news.yahoo.com Open in urlscan Pro
87.248.100.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html
Effective URL:
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Submission: On October 15 via api (October 15th 2021, 4:49:12 pm UTC) from QA — Scanned from DE

Summary HTTP 309 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 36 domains to perform 309 HTTP transactions. The main IP is 87.248.100.208, located in Dublin, Ireland and belongs to YAHOO-IRD, GB. The main domain is news.yahoo.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on September 13th 2021. Valid for: 6 months.

This is the only time news.yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 6	87.248.100.208 87.248.100.208	34010 (YAHOO-IRD) (YAHOO-IRD)
3 4	52.16.16.109 52.16.16.109	16509 (AMAZON-02) (AMAZON-02)
100	87.248.118.22 87.248.118.22	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.66.248.71 18.66.248.71	16509 (AMAZON-02) (AMAZON-02)
1	87.248.116.89 87.248.116.89	34010 (YAHOO-IRD) (YAHOO-IRD)
1	69.147.80.124 69.147.80.124	10310 (YAHOO-1) (YAHOO-1)
1	18.66.242.25 18.66.242.25	16509 (AMAZON-02) (AMAZON-02)
1	87.248.118.23 87.248.118.23	203220 (YAHOO-DEB) (YAHOO-DEB)
1	178.79.242.0 178.79.242.0	22822 (LLNW) (LLNW)
1	67.27.159.129 67.27.159.129	3356 (LEVEL3) (LEVEL3)
1	152.195.132.116 152.195.132.116	15133 (EDGECAST) (EDGECAST)
2	92.123.194.140 92.123.194.140	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
15	23.22.168.226 23.22.168.226	14618 (AMAZON-AES) (AMAZON-AES)
2	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
3	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
5 34	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
2	87.248.100.216 87.248.100.216	34010 (YAHOO-IRD) (YAHOO-IRD)
7	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
10	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
18	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 5	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	67.195.160.105 67.195.160.105	36647 (YAHOO-GQ1) (YAHOO-GQ1)
1	212.82.116.200 212.82.116.200	10310 (YAHOO-1) (YAHOO-1)
1	188.125.89.201 188.125.89.201	10310 (YAHOO-1) (YAHOO-1)
3	92.123.194.145 92.123.194.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	184.25.50.89 184.25.50.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.166.194.46 54.166.194.46	14618 (AMAZON-AES) (AMAZON-AES)
2	107.23.223.65 107.23.223.65	14618 (AMAZON-AES) (AMAZON-AES)
4	92.123.194.130 92.123.194.130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	92.123.194.180 92.123.194.180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.67.200.52 172.67.200.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.25.50.105 184.25.50.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
2 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	85.114.131.234 85.114.131.234	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	34.201.255.167 34.201.255.167	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
1 1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	13.32.29.124 13.32.29.124	16509 (AMAZON-02) (AMAZON-02)
309	53

6 87.248.100.208 (Dublin, Ireland) 3 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-ui71.prod.media.vip.ir2.yahoo.com

news.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.16.16.109 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-16-109.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 87.248.118.22 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e1.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openweb.jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dns-grfgdli8x.sombrero.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.116.89 (Amsterdam, Netherlands)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.amb.yahoo.com

v-alc123ok7b.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.147.80.124 (Seattle, United States)

ASN10310 (YAHOO-1, US)
PTR: e2.ycpi.swb.yahoo.com

v-b7q53rgpeu.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.25 (United States)

ASN16509 (AMAZON-02, US)

d1vl8wytztdz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.118.23 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com

cerebro.edna.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.0 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-0.fra.llnw.net

yahoovod.hs.llnwd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.27.159.129 (United States)

ASN3356 (LEVEL3, US)

vop-yahoo.secure.footprint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.132.116 (United States)

ASN15133 (EDGECAST, US)

edgecast-vod.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.194.140 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-140.deploy.static.akamaitechnologies.com

vop-yahoo.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
launcher.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.22.168.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-168-226.compute-1.amazonaws.com

ter-adserver-origin-us.prod.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

eu-central-1-web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.216 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-fp74.prod.media.vip.ir2.yahoo.com

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.195.160.105 (Quincy, United States)

ASN36647 (YAHOO-GQ1, US)
PTR: o2.ycpi.gq1.yahoo.com

ybar-ctidp1m3w1report.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ybar-mcdn-report.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.116.200 (United Kingdom)

ASN10310 (YAHOO-1, US)
PTR: e1.ycpi.bga.yahoo.com

ybar-alc123ok7breport.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.89.201 (United Kingdom)

ASN10310 (YAHOO-1, US)
PTR: e2.ycpi.via.yahoo.com

ybar-b7q53rgpeureport.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.194.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-145.deploy.static.akamaitechnologies.com

pix.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.25.50.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-89.deploy.static.akamaitechnologies.com

api-2-0.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.194.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-194-46.compute-1.amazonaws.com

direct-events-collector.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.223.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-223-65.compute-1.amazonaws.com

metrics-logger.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.194.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-130.deploy.static.akamaitechnologies.com

pix.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events-collector.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.194.180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-180.deploy.static.akamaitechnologies.com

publisher-assets.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.200.52 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.50.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-105.deploy.static.akamaitechnologies.com

static-cdn.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

oao-js-tag.onemobile.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.201.255.167 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-255-167.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-124.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	yimg.com s.yimg.com	1 MB
46	yahoo.com 6 redirects news.yahoo.com guce.yahoo.com edge-mcdn.secure.yahoo.com geo.yahoo.com udc.yahoo.com opus.analytics.yahoo.com tag.idsync.analytics.yahoo.com service.idsync.analytics.yahoo.com eu-central-1-web-oao.ssp.yahoo.com www.yahoo.com cms.analytics.yahoo.com ups.analytics.yahoo.com oao-js-tag.onemobile.yahoo.com	209 KB
43	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net	665 KB
42	googlesyndication.com 122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com	323 KB
18	spot.im launcher.spot.im pix.spot.im api-2-0.spot.im direct-events-collector.spot.im metrics-logger.spot.im publisher-assets.spot.im static-cdn.spot.im events-collector.spot.im	100 KB
15	adtechus.com ter-adserver-origin-us.prod.adtechus.com	4 KB
11	google.com 1 redirects adservice.google.com www.google.com	2 KB
10	redintelligence.net 2 redirects hal9000.redintelligence.net hal900014.redintelligence.net hal900021.redintelligence.net	20 KB
10	ampproject.org cdn.ampproject.org	204 KB
6	yahoodns.net v-alc123ok7b.wc.yahoodns.net v-b7q53rgpeu.wc.yahoodns.net v-ctidp1m3w1.wc.yahoodns.net Failed ybar-ctidp1m3w1report.wc.yahoodns.net ybar-mcdn-report.wc.yahoodns.net ybar-alc123ok7breport.wc.yahoodns.net ybar-b7q53rgpeureport.wc.yahoodns.net	1 KB
5	openx.net 4 redirects us-u.openx.net rtb.openx.net	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	js7k.com cdn.js7k.com	307 KB
3	yahoo.net dns-grfgdli8x.sombrero.yahoo.net cerebro.edna.yahoo.net edgecast-vod.yahoo.net	1 KB
3	yahoosandbox.com openweb.jac.yahoosandbox.com	75 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	1 KB
2	contentspread.net cdn.contentspread.net	81 KB
2	teads.tv sync.teads.tv	344 B
2	googletagservices.com www.googletagservices.com	75 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	891 B
1	smaato.net 1 redirects s.ad.smaato.net	443 B
1	sonobi.com sync.go.sonobi.com	478 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru	578 B
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	566 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	blismedia.com tr.blismedia.com	141 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	fouanalytics.com api.fouanalytics.com	604 B
1	akamaized.net vop-yahoo.akamaized.net	1 KB
1	footprint.net vop-yahoo.secure.footprint.net
1	llnwd.net yahoovod.hs.llnwd.net	545 B
1	cloudfront.net d1vl8wytztdz.cloudfront.net	404 B
309	36

	Domain	Requested by
90	s.yimg.com	news.yahoo.com s.yimg.com
20	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	tpc.googlesyndication.com	s.yimg.com securepubads.g.doubleclick.net cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	ter-adserver-origin-us.prod.adtechus.com	news.yahoo.com s.yimg.com
14	securepubads.g.doubleclick.net	s.yimg.com securepubads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	cms.analytics.yahoo.com	s.yimg.com
6	pix.spot.im	launcher.spot.im
6	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
6	service.idsync.analytics.yahoo.com	s.yimg.com tag.idsync.analytics.yahoo.com
6	geo.yahoo.com	s.yimg.com
6	news.yahoo.com	3 redirects news.yahoo.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	s.yimg.com cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com news.yahoo.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
5	www.google.com	1 redirects cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com tpc.googlesyndication.com
4	5994599.fls.doubleclick.net	2 redirects news.yahoo.com
4	hal900021.redintelligence.net	1 redirects b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com hal900021.redintelligence.net
4	hal900014.redintelligence.net	1 redirects cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com hal900014.redintelligence.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	api-2-0.spot.im	launcher.spot.im
4	eu-central-1-web-oao.ssp.yahoo.com	s.yimg.com
4	cdn.js7k.com	s.yimg.com
4	guce.yahoo.com	3 redirects s.yimg.com
3	tag.idsync.analytics.yahoo.com	s.yimg.com tag.idsync.analytics.yahoo.com opus.analytics.yahoo.com
3	openweb.jac.yahoosandbox.com	s.yimg.com openweb.jac.yahoosandbox.com
2	tracking.m6r.eu	2 redirects
2	pm.w55c.net	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	cdn.contentspread.net	hal900014.redintelligence.net hal900021.redintelligence.net
2	hal9000.redintelligence.net	cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	www.googletagservices.com	cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
2	b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	publisher-assets.spot.im	launcher.spot.im
2	metrics-logger.spot.im	launcher.spot.im
2	www.yahoo.com	news.yahoo.com
2	opus.analytics.yahoo.com	s.yimg.com openweb.jac.yahoosandbox.com
2	udc.yahoo.com	s.yimg.com
2	sb.scorecardresearch.com	1 redirects news.yahoo.com
2	edge-mcdn.secure.yahoo.com	news.yahoo.com edge-mcdn.secure.yahoo.com
1	s.ad.smaato.net	1 redirects
1	sync.go.sonobi.com	b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
1	google-sync.rutarget.ru	1 redirects
1	um.simpli.fi	1 redirects
1	rtb.openx.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	oao-js-tag.onemobile.yahoo.com	news.yahoo.com
1	events-collector.spot.im	launcher.spot.im
1	static-cdn.spot.im	launcher.spot.im
1	api.fouanalytics.com	launcher.spot.im
1	direct-events-collector.spot.im	launcher.spot.im
1	ybar-b7q53rgpeureport.wc.yahoodns.net	news.yahoo.com
1	ybar-alc123ok7breport.wc.yahoodns.net	news.yahoo.com
1	ybar-mcdn-report.wc.yahoodns.net	news.yahoo.com
1	ybar-ctidp1m3w1report.wc.yahoodns.net	news.yahoo.com
1	launcher.spot.im	openweb.jac.yahoosandbox.com
1	bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ups.analytics.yahoo.com	s.yimg.com
1	vop-yahoo.akamaized.net	news.yahoo.com
1	edgecast-vod.yahoo.net	news.yahoo.com
1	vop-yahoo.secure.footprint.net	news.yahoo.com
1	yahoovod.hs.llnwd.net	news.yahoo.com
1	cerebro.edna.yahoo.net	news.yahoo.com
1	d1vl8wytztdz.cloudfront.net	news.yahoo.com
1	dns-grfgdli8x.sombrero.yahoo.net	news.yahoo.com
1	v-b7q53rgpeu.wc.yahoodns.net	news.yahoo.com
1	v-alc123ok7b.wc.yahoodns.net	news.yahoo.com
0	v-ctidp1m3w1.wc.yahoodns.net Failed	news.yahoo.com
309	75

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
mail.yahoo.com
finance.yahoo.com
sports.yahoo.com
shopping.yahoo.com
mobile.yahoo.com
login.yahoo.com
yahoo.uservoice.com
www.afp.com
www.facebook.com
twitter.com
legal.yahoo.com
beap.gemini.yahoo.com
www.womenshealthmag.com

Subject Issuer	Validity	Valid
*.autos.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-13` - `2022-03-09`	6 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
guce.oath.com DigiCert SHA2 High Assurance Server CA	`2021-07-14` - `2022-01-05`	6 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
subs.communications.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-01` - `2021-12-29`	3 months	crt.sh
*.hs.llnwd.net Sectigo RSA Organization Validation Secure Server CA	`2021-04-07` - `2022-05-08`	a year	crt.sh
*.secure.footprint.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-10` - `2022-06-03`	a year	crt.sh
edgecast-vod.yahoo.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-08-06`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-03` - `2022-01-26`	6 months	crt.sh
ter-adserver-origin-us.prod.adtechus.com DigiCert SHA2 High Assurance Server CA	`2021-07-12` - `2022-01-05`	6 months	crt.sh
opus.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.idsync.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
secure.ace.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-11-17`	6 months	crt.sh
*.www.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.spot.im DigiCert SHA2 Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-10` - `2021-12-09`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Frame ID: F0B49B89EE3CCAF4FC5F7857D598F8D1
Requests: 121 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Frame ID: D190BFCA184DDEBB58D60E2154AA03DB
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Frame ID: 531663F4A79859AEF0FF11368A1975C1
Requests: 23 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Frame ID: 42871CD775075BC386578921AB355BB4
Requests: 22 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?id=4
Frame ID: 5A070B8A0EC66ADCC9BC782E03ACF4E8
Requests: 2 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575
Frame ID: 4B7AB833136A634BDF85CCA87B93AF53
Requests: 2 HTTP requests in this frame

Frame: https://cms.analytics.yahoo.com/cms?partner_id=AOL&orig=ono&redir=true
Frame ID: 347208FDC25BC88799F82CC087C21325
Requests: 1 HTTP requests in this frame

Frame: https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono
Frame ID: 18CD1EF1CED97519939D1EE9BBC7D9F7
Requests: 5 HTTP requests in this frame

Frame: https://122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BB25A182A2D88694A2F22E5930B944C7
Requests: 1 HTTP requests in this frame

Frame: https://bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DAA9A29BD6A14C68057F2234656C29AF
Requests: 1 HTTP requests in this frame

Frame: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
Frame ID: 856FB9540C4FC7F422C9D986E5376617
Requests: 20 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Frame ID: 93B331B4BBA337A3B0766F845808C310
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
Frame ID: 06C6872BC3A190195D122145A44A6FEA
Requests: 2 HTTP requests in this frame

Frame: https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&orig=ono&sInitiator=external
Frame ID: 8A347354410186977A6CD0267FCF5057
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Frame ID: 0C8E0E8021D57C6DAE97052541EE8913
Requests: 13 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Frame ID: 58492BF3C292F99F6CBADFD435E061D8
Requests: 13 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Frame ID: D64919D1C2A0BACC49340831A7736DD0
Requests: 4 HTTP requests in this frame

Frame: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7604BCB6EE2E4D163EC0A22DD3706C8B
Requests: 1 HTTP requests in this frame

Frame: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 202CA460EB7C48C0B48D6029A6456397
Requests: 1 HTTP requests in this frame

Frame: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3A94F8E4FD4B7A1DE61A9DBACA32A955
Requests: 12 HTTP requests in this frame

Frame: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6DFA7FA2B583451885463FDB6F0CC0E3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8
Frame ID: 5C8B326DB8F27ABF26917503E35AD530
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI
Frame ID: 34C23CD69D0B8C656CD2B8B176AEC3E3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 285096A568BF5E05F5477618B5195B32
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6019469713590DA36A71B42ED6482FB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ECE07ACC78E207925ECF974CB22DE200
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 604B036DE65932C7FD27F4BB29C00E4A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 62A3342EE6C6AE658A2BAF6E3E9785F8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2952F85523F10FBBA0E0A31DB57E592E
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743
Frame ID: AC32C900E43DA15BF51A029FD2605E0E
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=20728700132478500628834011748014&a=a7c571db
Frame ID: E837C2D3966D7D9671298E4B9E264C1C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CF5B11C4D6FA1E4AB230F2252976FAE
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418
Frame ID: FAA181DE73260C4FC969CE5115BDA48C
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=28277600114525600628838011748021&a=b347e057
Frame ID: 9BDC97F802DA788D28CEDF62874841E1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7D25461B3F6EC0A755A24D9557F4096
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US government database exploited by Covid-19 vaccine critics

Page URL History Show full URLs

https://news.yahoo.com/us-government-database-exploited-covid-144620874.html HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=c_2TnwQ&done=https%3A%2F%2Fnews.yahoo.com%2Fu... HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=1 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=HOyCP8Y&done=https%3A%2F%2Fnews.yahoo.com%2Fu... HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=2 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=f8L4z1k&done=https%3A%2F%2Fnews.yahoo.com%2Fu... HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634... Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

309
Requests

98 %
HTTPS

0 %
IPv6

36
Domains

75
Subdomains

53
IPs

6
Countries

3498 kB
Transfer

7625 kB
Size

34
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/
Title: MAIL

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/
Title: FINANCE

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/
Title: SPORTS

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/
Title: ENTERTAINMENT

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle
Title: LIFE

Search URL Search Domain Scan URL

URL: https://shopping.yahoo.com/
Title: SHOPPING

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus
Title: YAHOO PLUS

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/
Title: MORE...

