+6MYZJKEHD5APvdogVCbaTd6KyMQnau0RTcz8e+19TsWjmLmZqHKvW9ws8oALynRIWLaGw/jZAhUs5qFQIXXBzFDayqp0/rMboWaW1ii7RrFj85P1vvO
.adnxs.com/	1970-01-20 05:19:22	Name: icu Value: ChgI1KhyEAoYASABKAEwlaSalAY4AUABSAEQlaSalAYYAA..
.adnxs.com/	1970-01-20 05:19:22	Name: uuid2 Value: 3832766806149016504
.yahoo.com/	1970-01-20 11:55:43	Name: A3 Value: d=AQABBBWShmICEK1k3VMP1KQ0dcctNdTgO1gFEgEBAQHjh2KQYgAAAAAA_eMAAA&S=AQAAAigPbxvlVK3hXGkxeMX8DWE
.pubmatic.com/	1970-01-20 05:19:22	Name: KADUSERCOOKIE Value: E05222EB-830F-4CC3-BF1A-9B248917F193
.pubmatic.com/	1970-01-20 05:19:22	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 03:11:12	Name: pi Value: 160134:2
.pubmatic.com/	1970-01-20 05:19:22	Name: DPSync3 Value: 1653523200%3A164%7C1653004800%3A174%7C1654128000%3A197_201
.pubmatic.com/	1970-01-20 05:19:22	Name: SyncRTB3 Value: 1654128000%3A21_22_54_71_7_220_166_13%7C1653523200%3A2_223
.analytics.yahoo.com/	1970-01-20 11:55:22	Name: IDSYNC Value: 18z8~24z6
.simpli.fi/	1970-01-20 11:56:48	Name: suid Value: 3E3678F8BCE24EFF823D9F62C7D99749
.turn.com/	1970-01-20 07:28:58	Name: uid Value: 2387553211071522135
.adform.net/	1970-01-20 03:54:24	Name: C Value: 1
.everesttech.net/	1970-01-20 11:55:22	Name: everest_g_v2 Value: g_surferid~YoaSFgAChXSCBQAj
.zeustechnology.com/	1970-01-20 12:31:22	Name: __gads Value: ID=767683035135cc87-22ef37389acd00a7:T=1652986389:S=ALNI_MYGCEB9OAZ4PaG--vpwq93SRAw7tQ
.doubleclick.net/	1970-01-20 12:31:22	Name: IDE Value: AHWqTUn9FhG-CFKmutT-EUqRNaUFPyFmxNr11t0jiXzg8MZ7yflKB7qB0R2AcvoSsN8
.adform.net/	1970-01-20 04:36:10	Name: uid Value: 1952142711873159152
.mathtag.com/	1970-01-20 12:35:41	Name: uuid Value: 622f6286-9216-4700-9376-081bb4cf53ec
.bidr.io/	1970-01-20 12:38:19	Name: bito Value: AAJIBE7FDSQAAEtu-XL90Q
.bidr.io/	1970-01-20 12:38:19	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 03:52:58	Name: KRTBCOOKIE_22 Value: 14911-2387553211071522135&KRTB&23150-2387553211071522135
.pubmatic.com/	1970-01-20 03:52:58	Name: KRTBCOOKIE_218 Value: 4056-YoaSFgAChXSCBQAj&KRTB&22978-YoaSFgAChXSCBQAj&KRTB&23194-YoaSFgAChXSCBQAj&KRTB&23209-YoaSFgAChXSCBQAj
.pubmatic.com/	1970-01-20 03:52:58	Name: KRTBCOOKIE_27 Value: 16735-uid:f8086286-9216-4400-b6e1-0215afdb14f9&KRTB&16736-uid:f8086286-9216-4400-b6e1-0215afdb14f9&KRTB&23019-uid:f8086286-9216-4400-b6e1-0215afdb14f9&KRTB&23208-uid:f8086286-9216-4400-b6e1-0215afdb14f9
.pubmatic.com/	1970-01-20 03:52:58	Name: KRTBCOOKIE_80 Value: 22987-CAESEBV5DM3tSl-gQqyZskBeMeI&KRTB&16514-CAESEBV5DM3tSl-gQqyZskBeMeI&KRTB&23025-CAESEBV5DM3tSl-gQqyZskBeMeI
.pubmatic.com/	1970-01-20 03:52:58	Name: PugT Value: 1652986389
.pubmatic.com/	1970-01-20 03:52:58	Name: SPugT Value: 1652986392