Search URL Search Domain Scan URL

URL: https://mobile.yahoo.com/news
Title: Download the Yahoo News app

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/?.lang=en-US&src=news&.done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575&pspid=&activity=ybar-signin
Title: Sign in

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/?pspid=&activity=ybar-mail
Title: Mail

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/tagged/climate-change
Title: Climate Change

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/204992-us-news
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www.afp.com/
Title: AFP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=458584288257241&link=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dfb%26tsrc%3Dfb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=US%20government%20database%20exploited%20by%20Covid-19%20vaccine%20critics&url=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dtw%26tsrc%3Dtwtr&via=YahooNews

Search URL Search Domain Scan URL

URL: https://legal.yahoo.com/us/en/yahoo/privacy/adinfo/index.html
Title: Anzeige

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=LV7kCh0GIS91M5VjpQwOeAsuXi6xxsXi.q6DQQ4K2UhmSt97UdFZmjgQ.wS6indMaGrnXVnI.sk2qYZcGdOQkOCdrmq.f43EHn_GVlNR5Ro45fcUeunDOK8XGIQXfpXOsMygXzpiZAlDEudb16i_aOzMXU.4r.HCoY1PI4gMgXIaOxYFjJMgOjbBNAD79.DtREsTvCrlltfIrUq3v.gpLNyVJliiBmf8HzwI8lay9Ez.3LwO5Fn1XSjgAMOaOGL1ABfTHIkAMJsV.UaGPxQbDXH7qoE3B5JLeDp3A24RIq6xTV2P5mWZa2nEo1AGfknVBDqaDEGF2rFzQmNGBnJihvXU6vWlppwipUT16kC0rUW7fhZGAD682kzMhsHR96FhIE407202mO.lDIAi8gupzNmlS.g7nhqzq7XZMXHp_5vYZxjRrW9H4w6KRdNc9tTa2CRfPDMtVug5o2xzVV430A.vHoDrbihhzW_RtAnCP7puE4BVLuKmG7Q7sIlU8JaVo0IoevdyFmnl_0ZSDyCIWRQTp_k3XSXPoSzUp9GPMan7JizFTkdKn6pip8v1hJeGtMIG_8SOEhsK.eXTtfjsCPLhCBjOpd087ujhj6085hOKLfZPyENR8d8NxgdP2WmbYEtzhexHFqfEUu2UwDB3nNHOiYs3hP020jOOfj4sn6LxMeXDfulHVhU0oN5LoiLpei8sBR1kRun4n5BP7NxOkfUiTiHPZieGOjkEbTM7edoxm4HQR.dNa7eL45MomJ9M3hJOyjZeLwO.6GqV0rhjw3n0k72rDddZXz_d9KHrSCpak_.6tfvZBo.qP_37NGb4Sh23leaFTBDXU_HL6l9NbDwxpHDMR6QW55m4LGCuM9sIc91dQFp1.g1gUE2bFfEfCJKmAgXSrKE4RJA40UnH2kt.YY.FBxPQGsZfDvib3CJ80sphVkAyrcN0LqPYHH1RILb_3EWLwbhLH9QZhnCET1qmXWclObNQyHrEpMXa72slKG1P7rl07QXt.LQof2bTc9Gycu9vAZQTnTBXY5Xj6ouZ9A3QNHA-
Title: Nassauische Sparkasse

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus/mail?ncid=mbr_ympacqlnk00000005
Title: Want fewer ads?

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/m/55d0b81c-b057-3025-8582-43a05457511d/the-workers-won%E2%80%99t-be-coming.html
Title: The Workers Won’t Be Coming Back, Covid or Not. Here Are Theories on Where They Went.

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=DQcj0TQGIS_TNJ4FHE7mVhEReU4VydNY9lTy_h72.Mo2L.5Y6CE2Tpr2ybRr4PWv_tnAVNwlLjMHgYd0OytDObenLiysmZ4W5pyov0jM6TOVp5n5nQQnfvEr2_K1n0hTEY0k0StW2hgwf0e6L7pfUaMqSSiEYth.bvL64gwJygOrUnHJEl0k3fWTCiP0BVIxViNd.ESXRG502V4D8YcGYutQu4b0yvLDosRdwjrKkArkpeHTn_6e_2YKPqlQh9Av.94OB5YFwWshuOLi86CphJ8Mpavslo7vripjKrTnZ7TvzwmKO1Ao4CsITVN6X64d9Z3tZCIUGgqA0y9kaJ2w8pes5OJn.vRDSllwcq8vF1aZkmktoytNJ8HPY2bGQiGQ3gI1oibBwfxqREvQ4tggukP9FGaJwWDCIza5rXZ0qhOllQn_a.iThlxbwaoalXs3G2J53vABZ7kpz9XltIvX5ySIKLi30_dpojSN27PX5fsyZKARMN89SKP_gslVonu4woLohrtMKGMW.knm35a.aBB8.PacMRz3SUGPbLeD.C.gbmfy41pzALOuNWdwRDYWssR7bQKU1wl3DYT4AUmphMMqWR3bCZs_VrfBPR1pTrhnIu.kvzdE9.q7QaAKdeVurBVtq6hi.6V81qWFdmDmiIKk79y2yC52xiQyzwophpzZSq5H3EjNWbMvm3ZLbmWhITNUNa06cce4u71LUtx6_QaH1FM2C0kfC5qg9VmUvIOVn5T.wtcvHZR6G03bn5LPyePkvIj2f.MWc9F9mhIPd6fFveOaZNiitNmRdJuzaA1tiX2n0Ep4f8Xp99Dz6zsnO9gu_o6moiT4c4oFSv7AOwNt0ypcekS.3_5yXOJyj.F7kD3Py6dy_7qRyy.6QERASBZS3zzR.8Jp7Fge4VqbPoPXZGFoZW8AeFzclz9KZS6q45ojsPZCRKGGsW6UGtnYLDgA393lqhD_HudNNI0j6GNQYxlaFoHXvk1xE2EhT892We_Yj1XEMngjOe.SsCh2a6PeD.m7IhMogofEZhSMDRXN0Ss0Ib_rK4Nt9n6KDSxu42LXEJ1CNSr2iGMeDHGPjoIJxAO9nVFmzgQ5cfRJmVymnAbvt8tZwwqodHif14zd1Tfthpso4V.Q0QrNzJM-
Title: halloAnwalt

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/m/1e60bff3-137c-3680-9d34-160c4f147784/stimulus-update-americans.html
Title: Stimulus Update: Americans Will See More Stimulus Money in Their Bank Accounts Tomorrow

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=t74E0AgGIS8.4ni7FIpNaMMr6VvaDK9oYrmoa8yJKqwyvQXk250G8l.qaKc5gODCXRJ8mgmwT4KSOcM_HvIV78Ei9VveJVjFeV.0_yquesO__e33fRGbo6nKNkAdQVSBz2VH2Bx9banMuMOw3xH_.YT7aqU3_23DbqyZv1ErajPAnNfYSu8_HYCvH_bdb44fKF4MhFlt4_PV6BfrghuL.S1z3lYi0EccDeuo4uiLD.8DWOMxiKyG3uL7hV.LINg16lr8aQKStP7BRRvgNlbZYIU5QdsKYQqbtiGHbEPypIUFjm1oEkGVMyGjdIjjLxsdTb5wd6svbjiB8sM74V8HKvTgGrGwqCG1vioq7gfbeVT51mwO7Sr4G_.vWs6ETed2n4TKTxIgUJcCgyj4NWgeJFTH5.maxPgsaNlBhN4naUXnm.vPlVhk3KhvepcI5GOWQrNwWyeDK26HC8yfWoJ_ZvBVY75G2zNL82e_G8a9VHva7.Skk4tiX0LJImVhhfOjtDeR3NM.spnpx9rNrst2UaijozPq.cTsB415LtSA4vpwJ3QiF9OuHjoPxJd257OrV1AAdIKlr5KVNjZV_vPrkEJ9jlsJRSbT3iysqIAXIIl9L67h2KEyhFne7akO4xvXExfGPHAlRt2peKeGDYwi1iuM3izQKZvAkDFGd_zCOVS8rYfRS3bRmbXoKeLpe3KwENdvGbeBzUzibrFdSzWtD2zti1lTkaDSqlMVt37NU9g7F28sZLj61Fut6MduXEM7.CTPG522AQNLv8kWueHMxMzvXaiMAq4xFt.eKdVo78xwDq._FgbfLokNNINkrGvYyS08iF_nZZoHE42QJMUYljqY_wbD8WmJMNjGKtpi3REdZSjfDJ90WQ41kBEiuEcXjrOXH5paYXSi08GgiPAuDwqX13NfyaCIxQWB0vuzF65vuMtSjIC7h4v5p9RbzczQ._Ug5GVOhWEWWtcU8JT53KtvnerfD1TUyL3nGHAgr_Fx.dT2XrZw.UfBQSbiEauNT6T0m77hkvfFxpcVTsb6x9KvI.6_7ekMgoHLiWUga5LtvkusgqNQquQY3gJ_q3EvA4ff.pM6bwMzjTTLS2Kv6x5owAKBQeBEtAntI0E.0PS3kNPlngBysD6SttXNskQBfY8RlMZU7Z_2uzWAlLu9.XawWgF1Ap1vGJfG30nbSx_m
Title: Adobe

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=U5vRKkMGIS_sxa5t3PK5JmNswirAZ3pTIL7ylqgQ1TQkuGeVeUtGgMyZlauEiInOyU4QBJ3tY7PLUvpwE5CUhH6kjDZ_xvnBtTEHnVg3oBiXb483L6aYTeASAVFaauBGh1ZF31or7mMIRxuvXu7T0iC2i59fUz8GIyS86BZ5AWc8EWeE3yA5Tj6.Xquw6wjV.mV7zb.wCl_GKeoeekqHcy0DHc3TusZ2wVHgApVYtCsmKEjPEXA4tmZVR7FvEJ7ivPkVQU4aX56szcjYtkMhiSHdwQ7.7ofuFeB5RvDjE61X_Z5LJU_a1XZdfgjdh2BhjZX25reqyOBLH.eIcuxwS6NQBTy4NoRH3ra1tGZuhcRv7Vvo2OZgaquQhyOW5CRUCwXQICiTsnJOlfAVxoYQreF5L5EbhkXPNW1oMGHjAwGfZ7zgyRUKaWel30f_pndZial8iCT6lmJXA5ikmdxH1b4OKhwxWTOcH58UOeBmH5ksDx83XVlmOyJx9O8_LZX711NktMkaE4g_S_ivtBt5g9ONI8f.Py69x0VjtqD5otSaoN70TcdNhmn7VTLlmksnUirn5wMZl.ofb2SywdWKXLdBjz3N8vmJOA--
Title: Market Tactic

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=8jkBJ8QGIS.SQcBNofFofyNFJzKJEMaysPV.91QM_vrTO0Zk0U8G.oWisM.mkXTSdMVZsZIDBKYJvF4IVfHK7uQHI3RoCi9BPhwL1DQ1KoPRJXmBeud2gL3Euyz.eCa8WCxYWiGmcD_3sZGi1l1f_B3s8zvcQ5NzRo8D_3Xr7iuE62Iw8z6Luy6mnaHta2Aj80yn_MyoIRYyNI3nrzUPq7T6WRL9OPzkZAIC0VKsE31cjrxPL0JUB4S2VY94ZS3Aiq3tdtqrf3HJpt5HWAxvvfMRQr2npedCQZcbo_EKkd6QYFFVvQCC7Jg_AFQnbSpxWl0ZlPGMD01MMEcHuFQIUrEmXg.Tt57GsPndpvFPqkdOtnWB1GXTmhtkUvaU14lHGLWiXQ.dTsx_AW2CwPjWgO6zDXwlq5S2aSCo.9ATV_mlHNTctFZrEdjxIoqkDRy9NJPXRF8zOFAQeJbnEkl064ABtsopPVGsD863c_SIv_P4n2ggSBpWRUx0m1N0v_1NtRu8Uj3D6bF4vpTiveuVaL0aDTYmryu4uuofLcvBH8d.gZDr3eegXmoulh8wM195W7asYCxx9U.1lDxSzDEKK96U7wzi0EpEtuyC9iWl0gAyuLALWQuJ.xLgd3FJceCQtdRuwhP0U3cko0tgcIRPVD00l47pOT9qRG6piQQt7quThV.vtZvgWpN5DeXb994WHtkgHc.hS86XO3o4FWLMODycECEx54qAl_n3qczh49Ie
Title: Search Ads | Tarzo

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=toArX0sGIS8yH8sxsXxWUm6iWkDAmMSPW6fLK0xCxxSAKJq1yHRPd2XO4glQ9aOAMxrg8DULADyXDoEPwB2K9.l3duXYtytf6yRRZfvhGH7R6jLZrC6qFLe3DpWsyrU1A4YhTuXBAxM80Fl3HGm461lVvCui2qh9O8bXu2qa8hfKYmlmkHArOmCWp9suYRJ6H7jTAUtYU18uLLWeuH2dLlJNUEpq1cyngiFa418Gnw2vcw.ZFPgcbvIHcDn8Gp3WNYlZEKfxyTYKinGeg5rgxG31nqW..jBalzhTd1E2i7x84d.QSpYxee7J1oxYykFCQDbYJlifhbCdKe8i4BHtczoAMb2RnVdXClcT7FdnZtNtJmg.2gYRGBJ5c3blx1IUQdFcaQkAXkioDQNIvJ7AK7.4XhuZ5eMsIzrH46Bcbh9rpaAOxuK3z2tg1vJe1qzFX9Y3dwIKaSWPzT_5UJm84D2vXo6zYuLJqXlKwnyhViIUrTQq4xh3ydcvW2Wz2ny6voR7VPH7QGmz_ySmhsFfdsIopMLITFUn0b1Zol_Lhy_ClOLX7Yn3UIXm98q_ztSH3Vps8QkBgwBaoE.gvE3OQzvt.sIIL0FV9eU7e4xPEVe6VjRKSgU8Ns48Jy_veddoZ7rrJ8h1
Title: Things Quiz

Search URL Search Domain Scan URL

URL: https://www.womenshealthmag.com/fitness/a37962039/olivia-wilde-topless-naked-true-botanicals-instagram-story-photos/
Title: Olivia Wilde, 37, Looks Fit And Fierce As She Poses Totally Topless

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/gma/teen-sentenced-maximum-killing-barnard-193800528.html
Title: Teen sentenced to maximum for killing of Barnard student Tessa Majors, parents speak on their grief

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=tjh3vZUGIS9lOYgrIsFdG3TlTF6LTVzMmYxCrswLZ_Y2MFi4RcNSeYbSGMGcxqX0qek6rAg1ci8h6Ndd0H19K057mf34caWqvZqYCj74pLY_ueiCrUVNpOChutNNAP88pSmJFtqnOTO42niHl_QSMhCcsgrHgiee6GjvbC9HQyYNjnoI502m9ZGaiB27ieGjtWn97R2b_6y2M1igJbhOnPfwkFGx1mdyv19ySuRLd.tagUhReYd9_kcWoZsiEMXMXjFdwadrdJGrlGNxS2g4p3uc5xCA9R8JUCRAlmjs_Dj.vBTB.DyrVyyqQSy9Y6rxxWwSQz.dnDvr62MWPs3LpG81bET8h3qYk9JAti7xseUWm5V0OlGRwZViutBKn9rpbUXyGOlIdk2_EuXeUsMy7jBpAIFWsYfXG7hYit.46LsjbHUrpO0XHMY5j8vnFIRkO.jALBiXiE39ow8kyTLZh5w_SHFGegZQZi7fW3M53zdMBBMF8mH.Blfeu.MBqBU3EQuaeXHVo1MMUppsFqglTLRsij6WAay7GJpGPOSY7ayY3dY5uxm_HMcwHbzFTAWJuL0r9uLEkLLo3arn9uyqJXRKUL3GVR48PfqsWVGr4qdm5RfQPaYry9MHE69m9cyyGZS1YGMrMNVwWwMBCsYbKE8jJ8TR9Fk8DxGIw4blFogVs23s3mXVYDEOjWA2tS_eTOUNOgmx17UcqZFdFhuY6yMu3Nzb7f3DJPgi0X1qsK9Bp2vF6YQWkc6Sg6NKM46mDMIdbF2rny7kMCQ.AVGtGEMoWwM0mSx8JgxkdtsDY09F8LztcMpy8k8xfmQGA3gPRyO98rZANtcMIdGy02H6BripoiUHNJ.0PniWgyaaTZ24Ms4IN3NCofthSv3UESzlp4dM9.MZ14THzGn1DQ_fmeHuwWzJha4N7iRfzu7i5_x1BaDt3s9xfFc8I.MSwDjuOL.5WRENrPthKyckJIrp.BhACPYpNfVDMbb3r9s1ybx3cTsDhu727gV2NH7DSw7rHh_p1rYYQxtQ_IkPUREPPEroM6NVmcQEpbTlDJA_QZ4b
Title: Ganzheitliche Vermögensberatung

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=YYEkUO0GIS.qlP.s4rCFa6qD4Q384tv1X3iUtsETJQroIgZLTKHs25ov9Xaw9SqMKwiGt6DUdBkdIEuuGI4s41ZHlsYetsWxjcDiFKRiFXLkEdm7keuPbcm9r.3lQdM2G9Z_Arpy8OjKBfopQTo2hGCqAOgZAcaphgtZEu7z_vIZf0gDv3Q6dCB9NOJH2uZDl..BYUPX_lBkDDkTxJW4j9D1tfMVqzFIiFRt2BRM3g.93cGj5_3dBZ8ew2u6EOy1BRSpeDEPnbHdtt4qsDOHi66iNFYhsuf7lwc2tuI4bcIZ2RUMd7Tg3rsB_ccNL7UmrqIcugq7ZK0nSrPCvE7X02VFDjzHdw.F1Feia7psnVtfpkTXmWu10dbuEPAN5f_KCJXaAdQalEtymdUH5S_Aba.td7K6lEITV.QSKthDe827j0wG6kh35Ni2NxQ7gF6vTzE1X9YqjQVuWoHCITrY3Zf_NqqEqxLnfy85B9S1zzWFaUUBLEoqcJrCdF40ocqPctB3WpHy26sC8GTn8dKpzi9tC4oNbr.eWehW51RPSlWOSjgxn7EQSBmlNfl_9Tbuguvt0h7zhuX9ZWgo8nJ1u5UGEquRwiDFmL5_YvYQoBfT0CeeQ5dOp06y2BHsi_ZtQQqsp_0q9DrELRSXKFJrbhkugYQZqIul6HNTsaIOxPC_3TolhXYj47K6rn5kqUf3xDrJbT7uxqSkklNi76rsjvQhKfvhQBnv9drWNRQBDMZg5VtzVZpiuxt59TPoxsYuZ48OsG3N8HvYJ384fxP_PScONxJlV5AlJMaygjyN5YqzgAHY9UIWzM.rt2pIPSiT8a2TgkEHuVwrlHBircSX6xJxkM8jurqOY2doi5CMuVoAldLOwzuKeAFDZwpTf3qU4dGJFAU9BM_uojzTFVW4KIeCCnyCqheGWcwkyppEekkf.KCIofU2hYT.UHhH2SsYmZzJg_XsxJ8ES0Lq9Zg2K7z8MWzkNLuyQlvLWJDOsbuLiwDIj_IZkmDS_AkDOaCm_QhpXgk6aDrGxHHStxzCD97gASt9FbojdPc7
Title: Sprachkurse und Streckeninfos auf zugportal.de

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=ryScEAcGIS8iBmpEPrW4nAprkwEdVLYwSoc6VUgQRff0eXUv6_0Oe8JXrCfxgcRXOnmPGr4dEYAEaE2UAOo4vfDwzkrryQHRkaNMnZVhzbXeCc3SzRbFxtaVrUUIks_ha64pViJaU8L2_unDp1fm9kX1f7F_C1V8neX1667zoCndO_zJVd3wRDau98sXXPQlOx.3ayR6JMFfr_S6K1L9W8abw9zJQfXfeQOykIfbNdNG3di_iMUMvcO0tXKwHii4V6FroEgGyrL8NgrL0HcS7AGIKmXJt4NOyuIKUXALkjWjzLlY1ZN_hQu.q7X8Qrao.0C6rhlc82rd.urCNuxfPWlrC0T6T6aB3luaJBf.VebwlrVE8XCfZq3_kSn0U2pcNPWPlU10gdOBL1ZQTrcqB8aWgyg.649CydPlZy6W7AD.Wnk38133X3bgymbxNLxlKQqLz9Qb.PBQQsqoA18LgaLgyb3j0Cqe_LXIKbcDZNXbC_D6LezCxjjo1G9L63ZYfkgCbXupkY6crWWKhltoHg81UsUfkXZbuMH63esFjBhpG3JyXdAA9eQymZ6d.z7JZEYxLQhdciBON.LMOmE9akDYZcgkUqriWW.n8QdX_ur6C2XNiQ__0lDzwI7YaO18AaQ42SQV.onR.j_jpGD.hk8jsh9jUSgCvuBXtnFoifUv9EWnR_VkDLKOOlgS9pHOsbgK2UgzuFZaF.VxT8mjIC2nSLt4WiF7usC1JG1Aoh.LmIODCSEZaIMFqFQftNFpvJYOhCYteaFXmvLn27YEYHChxUGiN8VeRFtxyVM2lcHiETtfOrXzt7CnHdUgRrN3OFcbkA0c4CZmXIQOlUCW3.4AJWM8tmCB6QA9y2LIWVuj06yujRKvFkzQLUnGS4bCxL_QHxqJQbbUknhMWdFxr4SR5u_4gN4GjerU9C5Q6NN8lR7hxI15xjHZ0vJlom1xHMuNEYvKny0HNzyGHrzkDr0TJ603MFye9uUlGnqN9n21ICupXtCX8FXoDvWKtaLq.0fhHTBMYIx7JzY3uWkhL1u9qnFwuWv4SeAH045aFf9yg3ZqfPUUIu0_hP9bV3a1Tq60_KJt37gcjadEm9CL9FMiKsgRVCH63_dXghUyokWojT8dmfZomP_yVX2sPgSSC9vGUJzwUS6YXC4QJKy_4nRsG6IcJRxWcTiekE9YTNf8
Title: Spare Zeit und Geld mit Adobe Sign

Search URL Search Domain Scan URL

URL: https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=nQGxrOQGIS.SL8BzwT75BZRjZCkFU94dzxApa8W67OYmv2_zYGhScO7HiYAl9z6y9FDZ7CfEiCc8X4OU5SH7oJV2octRNvxnyK2HCgMN.D_SzCVcPrioB_hsE0LI2O9mUkLlL6gCB.LJnIQFPz5t9Op6_RyRhbaSX1t7UpLZMMdRHS2t_N6Ju91OyP1v6V4_IoxzCuRMEm2bHm7gVAIsBrbNCqOGcJLKHMx0t24whZhMMs9JCJnCPSh1gxcRC82zEAIBjMb6n5hblZ_QyFLX8tvLz9n803u82PTy5MlaESYXVvSBiHF7ezHLS03qTF8IdCvufRACHtS42dz8Mc4bMpQRpMOlb1mPd0dNxe9i4.QnuvdGAGObprDxMrep7c3pwDP8Acep8LfTPrWzaiEYZYfKHQdxgk2pCDZU4RUmOrmb.STbw1JObCeIVNsPgjYR3GWxr8Szo0A8yVg7ZWcMh_mEJRXsxRiQiyMw4ZhaSm2bvQIfksOGkfnowKf3.zq61MDasLnkC8i0uQ5ZKHc8HclrYDvtfb28I3pf0famtID2t.3caix4Ccs2uF4QBR4TKQEN25jT27TiusLrwVP1HatyDus9ykjupGNdyBfeSePYP0C5SbMiFwEx4nedr7CasOn3IOPC0DzPUb3NjW_M4gdA03RWcUGQ4VDAeKGTBHkzblt0UWfpT1fmtNktErb1Jp9mIORPk3xDtO6W.3rLEw.3oUW2rm8-
Title: Experience the difference - Switch to Plus500

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.yahoo.com/us-government-database-exploited-covid-144620874.html HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=c_2TnwQ&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=1 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=HOyCP8Y&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fguccounter%3D1 HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=2 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=f8L4z1k&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fguccounter%3D2 HTTP 302
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/p?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%20government%20database%20exploited%20by%20Covid-19%20vaccine%20critics&c9=&ns_c=UTF-8&ns__t=1634316546248 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%20government%20database%20exploited%20by%20Covid-19%20vaccine%20critics&c9=&ns_c=UTF-8&ns__t=1634316546248

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0&C=1

Request Chain 253

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmxBkJ-vJwGBTn6HxeMGwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKibKsC_cJbDfciLxwHlw30&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKibKsC_cJbDfciLxwHlw30%26google_cver%3D1

Request Chain 255

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyMjExMzczOTY3OTQzMzMyMw%3D%3D

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0

Request Chain 259

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTA0YjkwYmMtZmI0Yi0yYzc5LWVmOGQtZjdlNDlmYWEzNzU0

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESED6l8biUHmlP_0Hb2nIlRpk&google_cver=1&gdpr=0

Request Chain 272

https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=8277227028938&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=8277227028938&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 273

https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=9849864635837&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=9849864635837&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 279

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743

Request Chain 283

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418

Request Chain 290

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI3wJD7jEFagvAkH71dgmEA&google_cver=1&google_push=AYg5qPKz2DwbtzWu9HPiJTBDkP3m--GtpYIo_P9zbDvERgRQl703OlHsuISeDn4iwtOXyhpuRJ2-sZ5VzqlmwX7uP3K5o8mVmUE3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI3wJD7jEFagvAkH71dgmEA&google_push=AYg5qPKz2DwbtzWu9HPiJTBDkP3m--GtpYIo_P9zbDvERgRQl703OlHsuISeDn4iwtOXyhpuRJ2-sZ5VzqlmwX7uP3K5o8mVmUE3

Request Chain 292

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBB7lxDNH61ktAdig3JPZFY&google_cver=1&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kcifIOIOHm3R2jXy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMzNjEzMzU3MjE2MzczMw%3D%3D&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kcifIOIOHm3R2jXy

Request Chain 293

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELr_mxt2Ye6NSF_33ZyBPJI&google_cver=1&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5ecbiY66-VtSxumExW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5ecbiY66-VtSxumExW

Request Chain 294

https://rtb.openx.net/sync/dds?google_gid=CAESEFK-SnQRjcPN2k1R8BP7QlQ&google_cver=1&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s&google_hm=U3LJSpu6y_McGeHqhlHDjg==

Request Chain 295

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKcDv7Ixy4BRPrOYoVyOF7E&google_cver=1&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51ae892ObSM4zakZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VVmoC1-DS2xnZTyAK4n9gtiDcpE&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51ae892ObSM4zakZ

Request Chain 296

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_cver=1&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1

Request Chain 302

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy57Kx3iEaLj2R9COTQdvqkaR7WIKMa21Qf0f8cF40oKtcs4YPpYdc8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy57Kx3iEaLj2R9COTQdvqkaR7WIKMa21Qf0f8cF40oKtcs4YPpYdc8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDVkZHJIZGMxTUJxb201&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy57Kx3iEaLj2R9COTQdvqkaR7WIKMa21Qf0f8cF40oKtcs4YPpYdc8

Request Chain 303

https://um.simpli.fi/gp_match?google_gid=CAESEE2IGI1fnb5ZUCghpasSlNU&google_cver=1&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef9y764VQZzp7AY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8582E826790942E2A96889F249D11676&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef9y764VQZzp7AY

Request Chain 304

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHORlgOYCz-caheuVUM4TKg&google_cver=1&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQweUgRNLdw0mznAqfDhW HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHORlgOYCz-caheuVUM4TKg&google_cver=1&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQweUgRNLdw0mznAqfDhW&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=HdP52Aayl_CysayzV8Oamw&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQweUgRNLdw0mznAqfDhW

Request Chain 305

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKcDv7Ixy4BRPrOYoVyOF7E&google_cver=1&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aGkFe7dMMPZIPFyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jX7iOJlcRQZ4jB9DsvOgENiDcpE&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aGkFe7dMMPZIPFyY

Request Chain 306

https://google-sync.rutarget.ru/sync?google_gid=CAESEPaTyJNYWXLGksgU1kn_rxU&google_cver=1&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERbO-pAeI6WI9qWyIbGU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Y1ZaRDN4OEFUbld0&google_ula=2046794&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERbO-pAeI6WI9qWyIbGU

Request Chain 308

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECpjNM57yHuIU92Anr-Fto0&google_cver=1&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6_qSTKITmImkz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6_qSTKITmImkz

309 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request us-government-database-exploited-covid-144620874.html Show response
news.yahoo.com/
Redirect Chain

https://news.yahoo.com/us-government-database-exploited-covid-144620874.html
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=c_2TnwQ&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=1
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=HOyCP8Y&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fguccounter%3D1
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?guccounter=2
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=f8L4z1k&done=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3Fguccounter%3D2
https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

714 KB
157 KB

620ms
619ms

Document
text/html

87.248.100.208
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.208 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-ui71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

23db038e7131d1c06516bc39ee0bc3c543e51c3377f6c8da82f6d77a31ab81f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6dlabf9gmjc81&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news.yahoo.com
:scheme: https
:path: /us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: B=4sa9an1gmjc80&b=3&s=ln; A1=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A1S=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR; GUC=AQEBBAFhawJiSEIepgRL; GUCS=AX_C-M9Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 15 Oct 2021 16:49:05 GMT
x-envoy-upstream-service-time: 577
server: ATS
age: 0
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6dlabf9gmjc81&partner=;
cache-control: max-age=0, private
expires: -1

Redirect headers

Connection: keep-alive
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Content-Length: 0
Date: Fri, 15 Oct 2021 16:49:05 GMT

GET
H2 200 230eb82c7b278307c9dee09ff89890b5
s.yimg.com/ny/api/res/1.2/xZNvYJ_MsiQEzZOiFLqk3w--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTQ2OTtjZj13ZWJw/https://s.yimg.com/uu/api/res/1.2/FrIo.oGVEgW4_xCatQW_cg--~B/aD01MTE7dz03Njg7YXBwaWQ9eXRhY2h5b24-... 15 KB
15 KB 814ms
784ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/xZNvYJ_MsiQEzZOiFLqk3w--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTQ2OTtjZj13ZWJw/https://s.yimg.com/uu/api/res/1.2/FrIo.oGVEgW4_xCatQW_cg--~B/aD01MTE7dz03Njg7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/en/afp.com/230eb82c7b278307c9dee09ff89890b5

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

2c7cebcf5248de8030e34a3fadb9b71e06aad53aad41317421a2d1d167e3b89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 4
cld_latency: 636
edge-cache-tag: 419355095781376949065699629230796378450,292064164919500549654237681384420816011,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
status: 200 OK
server: ATS
cld_hits: 0
content-disposition: inline; filename="230eb82c7b278307c9dee09ff89890b5.webp"
strict-transport-security: max-age=15552000
content-length: 15068
x-xss-protection: 1; mode=block
cld_by: cache-wdc5528-WDC
x-served-by: cache-wdc5528-WDC
x-cache: MISS
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 16:49:07 GMT
x-request-id: 51a9f30b30f8d0c4cc33bc3460c3f14d
x-timer: S1634316546.910406,VS0,VE636
etag: "0ea60db0ceed84ef094fb61042e08a27"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 51a9f30b30f8d0c4cc33bc3460c3f14d
x-cache-hits: 0

GET
H2 200 Regular.woff2
s.yimg.com/os/fontserver/YahooSans/ 28 KB
29 KB 44ms
14ms Font
application/font-woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Regular.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 12 Sep 2021 01:39:52 GMT
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:03 GMT
age: 2905754
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273943966280
strict-transport-security: max-age=15552000
x-amz-request-id: B3R75X2GTJCRBZ7M
x-amz-id-2: EEaoW6Pz5jRv6lm+6EvJ2rOu4xydl/a6DMxW+aDQ5bSpbpk7XcAbo45qZqhbSGIXhWyCbh+cgZo=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 16:32:11 GMT
server: ATS
etag: "a99b283070afc519f4816e4300c515d2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=536112000
content-length: 28860
content-type: application/font-woff2
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:cd38276d-8695-4172-982e-30a706d38b1000055bc464a77248"
x-content-type-options: nosniff
expires: Sat, 12 May 2035 16:32:10 GMT

GET
H2 200 ExtraBold.woff2
s.yimg.com/os/fontserver/YahooSans/ 28 KB
28 KB 50ms
20ms Font
application/font-woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/ExtraBold.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Sep 2021 07:07:42 GMT
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:03 GMT
age: 1330885
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273943961701
strict-transport-security: max-age=15552000
x-amz-request-id: JT5WV5JJQE1QE93M
x-amz-id-2: zkducEVHKTA6/iJZcpTqpROU9X2T4cDLvQs68IQh1DbBsonebWt8FoSkg8lxe5uz327p0b5C1yY=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 May 2018 08:00:18 GMT
server: ATS
etag: "632a74de7778e84fd6e92f2f6c49f1c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=536112000
content-length: 28808
content-type: application/font-woff2
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:62900e1e-a244-4435-9df8-283c641712a600055bc464a76065"
x-content-type-options: nosniff
expires: Thu, 17 May 2035 08:00:17 GMT