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E05222EB-830F-4CC3-BF1A-9B248917F193 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40d7ba9c9c87f9d9db8580c43847d2cb.safeframe.googlesyndication.com
ad.turn.com
ads.celtra.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cache-ssl.celtra.com
cm.g.doubleclick.net
fastlane.rubiconproject.com
feedr.gannettdigital.com
fonts.googleapis.com
fonts.gstatic.com
graham-wjxt.zeustechnology.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pubgw.ads.yahoo.com
rtb-csync.smartadserver.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
track.celtra.com
traxex.gannettdigital.com
um.simpli.fi
ups.analytics.yahoo.com
www.gannett-cdn.com
www.google.com
www.googletagservices.com
104.36.113.24
104.84.56.214
104.84.57.8
104.92.100.195
142.250.74.130
151.101.130.49
151.101.130.62
169.50.137.184
172.217.16.130
18.156.107.10
18.66.112.52
185.29.134.244
185.33.221.87
185.64.189.110
185.64.190.80
185.86.137.131
192.82.242.209
198.47.127.20
2001:678:cb4:bbbb::11
216.52.2.19
2602:803:c004:200::141
2a00:1288:80:807::2
2a00:1450:4001:802::2001
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a05:d018:d29:3601:1561:4315:e511:ac5f
3.124.235.90
3.126.56.137
3.33.220.150
34.149.193.192
35.244.174.68
37.157.4.28
52.208.250.69
52.222.214.89
0141bf6fc4de34b7ef2e25bd44cdeb937a82f5d1deb3b41ed9dba382238d49de
035a862ce3d6630dd76876ef5ed7b94d8d24b352317e462faf4e3142dd51b8d0
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e417be8ba3f323e115d6428704c76d559b7fce5a9c2fec92b804eb14ab4daec
11cda5deb5eab99ea93cca9c1bc86346b2a344d9761cfa6f6fee585318a2696d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b57721349a9a6ffbbbac8165684d409b795baef591bebd4d6f223909c2a217e
1e94cee658ea38b235b30b21fa361f0bbee57077449cecf3c20dbb666c28ae64
25da3eb567fb269c956b34feb6efb4a322c110f0e6d04c362718ee565e30cbd1
3369aaedec4ff28fcd9d3c4bbd39b3846fb1c1465863d17a14004db373f12b99
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4cd9dc48f529174f1c5240d963a4a4f3c7e48d9d4908607e02daecfbf1b6f050
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f69b485124ead066d9c42f42011c225d32af629620d43de99aa79028a164211
5046f0b92ed05899e581e8925fa44843ae79b2182ee54e8c29caeb85de36f9f7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5b98e8e7c8742d071627884d36fff225c093d8ffa8a4ea37124d11892c6414f3
5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28
5ca1bd2f26dbaeab77660c49f780b8c74c6a02f98e4a304a98a7b2c4c96f4427
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
636df9cf300a66283e036d197e3bd6729a829c26f0163d9b19507ca71f7da9d1
65deb65657a8c3fa726902222428caeab2b5b8c6175b0c13a328074f8fe25dda
65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd
6bc29510283806210960b33c39c91d47c2c3e4d29c082934fcf21df4a4164db5
6c4ddf50d93a31a7a1378b4f90fa0919ab84b02f497b0d93e415dff8043367c6
6f66aa6c35591e7d118e0e786fbac0c102d4453e87b4820ab3c65e5130212b6c
6fd35bdb7c3e3d5885d927a971852662d4b3130641adb3d89c6a415001a3f1f4
7187b08f7b1449446220ed1cf9ae691070e50c8e492eb15672d7af278a4a8ec4
73e6c530cfeb76dd5e887b4e4af457227ec79d83c2ea2c5d78dbff02e9aca4f7
77127ee6b7169577d071cc806cc157598e7d86b1d4d99835d6c69558aa02808c
7fbe65559e75d396c066d180a80ec512ebda0f97334f6a212afceffaa7ae12da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84baa65a31996370cb5364dbd41c9ceb524bfdc3e257f642f7755eab33b3f1f0
84bebac0fbacf2009ebb1b9ed7ec79d3c199026f7d819fca106b877fd80116a6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c6219be288a53bacf1e381342ec01f50f59a81220b61c633e2720aaad161a70
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6c4c34cd0c86e724e9c308ee3d7901147b912747ded37dc03d1a8cf7735c8b
93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0
9734f1caba421d99aa77808561264e6f8352c53a7028e5ebcf954abeec4e49ef
98ea351ad1ffef2ee5c76df375e482450ab9e2d31538cf40ee9294a3ad0fddb2
9b5cf94809d39ae594fff4e57bd136fa9b320ef0c90fb5e1fcd99c3f77045b88
9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b85486a48777deb93c521cdeebc6174af4108a4aa875f482ce85c583fa5ea116
c9feeddb7799235e79701cef36b3bbcea245e599504537b0fe96d970c9129a01
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d231b16e312c3d41b39d50233cd5fe21906b72db6b6039d32a72aee92edd4d26
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b
e1d2a4c7b1c731ef4b6d0b0134bda8ca00291a0b8c88af5dd97f0918c4745c07
e1dea90386c11f1da5d474b875450f6b5295661804784789e4b3643ad8545b34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50a11f823a4a7023c825d3c041fb5620ca1fabab4c7d2a849aad7c291677b1a
e5b89891bcbfedf293a69dd6adcd17613e5479e6e8dde3b90786f34dd3accf21
e9fbcdf651a938d0c3ddfe6a72dc73cb13473ef40fc9783d7f470981324b2294
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7233255e2c75a1f8d249d5c635f4f0654b90b9e2abf8932abf4367798b9f839
fb47324ca5956a4e576096d38ae593d8aacd2c75f1c14e0afb5bd2a868c1fb4b
fd09df52edc94165d02838c737d44f3e9751e4aff0b62ed1e4efe5d775b24cd3

graham-wjxt.zeustechnology.com Open in urlscan Pro 52.222.214.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

95 %HTTPS

33 %IPv6

27 Domains

41 Subdomains

35 IPs

7 Countries

1326 kBTransfer

3293 kBSize

27 Cookies

0 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

graham-wjxt.zeustechnology.com Open in urlscan Pro
52.222.214.89 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

95 %
HTTPS

33 %
IPv6

27
Domains

41
Subdomains

35
IPs

7
Countries

1326 kB
Transfer

3293 kB
Size

27
Cookies

131 HTTP transactions
6 data transactions