GET
H2 200 Semibold.woff2
s.yimg.com/os/fontserver/YahooSans/ 28 KB
29 KB 55ms
25ms Font
application/font-woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Semibold.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 10 Oct 2021 11:52:52 GMT
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:04 GMT
age: 449774
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273944108409
strict-transport-security: max-age=15552000
x-amz-request-id: X5G7SPCP8A699MNR
x-amz-id-2: FSDdIaZ1B3jHf+X48xHHsEj0Fr9Jzpzq7xy8l2DkvI3GQsfD9hwO+WatG8SMno33MxPpeWFm/HU=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 May 2018 14:14:27 GMT
server: ATS
etag: "af9fdad7698452697b016850fff96423"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=536112000
content-length: 29040
content-type: application/font-woff2
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:e72df86d-d621-452c-81ac-d0a40a08995400055bc464a99d79"
x-content-type-options: nosniff
expires: Thu, 17 May 2035 14:14:26 GMT

GET
H2 200 Bold.woff2
s.yimg.com/os/fontserver/YahooSans/ 27 KB
28 KB 61ms
31ms Font
application/font-woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Bold.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

22e9e86d745200109fbcb3e96695307fea67880fca509728194b2cfce3906fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 12 Sep 2021 01:40:01 GMT
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:04 GMT
age: 2905746
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273944013373
strict-transport-security: max-age=15552000
x-amz-request-id: PH6VTS5HYMW0GEGJ
x-amz-id-2: 4yFGRx9D8hLUyS67bVWARUhSq9K+FvC2b80RiAj5hbObdDsrgqVU3V3haAopW4GnKw7O4mHD1rs=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 11:56:43 GMT
server: ATS
etag: "58b9e3ca84accc5d50ac893317cd6705"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=536112000
content-length: 28108
content-type: application/font-woff2
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:b5a9747f-1664-4bf9-8ac2-b4b8208f31bf00055bc464a82a3d"
x-content-type-options: nosniff
expires: Sat, 12 May 2035 11:56:42 GMT

GET
H2 200 YahooSansCond-Black.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 61ms
32ms Font
font/woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-Black.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

866b833c82d2acae5e6572f2ae3794b8b807abed156b34c3980854102b3b0ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:15:36 GMT
x-content-type-options: nosniff
age: 156810
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 11976
x-amz-id-2: Db4mJ2Mk6iGqmPkUxunu9rgbrGsVrc3DroR0dAYQHxZmaCtB1Li/tpK3piDFjoQZBiccMkR7KzY=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "7f300fe8caeaa1ce4e7a4602e561730d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: D84TTXBZFJJ9GBKA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 YahooSansCond-Regular.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 62ms
33ms Font
font/woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-Regular.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

39329372a757958047b0dfa2576f0efdb2e25d2f6c65e4e88ab253854346ef99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 06 Oct 2021 00:57:52 GMT
x-content-type-options: nosniff
age: 834675
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 12124
x-amz-id-2: MsLBnnR19IGqViniEhWu6gGRc06Guee8ijJs7kSvrktKEhPTWQ1v+HRMgZDc+21SDIsyHnHIteY=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "688a78072f6e3def352b7d1a30ca77b8"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: DJBTWWRA6GPDPGGY
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 YahooSansCond-XBold.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 62ms
33ms Font
font/woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-XBold.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 08 Oct 2021 18:19:05 GMT
x-content-type-options: nosniff
age: 599402
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 12064
x-amz-id-2: +gRDp7E/izWJ2Q2CtOBljA0in4QAWbUGv0JcH3sbis5hnl7JPOh3tvPGX/58X4t4pYwmbjSUPLk=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "6f15483a73d1b9823661757777f54b18"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: EJXMRD2D6CP9KTKY
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fusion.atomic.e5ba24d74eff08081dc1052a06798086.css
s.yimg.com/aaq/fp/css/ 58 KB
14 KB 69ms
41ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/css/fusion.atomic.e5ba24d74eff08081dc1052a06798086.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d72f0121820c16c48edc7a747a002baf33d3a3175cc29a4897060e9c8fe16c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 06:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124319
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: QEEQS0ZQKJHZ9YVC
x-amz-id-2: lPV7wG3/1bx84HeSdx173mJ88IKxoXQLjFR0JxG5F1D6tcOvQwJRJYe7aNV5c1218vTyBQ6P3Mo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 20:51:29 GMT
server: ATS
etag: "12ec7bf61f9617525d6d71b5dff5ca54-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: VRZgat.LOGB_UpOQDarEXxecp8Vg8nho
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/css

GET
H2 200 deeplink.54b0023b5ad1fa6728098497d743f16e.css
s.yimg.com/aaq/art/css/ 6 KB
2 KB 49ms
21ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/deeplink.54b0023b5ad1fa6728098497d743f16e.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b626fe63949e900666c4a3879f48c8f99a8fec38466adaa95042a5381d244494

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 08 Oct 2021 10:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 626400
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1901
x-amz-id-2: HQ6tETKF1Sbl7eM1G+pm3ReUaDPc8NJT3oOg3vNJuIrhH1qCVZ2jPED85/mzlA4HPlOpEG4kjAg=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 19:26:29 GMT
server: ATS
etag: "54b0023b5ad1fa6728098497d743f16e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: J2YNNED5H7Z3EJ5R
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: ng3_MoLki2MtqBZhA9c5vXo9yk.0j3TJ
accept-ranges: bytes
content-type: text/css

GET
H2 200 bundle.c60a6d54.css
s.yimg.com/os/yc/css/ 4 KB
2 KB 49ms
22ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yc/css/bundle.c60a6d54.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Oct 2021 08:40:26 GMT
content-encoding: gzip
x-amz-meta-created-date: Fri, 08 May 2015 18:48:38 GMT
age: 288520
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1431110918287840
vary: Accept-Encoding,Origin
x-amz-request-id: 2GY2ZSATCGB81W14
x-amz-id-2: jhKjjwWc0njRsxo2388rhg/pKMtiOrLCsHJg2CVw2ymtx/tAic6pr3A1nAHyu23ojpnznkIiD9M=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 13:04:59 GMT
server: ATS
etag: "48d7308e4275c0f4f18a9587768f0468-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=536112000
content-length: 1508
content-type: text/css
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:cc52c012-7919-4abd-845e-ac81abcd11740005159679eb31e0"
x-content-type-options: nosniff
expires: Sat, 12 May 2035 13:04:58 GMT

GET
H2 200 yahoosans.7541e8c92ee85b9e784aa025de348ec8.css
s.yimg.com/aaq/art/css/ 4 KB
782 B 50ms
22ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/yahoosans.7541e8c92ee85b9e784aa025de348ec8.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e52ef7339462d79a247918c6b2eda02d2c8e5928c287fa64a309382d5fb751fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 05 Oct 2021 19:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 855745
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 519
x-amz-id-2: iq5BMIoLRKvdydadfgtAEcfA2KopDMNfDjX+XASdLysv3N4lKivY4F8bReXtxag4mWMIIpvwOwc=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Jun 2021 17:40:56 GMT
server: ATS
etag: "7541e8c92ee85b9e784aa025de348ec8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: P9271BRY3WP09MP6
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: _R.t3uQoKPWROr5POPHdBYjt2BGxLXDa
accept-ranges: bytes
content-type: text/css

GET
H2 200 modulecss.1e2a72c7618500b13e7c0717a2311c39.css
s.yimg.com/aaq/art/css/ 7 KB
2 KB 51ms
24ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/modulecss.1e2a72c7618500b13e7c0717a2311c39.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

00273aeebe88440c82b7f2cb5c1340f5fa4433f0a66af9c4f3cdb762c7d1f865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 29 Sep 2021 23:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1358530
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1875
x-amz-id-2: zmWgnHFFbcXmgyqN8/AR8jb1EzJ1wTmlpAxBTxJAL6sl3zZatwOMcAP1LgOYgk3GH39Npu1tj3k=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Sep 2021 21:19:08 GMT
server: ATS
etag: "1e2a72c7618500b13e7c0717a2311c39-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 72HQGP8RQVJHMTGJ
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: aCqwQ4fNzr0vnCZXUMoJQmL1duR6YwIW
accept-ranges: bytes
content-type: text/css

GET
H2 200 desktopweb.1c9272976b8a9c64012ddf49a5208fb0.css
s.yimg.com/aaq/art/css/ 5 KB
2 KB 51ms
24ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/desktopweb.1c9272976b8a9c64012ddf49a5208fb0.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d2a75aa8c560d18e49684eb0029c0ac9b9b53bcc937d4f6085e7ac10e07f37e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 13 Oct 2021 18:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166765
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1607
x-amz-id-2: LX+WDeIdD27SVOx1dWjp3JJi97EF+i1Dfw68gr0qt4FSl18NJoKpSoxm0ysNbnwqrLzZg5CG8CU=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Jul 2021 02:30:09 GMT
server: ATS
etag: "1c9272976b8a9c64012ddf49a5208fb0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1BP90607M0KKJ535
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: w1JGn5gFgMSajThoJXuqoEfXPZ0AR1DU
accept-ranges: bytes
content-type: text/css

GET
H2 200 tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
s.yimg.com/aaq/nel/css/ 1 KB
867 B 51ms
24ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/css/tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 05 Oct 2021 22:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 842378
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 598
x-amz-id-2: eoPTWQe5xoK/yXwbpIqKu78N5n0Uotlh+0yYtUWsaxZObi0bEWzWB7ds4u9bgbXEoVjALcVENOo=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 May 2020 20:44:35 GMT
server: ATS
etag: "45f01f005c629741cf7c510f94504957-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: M4CMD9DZEN0S793M
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: 3nD8ubhr7d7iBX6Y3PvaNHIToSxvlD3K
accept-ranges: bytes
content-type: text/css

GET
H2 200 tdv2-wafer-footer.custom.d20664501ec9335720b99f6f8978dbba.css
s.yimg.com/aaq/nel/css/ 218 B
486 B 50ms
23ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/css/tdv2-wafer-footer.custom.d20664501ec9335720b99f6f8978dbba.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

030a7f62c9068ddfdae92417ea9e9a3a95cd65314fc47c59aa8f00f929f07e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 10:18:58 GMT
x-content-type-options: nosniff
age: 1146608
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 218
x-amz-id-2: iNjIYdvT/XYgyEv8xA6HzIYHAFD/xuvEvBEhaFtCdXzZllkijQJxvTAZe6gvihJ2MivNaTUFiYk=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 27 Apr 2021 06:37:54 GMT
server: ATS
etag: "d20664501ec9335720b99f6f8978dbba"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: SYMW27KSPBNZ5CDG
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: 3s4l.UyeQRYNFQ55Xg9FUy_ACttX7j0k
accept-ranges: bytes
content-type: text/css

GET
H2 200 tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
s.yimg.com/aaq/nel/css/ 175 B
454 B 50ms
23ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/css/tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 22 Sep 2021 13:44:03 GMT
x-content-type-options: nosniff
age: 1998303
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 175
x-amz-id-2: SMUrIr0hsN3dlpIOK0doiR+xpLQJVwDIDzPLvUQy1wETV3P5ObmeonsitWBfqc7j3ns83v/8MHg=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Mar 2020 21:07:44 GMT
server: ATS
etag: "a5ef55315256ad2c3ff918a06f48f42e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: TH6V50BGJ9JZS65G
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: 21GH_PLIjg2WlBSxqBoCQ_thkST_rwNI
accept-ranges: bytes
content-type: text/css

GET
H2 200 caas.1819672b6597eadb6d95c536673733f4.js Show response
s.yimg.com/aaq/art/js/ 37 KB
14 KB 8ms
8ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/js/caas.1819672b6597eadb6d95c536673733f4.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d975f609e28d82def35222983b5cf32817ce1fb5a14f1345bdeae79e47f73b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 27 Sep 2021 16:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556172
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 14431
x-amz-id-2: aSubBuBiECF8CwELsf8bG4FUbV/d5Z99i2zBkgvP3jLZ0eo7NKK/Jt6I93kE++ui+phLfLGY1cA=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Sep 2021 15:11:37 GMT
server: ATS
etag: "1819672b6597eadb6d95c536673733f4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: B8V06CR49Q0W0K5K
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: 8O2bPdhtbvXtqVwKatayRJMUq6b23kU9
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 g-r-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ 203 KB
86 KB 60ms
34ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a4e38a82438ff664064f8cf268d05f0fddb3f2a23deec34fbcd864e6fea84a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 28 Sep 2021 05:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1511211
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 87489
x-amz-id-2: VtfKUUOUQw3HownD/eii3oFCOBSprLRbV/m5Eh8VHnGqSgcmqsAqdkICRiIzLwPHWGt5RQXnaf0=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:24 GMT
server: ATS
etag: "b3179d0dfadbc67a7165898dfd970155-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: RVF3JM9QRGJFNTVZ
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 wf-loader-1.8.6-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
3 KB 44ms
38ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-loader-1.8.6-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

48e533ad7ddb46f72584c7097cd5fbe6ca720ad6151f452b3ddcd51a6a438c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Sep 2021 17:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292969
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 2558
x-amz-id-2: luluetnivFPWgTt3Pv1lS6dVrn6Uzolt5ut8t2lRl9mbq6e0fABEgtImDvgHqtfhWAbb5Zt9j9I=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 15:25:08 GMT
server: ATS
etag: "1a102e360b4981f3eb7b910876ab867b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: ZS5ZPTB8RJ7PKT41
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: sg3Xej.jQ4x5czeLHyc97WgRw_xNdzyM
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sda.769b03565de4778a45c9fb1ed721fd93.js Show response
s.yimg.com/aaq/art/js/ 3 KB
2 KB 43ms
38ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/js/sda.769b03565de4778a45c9fb1ed721fd93.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

5e6cf25023bd391350052b05c814e49c323aa10e7ee77b9022fa62536fecaf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 07 Oct 2021 11:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709451
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1439
x-amz-id-2: knhV3ArP09sOeOF+8/PJqgovXHU6WitezXf5GJdBsCOHVlpuN3YD40S5oTSdYODt61HRXA0hXHw=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Jul 2021 18:39:24 GMT
server: ATS
etag: "769b03565de4778a45c9fb1ed721fd93-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 50329MJE6EFT5MEE
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: J5aP1kMpC9cikQKdVBu6hbJXID_pAo1S
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-sticky-1.0.9-modern.js Show response
s.yimg.com/aaq/wf/ 6 KB
3 KB 43ms
38ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-sticky-1.0.9-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3107c8d85f9424f0dc196ecb3cea178f1f6c3feefe41f18b9710d018b8fd3d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 06 Oct 2021 05:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 816577
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 2328
x-amz-id-2: FYQFAarZ/bNC0ZKw61JC0cFU/JhNezy9t3+7p2qMIjQa+vnfTybe0QkY3GGlmQTzo7VMaLEGiEg=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Aug 2020 16:12:16 GMT
server: ATS
etag: "abb96c2cf696b89832633538168b61bb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 76HER7E9M23AMQHC
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: juy.OtBzpONq69wQirUfldcWl10cszE3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 rapid-3.53.28.js Show response
s.yimg.com/ss/ 49 KB
18 KB 53ms
28ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ss/rapid-3.53.28.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fc9b27c7db86c06a8c138b7ab112e93a0b606cd9b3e15bfb7a66bc10fb8a19c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 28 Sep 2021 05:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1507755
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 17942
x-amz-id-2: s8DBmdqjI19TFUunZUv8noZMX2apWpa6Iaz7niZVkrJ/PJcurYQumkpyL8rCkkxCGi5NnVZrXXo=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Jun 2021 17:16:47 GMT
server: ATS
etag: "e5bcad1c8a999906402876c46fe8d7b7-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 74J235D5Q73AM3EW
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, immutable
x-amz-version-id: q.Dhz22dgKnw5oQuJ9kvZm6uYPW.YpHi
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 cmp.js Show response
s.yimg.com/aaq/cmp/version/4.1.1/ 77 KB
19 KB 43ms
39ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/cmp/version/4.1.1/cmp.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

8973cff83ecbbcde03019fab88c0b6c7c4c42dfe154773d5e779dc7f1c4ea3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 29 Sep 2021 13:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1395031
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 19516
x-amz-id-2: iw5ZMcDjj2vsdKB1pqw6p6mPUhGv/4ccZqHZcODuPJ4zTS55viSvEGqg0f/1o7yqx+W7fg3Y9Qg=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Feb 2021 16:41:16 GMT
server: ATS
etag: "72567ecd4b70e670beb9ad992d2a4b78-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 05JZ3MBBP6P760JW
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
x-amz-version-id: ULY8qKK3lyiz5utFAYhzoVfvOvel3Foa
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 cs_1.2.0.js Show response
s.yimg.com/aaq/vzm/ 1017 B
1 KB 43ms
39ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/vzm/cs_1.2.0.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

263f3c06eba4f4b57903b66aadabadc3da9e57715dac5b3418c65220c0f5564b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 05 Oct 2021 01:09:19 GMT
x-content-type-options: nosniff
age: 920387
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 1017
x-amz-id-2: BOqqeTSQPAJFV7GTkpK94wu4ba1HkyaBd+NQG8C99HUPNBdN3OoCw659SnU25WN8vM2I1wB3sjo=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Mar 2021 17:06:42 GMT
server: ATS
etag: "c25112b42c65d45c9cdc56b5caaeb8dd"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 4ESVMB1JB2HZ480P
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: wM5l7zCa5U1QcUALJ3ynOo3xTjaDf_Rk
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 tdv2-wafer-utils.19c76fb8.js Show response
s.yimg.com/aaq/nel/jsc/ 3 KB
2 KB 43ms
40ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/jsc/tdv2-wafer-utils.19c76fb8.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Sep 2021 05:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1338482
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1510
x-amz-id-2: ZjcgCUw+WQWdfrDSmag93Ift7RKg25RY8gIj6UB6EIXD5gi5FxD34sQFK95Rw15ymg1MRAdWexM=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 09:06:17 GMT
server: ATS
etag: "19c76fb888c61a6885bf5b6129475036-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 2ZPGAQPW0EQJFPK2
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: 9qfIkSKLPOCh1Tr599Fv20Rt.5tsVtHX
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 spotIm.custom.SpotImJAC.a936b9b2d51983207ead921012855b99.js Show response
s.yimg.com/aaq/nel/js/ 21 KB
7 KB 44ms
40ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/js/spotIm.custom.SpotImJAC.a936b9b2d51983207ead921012855b99.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

f803dd8b7bf6380e5512a31e369488a65c2f09f732d7ba85b7cafa48a8ef9e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Sep 2021 18:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1289527
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 6634
x-amz-id-2: LBXOp6imLpiDyl55mjh26T9UqeVh9ULsJ9WBhTPOrUw5ZTaF+WkzQiiJ9l1oYeMyw7WQDEsfNJo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Sep 2021 23:21:46 GMT
server: ATS
etag: "a936b9b2d51983207ead921012855b99-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 9KZ3HPJADJJ0GJ1Z
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: V89a32zYNAYj9wP4v4W8dqrTqCU3wbQm
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-fetch-1.17.6-modern.js Show response
s.yimg.com/aaq/wf/ 16 KB
5 KB 44ms
41ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-fetch-1.17.6-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b390785788c27f5e6588bb9e9d62666e8314fdf4b7a38f077fe9ba088fc6e9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 14 Oct 2021 06:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124520
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5354
x-amz-id-2: cThr2YCNGrtGlediiH/YzdVWdkjJRaKC5TAMjVbnh3LQYmQLOj4HFpYp0fIFQxr7HSyAbXihXsM=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 16:40:35 GMT
server: ATS
etag: "36efb6b47a57dc93a798169931741efa-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: HCB4R0NBJ8VJ3N96
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: PndU446MCcp_z_3RFoB.tsgUUcB6qZp7
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-beacon-1.3.2-modern.js Show response
s.yimg.com/aaq/wf/ 10 KB
3 KB 45ms
41ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-beacon-1.3.2-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

dedc786694a09c3e0a0f86acaa763cb0bb15fa3bae9165735855de4f2dcc07b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 29 Sep 2021 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1412706
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 3314
x-amz-id-2: +2OXL21tYlyTwZTh9/WJxsBDldF8+c0J/3iWoYRU51mEMkdfXwPioFPNLfRzipvzxRMP1hwPwDw=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 16:40:35 GMT
server: ATS
etag: "57148a9f1964e31750ea412f3d0f8096-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1V64CTSPM9E2PSZ0
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: gkEsm8nev9QUkOak.O8wENBl0kBeFUJ0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-scrollview-2.15.0-modern.js Show response
s.yimg.com/aaq/wf/ 30 KB
9 KB 45ms
42ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-scrollview-2.15.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44c019f08e8df117d255d2ab549b8a35fb004f702e1c08cada2d5906227db85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 19:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939229
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 8591
x-amz-id-2: A0+0OM65aI3uzOkDMfYgK+e7G10bJLv43uX1zWB9+LSG79cOl8jMWn8EVZh5aGg165e3GXSXHXk=
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 05 Sep 2021 07:26:09 GMT
server: ATS
etag: "901018facd50f12d8497f7be66bc5e33-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: CK1MFWZC6Q0T2KXJ
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: f.l1ngXmSDQtyG332br5jvqX3dU0sc2k
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-countdown-1.2.5-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 45ms
42ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-countdown-1.2.5-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 14 Oct 2021 05:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127923
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1815
x-amz-id-2: ne6JSaFO4plWgMKieDuuWHLRxyRR+T3hzcQ3Bf04v5KTdqkn1tZRpQ+D7yZXI/VRinbH2+Ut+70=
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Sep 2020 18:50:05 GMT
server: ATS
etag: "681d57e9e7cbef5de44544c13f8ca62e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 7EBHGCBX6X9R79KV
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: CQ1lP8549yVnp28g4QLu9GcN8rB3ImgO
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-toggle-1.15.2-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 46ms
42ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-toggle-1.15.2-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

6070d8bcd7c1875f38296337e2cc31dc1a03f98dbdcb09a5d8edb9a511c1725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 07 Oct 2021 00:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 751230
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 3931
x-amz-id-2: 1TfKPpLWHVtIS2iMDH138OGeCl5xU5FvAaRSCQyrBVNJKxxcuMka9Y5aYYA0VVI1R821WxKWakM=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Sep 2021 08:51:51 GMT
server: ATS
etag: "46b26a673b4c0a65b472262c046742ec-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: S656WJK2XSAGA2S6
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: CISN2HLnJpwT7nNJxlA_1tj_MgLYp8eW
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-video-2.17.0-modern.js Show response
s.yimg.com/aaq/wf/ 27 KB
9 KB 46ms
43ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-video-2.17.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a941d803ca1c3ba9843cc9d365f7e31d57f613040d9155db97e6280384b146c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 10 Oct 2021 19:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423424
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 8442
x-amz-id-2: iMOGVKnYsjqh8owQtgMAqjRUgffMwxO3bFjf0AiMms8M8cOoigoYnEju+AAwTC/TaGEpNekCcpA=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Sep 2021 19:16:07 GMT
server: ATS
etag: "312c563655134f86153096e771be40fc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: J2M30BCCMKW0PWA3
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: M7PcPZxam.UbT.D5zkI4ScNBvY5lkwR1
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-form-1.30.0-modern.js Show response
s.yimg.com/aaq/wf/ 14 KB
5 KB 46ms
43ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-form-1.30.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fbbbd482623be6ca737e9c0fd0480f38b31e221e1d6b4380a56291937806c85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 10 Oct 2021 11:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451534
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 4860
x-amz-id-2: wHWcG8jDLzFvOZGwL+YKz3QXz56GJWY39UUUYB4rM9DkkebzYWdHdFHWSMC2a0HMhqZsuBoFT34=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Sep 2021 21:19:50 GMT
server: ATS
etag: "da22887964832a34d56d21633fe38fc2-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: EZVAWRWS8D3PA6VV
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: 5RkE8iI1shCSb_ReDcQNhwFD1xQ3pbow
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-caas-1.14.19-modern.js Show response
s.yimg.com/aaq/wf/ 20 KB
7 KB 46ms
44ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-caas-1.14.19-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

90ae67bf47fb19e9ba8624a6bd478769da914826f83345a562adadfee566abf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20419
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 6412
x-amz-id-2: r4t0kwheE+CUmcsypg4GPd7yd/wzslAeRchPGsAFVA6KF/ZrefpY3gHl2RFV25UQvmMeOjZrpjU=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Aug 2021 19:32:33 GMT
server: ATS
etag: "3623bd85cba472853b5a6868b36666e5-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: FVXGGKTP3RPZQ7VH
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: L4XrvBX9MC6fkrmzMdY4isHKClHcU8BZ
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-darla-1.0.26-modern.js Show response
s.yimg.com/aaq/wf/ 5 KB
3 KB 48ms
45ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-darla-1.0.26-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

8d17d398f7edd387b33748547b5d16c448b04a6dd68d948dfb73e36cf6b346fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 24 Sep 2021 21:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1798534
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 2401
x-amz-id-2: Bt2uHTGCCW7UMdoiAN4v+Xy/rAhsqFPm923kieElZeIlrIv//AyBjxHX2llMrazgPKC505p2LAk=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Jun 2021 07:19:10 GMT
server: ATS
etag: "208185b3835eb78d7b4fb30e6a0b47a8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: MBJ4N3RHH4MQ0WC8
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: lkd5cSgyZGjT2ImsaMaWH4O56NgkmBZU
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-image-1.2.0-modern.js Show response
s.yimg.com/aaq/wf/ 6 KB
2 KB 48ms
46ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-image-1.2.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b8e050a6298c6a3340d288bdf1e184afe1912d1f3cac338addb93b5767ac6049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 21 Sep 2021 06:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2109516
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 2243
x-amz-id-2: +wbGBE66Ap23h4xBMoHz9Ggy051kSXu0f0x1c7WVOSA0k60wYKwS1X9nVDBdEIUDlcZt61p5JU4=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Aug 2021 06:31:33 GMT
server: ATS
etag: "e29c58747b3437d2e5b642d3c49d1701-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: EV0DKXECF09B0FQN
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: m7S6hO6fBlcZ4g4cpV64_72zJB7rE5JG
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 tdv2-wafer-content-list.custom.c0c786db9d1790614d8b1ac4c26f17fa.js Show response
s.yimg.com/aaq/nel/js/ 3 KB
2 KB 48ms
46ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/js/tdv2-wafer-content-list.custom.c0c786db9d1790614d8b1ac4c26f17fa.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

831044726fc68a612351ab72185e412b71ac27152fd0be14f214cebc403bdb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 13 Oct 2021 20:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159562
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1398
x-amz-id-2: HZUbTM+qQLnO6UgIxGhZNuQwoi56JKyzx7c8ObVNYBwxyBYCiELih1gvENhntnqjEIpKA2E+fC4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Apr 2021 19:45:34 GMT
server: ATS
etag: "c0c786db9d1790614d8b1ac4c26f17fa-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: VKEZNWT7RKGQ8W27
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: dBsK56.huxub3nd0Q_0C.tmFFHp97aR6
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wf-rapid-1.5.2-modern.js Show response
s.yimg.com/aaq/wf/ 7 KB
3 KB 49ms
46ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-rapid-1.5.2-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

9fffe0b764d5debac40a65ebca1cb753c7a45cfdbd9a07a2c67b3de67e28fc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 10 Oct 2021 19:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423423
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 2495
x-amz-id-2: vaD3HeDKD0fwdFz5m42BhuvHErkR/b9rvHJRkdKnDVTU+xH2FD73fL+Q1MFHvKTdMmj4bx1i+B4=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 21:42:50 GMT
server: ATS
etag: "7aaf805c5bd88c2cf33b51e6bd135a62-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GPS47T5BMP3FHJ2E
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: 2Oorf_EyvY5lEqGICbvGHgpFRMKw_aIH
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 react-wafer-subscription.custom.monalixa.modern.297eb60eb0ddd5056d12151fd7d4c000.js Show response
s.yimg.com/aaq/fp/js/ 1 KB
872 B 49ms
47ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-subscription.custom.monalixa.modern.297eb60eb0ddd5056d12151fd7d4c000.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

cc2cc463fbafa5eea3cc38d983027a2c2574c1ab23c22ed317e33225d6fec1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 08 Oct 2021 09:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629932
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 583
x-amz-id-2: Gy2qjPXtZtqcEKrk/MuYo9E6/rkSUb5MM9rod74U2EDGl9bvSRaM8D8tkHuiN4jqDhEfmZ7PfDg=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Sep 2021 13:10:46 GMT
server: ATS
etag: "297eb60eb0ddd5056d12151fd7d4c000-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: H0SPM1RMV9B6FYDF
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: aY7ALS4TTUowlwTFZiRhJTOXwgzCaMBX
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 b23c0a4.caas-article2_fauxdal.min.css
s.yimg.com/aaq/c/ 86 KB
13 KB 49ms
25ms Stylesheet
text/css 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/b23c0a4.caas-article2_fauxdal.min.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

290160a54f89b2cec6a0edc4d04fa83e239cc3e956451ec5c5e0226c88cd6c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 09 Oct 2021 07:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553155
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 13028
x-amz-id-2: L2TKsyIPJ4cOv2nbVlZr+Yk1JCf2V8G7uu9g5gxzbZgJW4YJOiLXY6GLHV5HO17LH8U+0YvG/rw=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Oct 2021 19:37:53 GMT
server: ATS
etag: "5f71b86834e4b2a1aa5c9d42d696d4c1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: MNHYQ7VERNR2G0R1
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: L9SnVKjM5dtulARhSXj6FWwdpx8eCU8R
accept-ranges: bytes
content-type: text/css

GET
H2 200 yahoo_news_en-US_h_p_newsv2.png
s.yimg.com/rz/stage/p/ 2 KB
2 KB 60ms
58ms Image
image/png 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/stage/p/yahoo_news_en-US_h_p_newsv2.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d4e305677c8bf9811e9d43f06825b8d255e9a0cf2c02a78e3f08ecd4e93f5bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
age: 85167
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 1696
x-amz-id-2: IhiCNulp4J7tB2TBefG72l6CkTP12jd3vGd/n00RNAHbh2mlkKmb6iYiYwOk8mFAIOprssPxQTs=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 19:07:39 GMT
server: ATS
etag: "736cf3939e9ba4c97a7cad440630f2bd"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: Y5VTN0S155BV90VC
x-xss-protection: 1; mode=block
cache-control: public,max-age=86400
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Oct 2021 23:00:00 GMT

GET
H2 200 cerebro_min.js Show response
edge-mcdn.secure.yahoo.com/ybar/ 5 KB
5 KB 49ms
47ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

f0f839401ca503be4df9ff4f79f963619f65d36b1f7666e1479e022da098049c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:29:58 GMT
x-content-type-options: nosniff
age: 76748
x-amz-server-side-encryption: AES256
content-length: 5188
x-amz-id-2: vq8YF9cxLiT9Os/IFJVEkanViyG61+Oyq3pGkByREWV4L9ErJFxcyefCVFpJH8gu0Mp2ZDZCFsg=
timing-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Jul 2021 20:48:34 GMT
server: ATS
etag: "cf9027df6f951492db6318f85a43d9c0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 8M4DPD86HWE3KQYS
access-control-allow-origin: *
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 spritify-sprite-dark-fd484ded-615432bc.png
s.yimg.com/kr/assets/ 12 KB
12 KB 46ms
46ms Image
image/png 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/kr/assets/spritify-sprite-dark-fd484ded-615432bc.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

c38ad659d5c95dc2e75b9a79247d9b40ef1e00b9b377a9919b54d8e03024b20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Oct 2021 13:11:04 GMT
x-content-type-options: nosniff
age: 272282
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 12068
x-amz-id-2: uzCURWSf0/hdgzgDcW/Tx+0czYn4DipNrHDy/H7QvaOpB6E5wykNCKzf4LmW/xGi0gVU0yRgfXs=
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Dec 2020 01:13:27 GMT
server: ATS
etag: "49422090c836f9fef41ec35497ba622e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 2T88C7FSJ4V3J9P9
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: image/png

GET
H2 200 header_1x-1479864976616.min.png
s.yimg.com/pv/static/img/ 910 B
1 KB 46ms
46ms Image
image/png 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/header_1x-1479864976616.min.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

426b046038143ad054687058dab793d909fa3dd666079ebcb36489ec5b8e0f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Oct 2021 13:45:49 GMT
x-amz-meta-created-date: Wed, 23 Nov 2016 01:36:21 GMT
age: 270198
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1479864981365623
vary: Origin
x-amz-request-id: C61TNS7VWTH2QNWZ
x-amz-id-2: lXC3l2DV57Ol5G1UEuhNQlqRCwD+KNfd4MV/WcDa8Qlnm7MU7jBaU/fTtGUzWmPbp4B2nRTzKhA=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 17:59:57 GMT
server: ATS
etag: "7f972abeceed50ca083138400b84d1c0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
content-length: 910
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:174fb767-5e6f-47ee-959f-e24098938cca000541edea87a377"
x-content-type-options: nosniff
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 spritify-sprite-light-fd484ded-e3dce7a4.png
s.yimg.com/kr/assets/ 12 KB
12 KB 57ms
57ms Image
image/png 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/kr/assets/spritify-sprite-light-fd484ded-e3dce7a4.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 12:41:41 GMT
x-content-type-options: nosniff
age: 14845
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 11967
x-amz-id-2: gTT8dgTIPPupcGlhJMehb6GfXxNi/mNlI/otrbJwy55kyOiKHlHZ86MEkO21fPEWb7alEaQfQ8E=
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Dec 2020 01:14:52 GMT
server: ATS
etag: "c52b9648030733c6235492f484942207"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: YEHZGDKSBBSDTHX8
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: image/png

GET
H2 200 Medium.woff2
s.yimg.com/os/fontserver/YahooSans/ 29 KB
29 KB 7ms
7ms Font
application/font-woff2 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Medium.woff2

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/art/css/yahoosans.7541e8c92ee85b9e784aa025de348ec8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/aaq/art/css/yahoosans.7541e8c92ee85b9e784aa025de348ec8.css
Origin: https://news.yahoo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 03 Oct 2021 06:23:31 GMT
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:03 GMT
age: 1074335
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273943990234
strict-transport-security: max-age=15552000
x-amz-request-id: MKPYEAR6F1B3ZKXE
x-amz-id-2: M50MV03oX2UHvohtCv/0z3wrTzcTEpUw+OE46h28I5rz0rN/AbeeImUg8T/1LPYsNuzoxxCFxiQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 19 May 2018 05:28:12 GMT
server: ATS
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=536112000
content-length: 29228
content-type: application/font-woff2
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:7c7ff48f-a8e4-41f3-ac01-65c2fbdd5ea700055bc464a7cfda"
x-content-type-options: nosniff
expires: Tue, 15 May 2035 05:28:11 GMT

GET
H2 200 e31acf60-80f5-11eb-9fff-18c6b7043df9
s.yimg.com/ny/api/res/1.2/EVXs.uuUVY0BVoJPEKKVUw--/YXBwaWQ9aGlnaGxhbmRlcjt3PTEwMDtoPTQwO2NmPXdlYnA-/https://s.yimg.com/os/creatr-uploaded-images/2021-03/ 998 B
1 KB 13ms
13ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/EVXs.uuUVY0BVoJPEKKVUw--/YXBwaWQ9aGlnaGxhbmRlcjt3PTEwMDtoPTQwO2NmPXdlYnA-/https://s.yimg.com/os/creatr-uploaded-images/2021-03/e31acf60-80f5-11eb-9fff-18c6b7043df9

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

8849308e08055c269665f15d93b30497b35641e1eee6f246e6703fdb6dc0d0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:32:37 GMT
x-content-type-options: nosniff
age: 148589
cld_latency: 1
edge-cache-tag: 424174599885504421822147752341032625934,375336298217483636015412887570953507299,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 998
x-xss-protection: 1; mode=block
cld_by: cache-wdc5568-WDC
x-served-by: cache-wdc5568-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 13:37:33 GMT
server: ATS
x-timer: S1634167958.679111,VS0,VE1
etag: "267a688ff8b54d414e04d01defe88275"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="e31acf60-80f5-11eb-9fff-18c6b7043df9.webp"
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 placeholder.gif
s.yimg.com/cv/apiv2/default/20190501/ 1 KB
1 KB 9ms
8ms Image
image/gif 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/default/20190501/placeholder.gif

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

9c7839ef30628cceb2af6edbc09a6c40a962cd54a16fc5b8a50e6ac75406532e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 14 Oct 2021 17:09:39 GMT
x-content-type-options: nosniff
age: 85168
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 1101
x-amz-id-2: 5bu7k+LSGDgxULY12+vUa9gu6/p/uXaoL9RBSv6obFDb2e/lZ7S1QF2amg0jkIb5/6Lh6ei9w00=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Sep 2019 00:11:41 GMT
server: ATS
etag: "044af4d71d0005f6b5261dd76f29a9aa"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: 7806R7037GD9Q35B
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK consentRecord Show response
guce.yahoo.com/v1/ 79 B
585 B 32ms
32ms XHR
application/json 52.16.16.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://guce.yahoo.com/v1/consentRecord?consentTypes=iab

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/cmp/version/4.1.1/cmp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.16.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-16-109.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

3b43c4bff78d3a17627c5978ed94e2cc032d5db60086125bf98ce7c7de533161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Content-Encoding: gzip
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://news.yahoo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, User-Agent, X-Forwarded-For, X-Oath-Gcrumb
Content-Length: 86

GET
H2 200 wf-core-1.47.1-modern.js Show response
s.yimg.com/aaq/wf/ 54 KB
15 KB 13ms
12ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-core-1.47.1-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a4214a2f00feb2b91525955c2ee60134bc0134606599e9509581dc803b677b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 05:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39710
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: EA4CJNK5P0E8H8VS
x-amz-id-2: u5E9rdMlvVB+sS55ynvbaFQhVvW9QnRErsvR0eoKzr0nmp/36NmUkxglgTYJBduYcMJLsf3S8b8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Sep 2021 05:32:43 GMT
server: ATS
etag: "8af4f3a600ee72be754c120f4c7a345c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: 9bFotpzHgJ9altmquCB7FPrbXJfOrq34
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 yaft-0.3.28.min.js Show response
s.yimg.com/os/yaft/ 17 KB
6 KB 11ms
10ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yaft/yaft-0.3.28.min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 25 Sep 2021 14:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1735239
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
content-length: 5786
x-amz-id-2: 1c56DzsBYDPdZSe8jrAhh8zuOXOLWEVXh/1fdmg/R9YgMC8iKGB+q6NRFenXSURR+LD92WEBIUc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Sep 2019 04:05:39 GMT
server: ATS
etag: "0731da3e399a4565e47c36702ffa9ba6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: V6NBMC7EA0AHMDH1
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=315360000
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 284e6ac.caas-article2_fauxdal.min.js Show response
s.yimg.com/aaq/c/ 126 KB
33 KB 18ms
18ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/284e6ac.caas-article2_fauxdal.min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

4a9c995279b52d1f5e643e312ad44c799250d839d22f67fb79dbc60587b811bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 01:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56185
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: C41Y93D1NAV2T4SH
x-amz-id-2: zkMbOJGyRF3wG/ekenp19Cg8YvYuhtiO6/2Wg7PFPTYPIdAAguzc0Gou/6Vx7rURQ0C+5LUzXSM=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 22:21:24 GMT
server: ATS
etag: "7c129b15ea883f92b4f4eb0e5977ca50-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: IqR2xc5tJ9iGv7PEuKQOBc3j0lneNBlV
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 advertisement_0.0.19.js Show response
s.yimg.com/nn/lib/metro/g/myy/ 158 B
438 B 11ms
11ms Script
application/x-javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/nn/lib/metro/g/myy/advertisement_0.0.19.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 22 Sep 2021 09:53:36 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 158
x-amz-id-2: vkKKGd6e9zYWf+FSdMhX08wZO76Z8M6z+0C99rY7j5KneZ2dnmkw27OZsi1AZoo5YeUPYg80g0s=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 May 2020 03:33:21 GMT
server: ATS
etag: "ca243b22264dca7a4a899c51cc2dc963"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: G205DKW615QMSMW7
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
content-type: application/x-javascript

GET
H2 200 8_699b9a5032.chunk.js Show response
s.yimg.com/aaq/c/ 11 KB
4 KB 11ms
11ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/8_699b9a5032.chunk.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/c/284e6ac.caas-article2_fauxdal.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

bfb9ba3dcd77b9abed950d62e254b76b373f3dfef28719d67c604578156b4eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 01:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56166
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 01BF0N84QEDTDJT3
x-amz-id-2: /WnjBh9KOjuvJm4PZjS4fN9f4JJBbfC9Eakni1mSsmfeOLrlqOxJ7Gqx1zdi9qIAVw0om5icEUk=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 22:21:27 GMT
server: ATS
etag: "ff21ab5a6b8ac44fd091e91fbb8addfc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: xpThRpPRo.lV3PSxjISG25raIL_aamV.
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%2...
https://sb.scorecardresearch.com/p2?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%...

64 B
329 B

21ms
21ms

Image
image/gif

18.66.248.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%20government%20database%20exploited%20by%20Covid-19%20vaccine%20critics&c9=&ns_c=UTF-8&ns__t=1634316546248
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: NL4ASCna6vV48bCpH0qWBcDbcm-bx7871iFljb2IrLb_qsyS-o0zRg==

Redirect headers

date: Fri, 15 Oct 2021 16:49:06 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c14=-1&c2=7241469&c5=1197618800&c7=http%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&gdpr=0&gdpr_consent=&cs_ucfr=1&c8=US%20government%20database%20exploited%20by%20Covid-19%20vaccine%20critics&c9=&ns_c=UTF-8&ns__t=1634316546248
content-length: 325
x-amz-cf-id: 71dQ2UtvnQ2cPNYQx1Y3eFSwWh-WpD1xmU6Sb2G-yfAYJcys8l6bLw==

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 4 KB
4 KB 7ms
7ms Fetch
application/json 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: edge-mcdn.secure.yahoo.com
URL: https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

891f503c1b94768ca0080ffc17fb7652fe0e22c2adc6b1ac5fffa9308d9ca713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:30:55 GMT
x-content-type-options: nosniff
age: 80292
x-amz-server-side-encryption: AES256
content-length: 3731
x-amz-id-2: 49SV69mcY8KTmDbBmHHEbZ4TP8VcmxbuBNQuvwBubh2iZb1kD+CeCHtObT4NYvo5RlublN3EDxw=
timing-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Jun 2021 13:45:38 GMT
server: ATS
etag: "6bf64b4ea3c9f6b55cb548c97f98bcdb"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: X5SQRCX67CSRMX94
access-control-allow-origin: *
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-type: application/json

GET
H2 200 perf-vitals_2.0.0.js Show response
s.yimg.com/aaq/pv/ 5 KB
2 KB 8ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/pv/perf-vitals_2.0.0.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

1b6f60b0715e162c4f3ca6c4b54b64a1e8edfa8b5ad1859982d990c9258abf3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 09 Oct 2021 17:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517309
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 1961
x-amz-id-2: YEPxeTiXbVm64Lpy8pXWYjHHdPIAkJlOiqJ8W7LizxazjAW1reINxjsgVSnJ6kPJmyXTi8+PsDk=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Jun 2021 17:37:15 GMT
server: ATS
etag: "d7ad6697dbb2a4183385280b757c754c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: VB3B02A6QDZRRTW5
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
x-amz-version-id: i8xt9OcqDpTrjuB5A6JEVonaKht9cf5M
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 81aab215ad69fd17c6ae5a2a47ce13e2.cf.webp
s.yimg.com/uu/api/res/1.2/6lQzbbWpFchy94t_8cYUWA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/JSry3UoXRXNTAfOOIkwhkA--~B/aD02MDA7dz0xMjAwO2FwcGlkPXl0YWNoeW... 14 KB
15 KB 57ms
54ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/6lQzbbWpFchy94t_8cYUWA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/JSry3UoXRXNTAfOOIkwhkA--~B/aD02MDA7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://media.zenfs.com/en/the_huffington_post_584/81aab215ad69fd17c6ae5a2a47ce13e2.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b9b56f458485868b06183daabde0dfa40a671c0403d9cd1f681c199626d8c5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:13:53 GMT
x-content-type-options: nosniff
age: 9313
cld_latency: 1
edge-cache-tag: 447376121139532485360172684612593925901,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="81aab215ad69fd17c6ae5a2a47ce13e2.webp"
strict-transport-security: max-age=15552000
content-length: 14614
x-xss-protection: 1; mode=block
cld_by: cache-wdc5539-WDC
x-served-by: cache-wdc5539-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 07:04:58 GMT
x-request-id: 5c5dd4611695b0af910da4131257d3f4
x-timer: S1634307234.555488,VS0,VE1
etag: "57615251bdf6d621417dbd9d7d1a46aa"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 5c5dd4611695b0af910da4131257d3f4
x-cache-hits: 1

GET
H2 200 9cb4f550-2d3e-11ec-a7af-a227ff634857.cf.webp
s.yimg.com/uu/api/res/1.2/AdIMSOvV8nS54_BKu2MEYA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/os/creatr-uploaded-images/2021-10/ 11 KB
12 KB 57ms
53ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/AdIMSOvV8nS54_BKu2MEYA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/os/creatr-uploaded-images/2021-10/9cb4f550-2d3e-11ec-a7af-a227ff634857.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7266d2a818f2eccfbd71cf16946251bc4ee0857883214a0081a5e4441fd8cb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:15:40 GMT
x-content-type-options: nosniff
age: 5606
cld_latency: 1
edge-cache-tag: 512153631981276219129443168826730930976,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="9cb4f550-2d3e-11ec-a7af-a227ff634857.webp"
strict-transport-security: max-age=15552000
content-length: 11382
x-xss-protection: 1; mode=block
cld_by: cache-wdc5544-WDC
x-served-by: cache-wdc5544-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 00:22:10 GMT
x-request-id: 17f31e21e4c5513e7706aaeb6881f8ab
x-timer: S1634310941.710841,VS0,VE1
etag: "172960858f4d05f416a58f55639ed773"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 17f31e21e4c5513e7706aaeb6881f8ab
x-cache-hits: 1

GET
H2 200 6ff6722fec5b37d065d3425598c2e4c1.jpeg.cf.webp
s.yimg.com/uu/api/res/1.2/dIJB2EwcVvZSajQEO8HfaQ--~B/Zmk9c3RyaW07aD0yNjg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 19 KB
20 KB 57ms
53ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/dIJB2EwcVvZSajQEO8HfaQ--~B/Zmk9c3RyaW07aD0yNjg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/6ff6722fec5b37d065d3425598c2e4c1.jpeg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

6e6c93da53316a3f32928e5aa1a1226af29471dbc51e2e2789efd50dca16d58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 05:22:58 GMT
x-content-type-options: nosniff
age: 300371
cld_latency: 1
edge-cache-tag: 423121249400670450238500724375464422329,177016539108799789402956418939896650222,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="6ff6722fec5b37d065d3425598c2e4c1.webp"
strict-transport-security: max-age=15552000
content-length: 19750
x-xss-protection: 1; mode=block
cld_by: cache-wdc5520-WDC
x-served-by: cache-wdc5520-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 06:57:36 GMT
x-request-id: 7f444867bb0cbdcaac7ad0dfe0d432ae
x-timer: S1634016178.008708,VS0,VE1
etag: "25df8ecbd07d61110a86cf2894280d80"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 7f444867bb0cbdcaac7ad0dfe0d432ae
x-cache-hits: 1

GET
H2 200 675b2d27b97cbbc4fd8372fffa41ff67.cf.webp
s.yimg.com/uu/api/res/1.2/681A54MOLjD0yKSS.xV_.A--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/yua689g7Baq68MIwbY2hkA--~B/aD03MjA7dz0xNDQwO2FwcGlkPXl0YWNoeW... 14 KB
15 KB 57ms
53ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/681A54MOLjD0yKSS.xV_.A--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/yua689g7Baq68MIwbY2hkA--~B/aD03MjA7dz0xNDQwO2FwcGlkPXl0YWNoeW9u/https://media.zenfs.com/en/autos.autoweek.com/675b2d27b97cbbc4fd8372fffa41ff67.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d1bbed352f79d8930c79e552b22097ec8d67dd8164593254775f0d254aa02c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:13:53 GMT
x-content-type-options: nosniff
age: 9313
cld_latency: 1
edge-cache-tag: 259847204755000106106179833062003293014,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="675b2d27b97cbbc4fd8372fffa41ff67.webp"
strict-transport-security: max-age=15552000
content-length: 14656
x-xss-protection: 1; mode=block
cld_by: cache-wdc5551-WDC
x-served-by: cache-wdc5551-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 18:41:15 GMT
x-request-id: a761e0171e662a71c9bdfc2ac07bf6b5
x-timer: S1634307234.644601,VS0,VE1
etag: "b5121f34c56dba433d29aa57b7025dfc"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: a761e0171e662a71c9bdfc2ac07bf6b5
x-cache-hits: 1

GET
H2 200 e774722716c313c3a6ecceddeffa32cb.cf.webp
s.yimg.com/uu/api/res/1.2/hbalngzIeGZeZKUMwWDEWQ--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/XMPG3mfFwAkCAmx_DnReBQ--~B/aD02NDA7dz0xMjgwO2FwcGlkPXl0YWNoeW... 14 KB
15 KB 67ms
63ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/hbalngzIeGZeZKUMwWDEWQ--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/XMPG3mfFwAkCAmx_DnReBQ--~B/aD02NDA7dz0xMjgwO2FwcGlkPXl0YWNoeW9u/https://media.zenfs.com/en/Barrons.com/e774722716c313c3a6ecceddeffa32cb.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a6e7a35c39ccb539b54ebdf880be41d4849c78542d41f6e4f90f57559709fdd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:44:28 GMT
x-content-type-options: nosniff
age: 278
edge-cache-tag: 378480698286580135357974286998441816112,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
content-disposition: inline; filename="e774722716c313c3a6ecceddeffa32cb.webp"
strict-transport-security: max-age=15552000
content-length: 14660
x-xss-protection: 1; mode=block
x-request-id: e6fc4f104300a8d5ddbe30810283be70
x-served-by: cache-wdc5522-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 09:40:05 GMT
server: ATS
x-timer: S1634316268.452389,VS0,VE1
etag: "b98351e31cd9081f4e7162250d72cd73"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 8a94c75c79fb8a00001ba6d586f02a8b.cf.webp
s.yimg.com/uu/api/res/1.2/zu9P8ShpGfiF_W6YCP0N3w--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/Ogw7v_GdOtd3oTHtvCeYag--~B/aD03MjA7dz0xMjgwO2FwcGlkPXl0YWNoeW... 24 KB
24 KB 38ms
35ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/zu9P8ShpGfiF_W6YCP0N3w--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/Ogw7v_GdOtd3oTHtvCeYag--~B/aD03MjA7dz0xMjgwO2FwcGlkPXl0YWNoeW9u/https://media.zenfs.com/en/csnbayarea.com/8a94c75c79fb8a00001ba6d586f02a8b.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

2d13440e744b9b95b94c10ea2c3eab110559ca7c1df059c988a6890b4947955a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
age: 11759
cld_latency: 1
edge-cache-tag: 298489099242039850396401437049945741495,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
content-disposition: inline; filename="8a94c75c79fb8a00001ba6d586f02a8b.webp"
cld_by: cache-wdc5526-WDC
x-served-by: cache-wdc5526-WDC
referrer-policy: no-referrer-when-downgrade
x-timer: S1634304787.077185,VS0,VE1
etag: "b3094f39817390c711e4adb0003cbc44"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 15 Oct 2021 13:33:07 GMT
x-content-type-options: nosniff
x-cache: HIT
cld_hits: 1
content-length: 24322
x-xss-protection: 1; mode=block
x-request-id: a1d55ff192f57cb3fb7c0e831bc9036b
last-modified: Fri, 15 Oct 2021 02:57:45 GMT
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
cld_id: a1d55ff192f57cb3fb7c0e831bc9036b

GET
H2 200 ccbb282fe535a792b5ebc2b77391172b.jpeg.cf.webp
s.yimg.com/uu/api/res/1.2/XkPWtD8TyMC4xHhLmaJ8wQ--~B/Zmk9c3RyaW07aD0yNjg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 8 KB
8 KB 186ms
182ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/XkPWtD8TyMC4xHhLmaJ8wQ--~B/Zmk9c3RyaW07aD0yNjg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ccbb282fe535a792b5ebc2b77391172b.jpeg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

c14a2c984a651c7b5ade7656ddb251876773cb6e2cff6fcc4a28e0eeb00c5159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 0
cld_latency: 1
edge-cache-tag: 241824918707769606430207161559713432856,177016539108799789402956418939896650222,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 7884
x-xss-protection: 1; mode=block
cld_by: cache-wdc5521-WDC
x-served-by: cache-wdc5521-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Sep 2021 16:00:23 GMT
server: ATS
x-timer: S1634316546.398039,VS0,VE1
etag: "084726110745e0cebead93d62c9db955"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="ccbb282fe535a792b5ebc2b77391172b.webp"
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 faadd830-2d0b-11ec-b3bf-cd1ffb798759.cf.webp
s.yimg.com/uu/api/res/1.2/wPFJS.EhovyTsvdcmpiuPA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/os/creatr-uploaded-images/2021-10/ 23 KB
23 KB 67ms
64ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/wPFJS.EhovyTsvdcmpiuPA--~B/Zmk9c3RyaW07aD0yODg7dz01MTQ7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/os/creatr-uploaded-images/2021-10/faadd830-2d0b-11ec-b3bf-cd1ffb798759.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b17f1121ade21148cd44865689c43cc26433b8a0110867b7482b765fcffd9b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:13:53 GMT
x-content-type-options: nosniff
age: 9313
cld_latency: 1
edge-cache-tag: 321452452476543173364933207372208620007,427027661387649762654591127891431497554,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="faadd830-2d0b-11ec-b3bf-cd1ffb798759.webp"
strict-transport-security: max-age=15552000
content-length: 23064
x-xss-protection: 1; mode=block
cld_by: cache-wdc5549-WDC
x-served-by: cache-wdc5549-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 16:34:54 GMT
x-request-id: 2b6de5be136ae2daf3c141ce0908f29e
x-timer: S1634307234.595135,VS0,VE1
etag: "35f71046cf189257692e6597365c9954"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 2b6de5be136ae2daf3c141ce0908f29e
x-cache-hits: 1

GET
H2 200 650e1b64d3b394489f2f0c03f5c92e04.cf.webp
s.yimg.com/uu/api/res/1.2/s64ToPzpO7CegltLA.A5Hw--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/pNQVP5SycXQ3Ak0hRDurPA--~B/aD0zMTQxO3c9NDcxMjthcHBpZD... 6 KB
6 KB 63ms
60ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/s64ToPzpO7CegltLA.A5Hw--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/pNQVP5SycXQ3Ak0hRDurPA--~B/aD0zMTQxO3c9NDcxMjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/ap.org/650e1b64d3b394489f2f0c03f5c92e04.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

c5bd73d5d6772356734f502422ee76d869608aa49a087160f16b186870ad278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:40:18 GMT
x-content-type-options: nosniff
age: 528
cld_latency: 1
edge-cache-tag: 313880667693311813986872751723186536050,423653781526276534538828669774215326924,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="650e1b64d3b394489f2f0c03f5c92e04.webp"
strict-transport-security: max-age=15552000
content-length: 5956
x-xss-protection: 1; mode=block
cld_by: cache-wdc5544-WDC
x-served-by: cache-wdc5544-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 04:18:17 GMT
x-request-id: 3cf3ceb8329c8d19cd0ee7fe9573925e
x-timer: S1634316019.642588,VS0,VE1
etag: "c399c9415d77e02b873be0fd2c465fd4"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 3cf3ceb8329c8d19cd0ee7fe9573925e
x-cache-hits: 1

GET
H2 200 e8ae6798f4ab0f741df580ddb332c7d1.cf.webp
s.yimg.com/uu/api/res/1.2/Z_t8doWh_ADAb9wXghKO0g--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/jKMlaBbL5MRxm2d7BHAPUQ--~B/aD01ODA7dz03NzQ7YXBwaWQ9eX... 5 KB
6 KB 66ms
63ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/Z_t8doWh_ADAb9wXghKO0g--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/jKMlaBbL5MRxm2d7BHAPUQ--~B/aD01ODA7dz03NzQ7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/en/business_insider_articles_888/e8ae6798f4ab0f741df580ddb332c7d1.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

bdf76b259edd4d7a8169cde16dace1fa85b483422c3cf2ce916c2da39252e1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:52:28 GMT
x-content-type-options: nosniff
age: 3398
cld_latency: 1
edge-cache-tag: 186599928258497496735206265157599541535,423653781526276534538828669774215326924,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="e8ae6798f4ab0f741df580ddb332c7d1.webp"
strict-transport-security: max-age=15552000
content-length: 5446
x-xss-protection: 1; mode=block
cld_by: cache-wdc5525-WDC
x-served-by: cache-wdc5525-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 11:17:02 GMT
x-request-id: fe31609d22ec084555c95ee1d2f08ee4
x-timer: S1634313149.658483,VS0,VE1
etag: "585511b9a3d9f096dc80b8edfdf64e0e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: fe31609d22ec084555c95ee1d2f08ee4
x-cache-hits: 1

GET
H2 200 2d81ef94400eebe7836c78eeff823cdc.cf.webp
s.yimg.com/uu/api/res/1.2/ZdG46td6mmhu5mCJg8x0AA--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/vJEghknPMa0WInfTPdWtXg--~B/aD00NTY7dz02MDg7YXBwaWQ9eX... 8 KB
8 KB 70ms
67ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/ZdG46td6mmhu5mCJg8x0AA--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/vJEghknPMa0WInfTPdWtXg--~B/aD00NTY7dz02MDg7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/en/us.abcnews.go.com/2d81ef94400eebe7836c78eeff823cdc.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

2cc2dae32205ad6128b2ab29a58d016ace1fc3eaf92f18b2ea35c588a0446de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:18:53 GMT
x-content-type-options: nosniff
age: 1813
cld_latency: 1
edge-cache-tag: 422107890991055558231761706335538554680,423653781526276534538828669774215326924,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="2d81ef94400eebe7836c78eeff823cdc.webp"
strict-transport-security: max-age=15552000
content-length: 8110
x-xss-protection: 1; mode=block
cld_by: cache-wdc5534-WDC
x-served-by: cache-wdc5534-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Oct 2021 22:03:21 GMT
x-request-id: 0f172a86c344980025d917229d8c8733
x-timer: S1634314734.884759,VS0,VE1
etag: "cfecfeabd7c30f12697da7181780136b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 0f172a86c344980025d917229d8c8733
x-cache-hits: 1

GET
H2 200 9224c8d807e743588e493f1383cd65ca.cf.webp
s.yimg.com/uu/api/res/1.2/LSR2hpctrhdDgKnpkI2e7A--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/mC9KAZIQb63S24dw1YjoxQ--~B/aD0yMDAwO3c9MzAwMDthcHBpZD... 9 KB
9 KB 52ms
48ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/LSR2hpctrhdDgKnpkI2e7A--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/mC9KAZIQb63S24dw1YjoxQ--~B/aD0yMDAwO3c9MzAwMDthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_new_york_times_articles_158/9224c8d807e743588e493f1383cd65ca.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

948788b9d19747db6f0979dc68c04036697678e7d6d46402b3b7ee04b82934da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
age: 1641
cld_latency: 1
edge-cache-tag: 387929838587781140431868672147087179252,423653781526276534538828669774215326924,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
content-disposition: inline; filename="9224c8d807e743588e493f1383cd65ca.webp"
cld_by: cache-wdc5574-WDC
x-served-by: cache-wdc5574-WDC
referrer-policy: no-referrer-when-downgrade
x-timer: S1634314905.117271,VS0,VE1
etag: "fd38ceaeff3bec6a7cd0c45b99a85aff"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 15 Oct 2021 16:21:45 GMT
x-content-type-options: nosniff
x-cache: HIT
cld_hits: 1
content-length: 9230
x-xss-protection: 1; mode=block
x-request-id: 7323d873a9fbc5534090f8c25b8e2572
last-modified: Thu, 14 Oct 2021 18:26:31 GMT
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
cld_id: 7323d873a9fbc5534090f8c25b8e2572

GET
H2 200 db1dd1baa342fc82d8204a0e808647c2.cf.webp
s.yimg.com/uu/api/res/1.2/mW5CKEZ3CFfD9zcfitI1sA--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/3eHpI439uzhMIEN4mcyFMA--~B/aD0zODM0O3c9NTExMzthcHBpZD... 7 KB
7 KB 68ms
65ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/mW5CKEZ3CFfD9zcfitI1sA--~B/Zmk9c3RyaW07aD0yMjQ7cT04MDt3PTIyNDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/3eHpI439uzhMIEN4mcyFMA--~B/aD0zODM0O3c9NTExMzthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/insider_articles_922/db1dd1baa342fc82d8204a0e808647c2.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d0724f889c823cbc697d50fbaa2c31ab5cfcc56d9ba12ba7e557c7d6cc0c951d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:09:30 GMT
x-content-type-options: nosniff
age: 2376
cld_latency: 1
edge-cache-tag: 355912708595390042117406860326562623593,423653781526276534538828669774215326924,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="db1dd1baa342fc82d8204a0e808647c2.webp"
strict-transport-security: max-age=15552000
content-length: 6856
x-xss-protection: 1; mode=block
cld_by: cache-wdc5563-WDC
x-served-by: cache-wdc5563-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 03:57:04 GMT
x-request-id: 22cbc50c47b756d4319f2be12cbd53ef
x-timer: S1634314171.819790,VS0,VE1
etag: "da8edb49a3574ea49be21d7ad002a341"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 22cbc50c47b756d4319f2be12cbd53ef
x-cache-hits: 1

GET
H2 200 c81c4da0d6d5af2ab969a459fb6b6e9c.cf.webp
s.yimg.com/uu/api/res/1.2/DoEHiQgjIlrEtfOYtFwImQ--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/SjACqjULz1NrVp9k.YYkzQ--~B/aD0yMDAwO3c9MzAwMDthcHBpZD... 41 KB
42 KB 38ms
35ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/DoEHiQgjIlrEtfOYtFwImQ--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/SjACqjULz1NrVp9k.YYkzQ--~B/aD0yMDAwO3c9MzAwMDthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/ap.org/c81c4da0d6d5af2ab969a459fb6b6e9c.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7cd39ec8268df0f495e9561763a90dedfcc8a356aeb55c8908cfd9f8f3a1a458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:13:53 GMT
x-content-type-options: nosniff
age: 9313
cld_latency: 1
edge-cache-tag: 310356864458028503355400431618194345130,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 42368
x-xss-protection: 1; mode=block
cld_by: cache-wdc5563-WDC
x-served-by: cache-wdc5563-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 18:10:51 GMT
server: ATS
x-timer: S1634307234.647764,VS0,VE1
etag: "b3597f28de4f9b5fee75bcb84e011845"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="c81c4da0d6d5af2ab969a459fb6b6e9c.webp"
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 90759c646a5cffe4abef5e05d732f64b.jpeg.cf.webp
s.yimg.com/uu/api/res/1.2/OKVNiST3gdwkESKrma3gOA--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 85 KB
85 KB 66ms
62ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/OKVNiST3gdwkESKrma3gOA--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/90759c646a5cffe4abef5e05d732f64b.jpeg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

730527f38c473d08ead9f86baca79526f5068b41d8e267ac77336574a6f0ddc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 11:19:01 GMT
x-content-type-options: nosniff
age: 624606
cld_latency: 134
edge-cache-tag: 201304892182212823819079675652805109091,340757863136058941574728499282548651211,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
cld_hits: 0
x-cache: MISS
strict-transport-security: max-age=15552000
content-length: 86996
x-xss-protection: 1; mode=block
cld_by: cache-wdc5561-WDC
x-served-by: cache-wdc5561-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Oct 2021 06:21:02 GMT
server: ATS
x-timer: S1633691941.052472,VS0,VE134
etag: "2eb374dbd899d39768fe11bfca965ffc"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="90759c646a5cffe4abef5e05d732f64b.webp"
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 4fe6c4c4b02baa74bbf51eb010d1ea1d.cf.webp
s.yimg.com/uu/api/res/1.2/8aMkiSYDmLNdtGjPH755qw--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/yod1ZIRdKyFEx2MvC8SiDQ--~B/aD0yNTAwO3c9MTg3NTthcHBpZD... 65 KB
66 KB 90ms
87ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/8aMkiSYDmLNdtGjPH755qw--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/yod1ZIRdKyFEx2MvC8SiDQ--~B/aD0yNTAwO3c9MTg3NTthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/nbc_news_122/4fe6c4c4b02baa74bbf51eb010d1ea1d.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

2fd6a4a94b6b45c553fc4a0a162c5d8454f7229a5a80f6d575499239e8f197b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:34:02 GMT
x-content-type-options: nosniff
age: 904
cld_latency: 1
edge-cache-tag: 214086952824765924406895422222734752568,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="4fe6c4c4b02baa74bbf51eb010d1ea1d.webp"
strict-transport-security: max-age=15552000
content-length: 67046
x-xss-protection: 1; mode=block
cld_by: cache-wdc5530-WDC
x-served-by: cache-wdc5530-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 12:07:16 GMT
x-request-id: a54e0595d92aedba15467b13a2c94be8
x-timer: S1634315643.923894,VS0,VE1
etag: "aa0dabafc2c12e2117f1199351404364"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: a54e0595d92aedba15467b13a2c94be8
x-cache-hits: 1

GET
H2 200 5a30cd8503395300d384fea20cc9a5e2.cf.webp
s.yimg.com/uu/api/res/1.2/7TPSvaAqt09jsOq1.CgG1w--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/.WWAF1ljD_TbJAtX5iT90w--~B/aD0zNjI5O3c9NDgzOTthcHBpZD... 38 KB
38 KB 63ms
59ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/7TPSvaAqt09jsOq1.CgG1w--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/.WWAF1ljD_TbJAtX5iT90w--~B/aD0zNjI5O3c9NDgzOTthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/business_insider_articles_888/5a30cd8503395300d384fea20cc9a5e2.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

99c4c1d7732467fbe4c302fc7fe430a448684d1506a499e79feaad29dd5f65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 12:25:49 GMT
x-content-type-options: nosniff
age: 15800
cld_latency: 1
edge-cache-tag: 290960077203185233032043797396262222516,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="5a30cd8503395300d384fea20cc9a5e2.webp"
strict-transport-security: max-age=15552000
content-length: 38550
x-xss-protection: 1; mode=block
cld_by: cache-wdc5557-WDC
x-served-by: cache-wdc5557-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 12:25:11 GMT
x-request-id: 38ef55815ea546d7391ba4173459043c
x-timer: S1634300749.047400,VS0,VE1
etag: "04dd3be0e2745fe4d9f03b2f9e52fb32"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 38ef55815ea546d7391ba4173459043c
x-cache-hits: 1

GET
H2 200 5e6f8bd06ee86734ad7b99b687c7c538.cf.webp
s.yimg.com/uu/api/res/1.2/TUB352P9OcXjnV_YzypsJA--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/cUlj7J2mjiy3CXIQVCR4Rg--~B/aD0xNjY3O3c9MjUwMDthcHBpZD... 46 KB
47 KB 67ms
64ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/TUB352P9OcXjnV_YzypsJA--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/uu/api/res/1.2/cUlj7J2mjiy3CXIQVCR4Rg--~B/aD0xNjY3O3c9MjUwMDthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/nbc_news_122/5e6f8bd06ee86734ad7b99b687c7c538.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

34d4ebfe194e09dab342e983b63bbe06d8fc7132242c0ca2dc1a4d8dcdb536a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:40:38 GMT
x-content-type-options: nosniff
age: 94108
cld_latency: 1
edge-cache-tag: 331667013013303004784217126822143039994,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="5e6f8bd06ee86734ad7b99b687c7c538.webp"
strict-transport-security: max-age=15552000
content-length: 47612
x-xss-protection: 1; mode=block
cld_by: cache-wdc5583-WDC
x-served-by: cache-wdc5583-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 11:01:56 GMT
x-request-id: 4c97584b1522fdce8c5178d00af3f13a
x-timer: S1634222439.629492,VS0,VE1
etag: "b9ee4b4e803c523f694029f847fe1017"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 4c97584b1522fdce8c5178d00af3f13a
x-cache-hits: 1

GET
H2 200 d023d0e0dd63384e94950953e4be9835.jpeg.cf.webp
s.yimg.com/uu/api/res/1.2/x1WypVR_YGRxo_tkjBVc_w--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 33 KB
33 KB 184ms
181ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/x1WypVR_YGRxo_tkjBVc_w--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/d023d0e0dd63384e94950953e4be9835.jpeg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3f46034ce8b797aa96c0af5796f1e06c80c49c7e0e0188d46c72b21afb6cdf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 0
cld_latency: 1
edge-cache-tag: 472823342018876524443947507593691557267,340757863136058941574728499282548651211,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="d023d0e0dd63384e94950953e4be9835.webp"
strict-transport-security: max-age=15552000
content-length: 33492
x-xss-protection: 1; mode=block
cld_by: cache-wdc5554-WDC
x-served-by: cache-wdc5554-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Oct 2021 17:38:11 GMT
x-request-id: b2272e18fa24ceb0554e6111ea1bdde5
x-timer: S1634316546.396875,VS0,VE1
etag: "bf45773ddf9d226e33094dd0db2b1b7b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: b2272e18fa24ceb0554e6111ea1bdde5
x-cache-hits: 1

GET
H2 200 6168680388b0ef282fb68957_o_U_v2.jpg.cf.webp
s.yimg.com/uu/api/res/1.2/Btx7oKc9A4YRIRV0H7oTBg--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/14/6168680388b0ef282fb68956/ 27 KB
28 KB 80ms
78ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/Btx7oKc9A4YRIRV0H7oTBg--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/14/6168680388b0ef282fb68956/6168680388b0ef282fb68957_o_U_v2.jpg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

56bf9104ecbe403eeba39c44137be1aa594c3f29d9d7115e945dc5d3071f8d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:34:02 GMT
x-content-type-options: nosniff
age: 905
cld_latency: 1
edge-cache-tag: 212909264661288077626733051624051051419,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="6168680388b0ef282fb68957_o_U_v2.webp"
strict-transport-security: max-age=15552000
content-length: 28134
x-xss-protection: 1; mode=block
cld_by: cache-wdc5550-WDC
x-served-by: cache-wdc5550-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 17:30:25 GMT
x-request-id: 7c4033eb464279f13aa7117c8817e91b
x-timer: S1634315643.981563,VS0,VE1
etag: "a3972cc5633667c83c45da004c607ca1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 7c4033eb464279f13aa7117c8817e91b
x-cache-hits: 1

GET
H2 200 6168508183e50c0001676c4a_1920x1080_FES_v1.jpg.cf.webp
s.yimg.com/uu/api/res/1.2/NPLSkX6dESyzXPNwFtiC5Q--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/14/6168507cb97da62765965e0e/ 88 KB
89 KB 64ms
63ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/NPLSkX6dESyzXPNwFtiC5Q--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/14/6168507cb97da62765965e0e/6168508183e50c0001676c4a_1920x1080_FES_v1.jpg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

6f17ff1b8820792a933bf3d770cfa2eb7d00d0399b3015450c6e96f0ecdd5cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:48:25 GMT
x-content-type-options: nosniff
age: 41
cld_latency: 1
edge-cache-tag: 180695916654791150420556677871405260261,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="6168508183e50c0001676c4a_1920x1080_FES_v1.webp"
strict-transport-security: max-age=15552000
content-length: 90310
x-xss-protection: 1; mode=block
cld_by: cache-wdc5569-WDC
x-served-by: cache-wdc5569-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 16:09:13 GMT
x-request-id: 33b000d1926396077dedef037da58f76
x-timer: S1634316505.434728,VS0,VE1
etag: "990f132c1e5126933bd7441932b37d22"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 33b000d1926396077dedef037da58f76
x-cache-hits: 1

GET
H2 200 f13d5bb0cd20ca99f4b11f76567d7609.cf.webp
s.yimg.com/uu/api/res/1.2/Tg0kYtaSAF_OSZhIzEv2ow--~B/Zmk9c3RyaW07aD0zMTI7cT05NTt3PTYwMDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/ZUohvz4f.CrEbQTqJXhk8Q--~B/aD03ODg7dz0xMTU0O2FwcGlkPX... 13 KB
13 KB 61ms
60ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/Tg0kYtaSAF_OSZhIzEv2ow--~B/Zmk9c3RyaW07aD0zMTI7cT05NTt3PTYwMDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/uu/api/res/1.2/ZUohvz4f.CrEbQTqJXhk8Q--~B/aD03ODg7dz0xMTU0O2FwcGlkPXl0YWNoeW9u/https://media.zenfs.com/en/axios_articles_623/f13d5bb0cd20ca99f4b11f76567d7609.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

09cf36ae915a7a09889382f6ab6d2f1a97a2f9b65a918e26fe388224bcf6fc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:57:08 GMT
x-content-type-options: nosniff
age: 21121
cld_latency: 1
edge-cache-tag: 513551232496696829589630200365497889590,177447959753956795602956776707697520172,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="f13d5bb0cd20ca99f4b11f76567d7609.webp"
strict-transport-security: max-age=15552000
content-length: 12808
x-xss-protection: 1; mode=block
cld_by: cache-wdc5573-WDC
x-served-by: cache-wdc5573-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Oct 2021 11:47:11 GMT
x-request-id: d68718e64d75292213c1dbca00e71268
x-timer: S1634295429.976761,VS0,VE1
etag: "14b081b38a17373d84025a3703bcc84e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: d68718e64d75292213c1dbca00e71268
x-cache-hits: 1

GET
H2 200 7d83a39e03db531a69218ec3833bf7be.jpeg.cf.webp
s.yimg.com/uu/api/res/1.2/yY.3364WRS5xFavYuEK8HQ--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 86 KB
87 KB 63ms
62ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/yY.3364WRS5xFavYuEK8HQ--~B/aD02Mjc7dz0xMjAwO2FwcGlkPXl0YWNoeW9u/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/7d83a39e03db531a69218ec3833bf7be.jpeg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

11eabdc062f6d1574a2ae41620fc9a6bc2244cd199709a3f85dafe639f3e1be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:15:20 GMT
x-content-type-options: nosniff
age: 92026
cld_latency: 1
edge-cache-tag: 279953485320282110514187182154243881184,340757863136058941574728499282548651211,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
status: 200 OK
server: ATS
cld_hits: 1
content-disposition: inline; filename="7d83a39e03db531a69218ec3833bf7be.webp"
strict-transport-security: max-age=15552000
content-length: 88568
x-xss-protection: 1; mode=block
cld_by: cache-wdc5542-WDC
x-served-by: cache-wdc5542-WDC
x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 12:04:33 GMT
x-request-id: 86bc8b58d39ac613019c29b23cf4e580
x-timer: S1634224520.316365,VS0,VE1
etag: "a960b20f0da0794269d673fb0f1651c5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: 86bc8b58d39ac613019c29b23cf4e580
x-cache-hits: 1

GET
H2 200 __rapid-worker-1.2.js
news.yahoo.com/ 15 KB
7 KB 42ms
41ms Other
application/javascript 87.248.100.208
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/__rapid-worker-1.2.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.208 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-ui71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /__rapid-worker-1.2.js
pragma: no-cache
cookie: B=4sa9an1gmjc80&b=3&s=ln; A1=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A1S=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR; GUC=AQEBBAFhawJiSEIepgRL; GUCS=AX_C-M9Z; cmp=t=1634316546&j=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: news.yahoo.com
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 15 Oct 2021 04:38:19 GMT
content-encoding: gzip
x-amz-meta-created-date: Wed, 15 Oct 2014 18:48:37 GMT
age: 43848
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1413398917170161
vary: Origin, Accept-Encoding
x-amz-request-id: F5VE91GMBQMTR36K
x-amz-id-2: /T6oGvNFnMtyHMIE1e6xVqG1iE3zjupeyle+V18VNM7Xsh9ABShB5nL4SpRZDXSb5t71kpC119M=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Mar 2018 20:46:57 GMT
server: ATS
etag: "e2202e6ed6ef52cec2c4a875c99225ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
x-amz-version-id: null
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=&partner=;
content-length: 6868
content-type: application/javascript
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:e64293ae-a913-4bb2-8dd1-87431f3be4230005057a946243f1"
x-content-type-options: nosniff
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 jac.js Show response
openweb.jac.yahoosandbox.com/0.8.1/ 145 KB
37 KB 911ms
4ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/0.8.1/jac.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/nel/js/spotIm.custom.SpotImJAC.a936b9b2d51983207ead921012855b99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d4d40eb03699fff7994b78a8f471bbfbd48362ec2dfd209faf9b4e2206b03adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34356
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 37736
x-amz-id-2: I0MTjX47P03FUz3Rgalrz/nPtD9a6g5ZDkpvJUr8DG8MJE+ruAGLytg+KVTW0ifO+nJqUqaoS4k=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Sep 2021 15:32:38 GMT
server: ATS
etag: "84af28754874f03a996c3072b50f233b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5C1XAD50RTDQ4TVQ
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 __rapid-worker-1.2.js
news.yahoo.com/ 15 KB
7 KB 40ms
39ms Other
application/javascript 87.248.100.208
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/__rapid-worker-1.2.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.208 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-ui71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /__rapid-worker-1.2.js
pragma: no-cache
cookie: B=4sa9an1gmjc80&b=3&s=ln; A1=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A1S=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR; GUC=AQEBBAFhawJiSEIepgRL; GUCS=AX_C-M9Z; cmp=t=1634316546&j=0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: news.yahoo.com
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 15 Oct 2021 04:38:19 GMT
content-encoding: gzip
x-amz-meta-created-date: Wed, 15 Oct 2014 18:48:37 GMT
age: 43848
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1413398917170161
vary: Origin, Accept-Encoding
x-amz-request-id: F5VE91GMBQMTR36K
x-amz-id-2: /T6oGvNFnMtyHMIE1e6xVqG1iE3zjupeyle+V18VNM7Xsh9ABShB5nL4SpRZDXSb5t71kpC119M=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Mar 2018 20:46:57 GMT
server: ATS
etag: "e2202e6ed6ef52cec2c4a875c99225ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
x-amz-version-id: null
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=&partner=;
content-length: 6868
content-type: application/javascript
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:e64293ae-a913-4bb2-8dd1-87431f3be4230005057a946243f1"
x-content-type-options: nosniff
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 2e9d4ae24109ea6ade8726970895d15b
s.yimg.com/ny/api/res/1.2/Mndr8Vk2qxCZey1dIrADOQ--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTM5MDtjZj13ZWJw/https://s.yimg.com/uu/api/res/1.2/vC1QQDFrN5LNjDsg4mNeyQ--~B/aD00MjU7dz03Njg7YXBwaWQ9eXRhY2h5b24-... 28 KB
28 KB 288ms
288ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/Mndr8Vk2qxCZey1dIrADOQ--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTM5MDtjZj13ZWJw/https://s.yimg.com/uu/api/res/1.2/vC1QQDFrN5LNjDsg4mNeyQ--~B/aD00MjU7dz03Njg7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/en/afp.com/2e9d4ae24109ea6ade8726970895d15b

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/c/8_699b9a5032.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

9c60bf8c4d12f5cf79309f348d47c5c9c2b711ab298a2941c20580f404ee3b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 0
cld_latency: 119
edge-cache-tag: 385863989245870458513992914988186315276,347942470213253961774249943608922533322,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
cld_hits: 0
x-cache: MISS
strict-transport-security: max-age=15552000
content-length: 28638
x-xss-protection: 1; mode=block
cld_by: cache-wdc5537-WDC
x-served-by: cache-wdc5537-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Jun 2021 11:54:43 GMT
server: ATS
x-timer: S1634316546.411048,VS0,VE119
etag: "fce4d605c45b50bc742419f7e8aaf050"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="2e9d4ae24109ea6ade8726970895d15b.webp"
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 204 i.gif
v-alc123ok7b.wc.yahoodns.net/ 0
212 B 181ms
19ms Image
text/plain 87.248.116.89
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v-alc123ok7b.wc.yahoodns.net/i.gif

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.116.89 Amsterdam, Netherlands, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e2.ycpi.amb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 i.gif
v-b7q53rgpeu.wc.yahoodns.net/ 0
212 B 507ms
160ms Image
text/plain 69.147.80.124
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v-b7q53rgpeu.wc.yahoodns.net/i.gif

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.147.80.124 Seattle, United States, ASN10310 (YAHOO-1, US),

Reverse DNS

e2.ycpi.swb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET pixel.gif
v-ctidp1m3w1.wc.yahoodns.net/ 0
0

GET
H2 200 pixel.gif
dns-grfgdli8x.sombrero.yahoo.net/ 42 B
281 B 1145ms
8ms Image
image/gif 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dns-grfgdli8x.sombrero.yahoo.net/pixel.gif

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:22:16 GMT
x-content-type-options: nosniff
age: 66413
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: JHw4YfjqhEigL7JCXTC9DMwFKO+bXgPpcSNOwfh2F8olp7gyvvANM9Uzdx+7fX/w8Ur6IIqLgNM=
timing-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2019 22:49:30 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 7ASX96SYQ2XAQVJV
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
d1vl8wytztdz.cloudfront.net/ 42 B
404 B 176ms
18ms Image
image/gif 18.66.242.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vl8wytztdz.cloudfront.net/pixel.gif?rand=e0ftqkovn
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 15 Oct 2021 03:54:24 GMT
via: 1.1 d2f47ea7c79de35229ffbfc6942082c1.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2019 22:49:30 GMT
server: AmazonS3
age: 46483
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
timing-allow-origin: *
content-length: 42
x-amz-cf-id: qsU7dHivWXszH9SO2EVt00YAYP__23CYib-IrKAXKXnmmzzWufUEkQ==

GET
H2 200 pixel.gif
cerebro.edna.yahoo.net/noquery/ 42 B
542 B 170ms
12ms Image
image/gif 87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cerebro.edna.yahoo.net/noquery/pixel.gif?rand=sjk4svvb3

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:05:16 GMT
x-content-type-options: nosniff
age: 24231
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: JRVjrYgjslBGviEoHWKeCm+9dBjA/gmWC0rrpVCTg4mBQmzzfUIq94uw0rm7S1b3rmEJYBbyEww=
timing-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2019 22:55:47 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 909H4WBQBNMKNN4Q
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK pixel.gif
yahoovod.hs.llnwd.net/ 43 B
545 B 402ms
247ms Image
image/gif 178.79.242.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yahoovod.hs.llnwd.net/pixel.gif?rand=eoutxytd1
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-0.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a1.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Jun 2020 22:18:02 GMT
Server: AmazonS3
Age: 255127
x-amz-server-side-encryption: AES256
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
timing-allow-origin: *
X-LLID: de326c597a8d04410dd87f8bdac04dc3
Content-Length: 43
X-Amz-Cf-Id: wznqqSUHDRcnnyCbk9Dimhb-WD6cpBAt3djEUd2PE58mwE7HIv2BIw==

GET
H/1.1 400
Bad Request pixel.gif
vop-yahoo.secure.footprint.net/ 0
0 219ms
61ms Image
text/html 67.27.159.129
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vop-yahoo.secure.footprint.net/pixel.gif?rand=3wjta6kz4
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.129 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel2.gif
edgecast-vod.yahoo.net/ 43 B
600 B 167ms
15ms Image
image/gif 152.195.132.116
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edgecast-vod.yahoo.net/pixel2.gif?rand=gx8yncnhe
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.116 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5C) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Age: 387843
x-amz-server-side-encryption: AES256
X-Cache: HIT
X-Edge-Origin-Shield-Skipped: 0
Content-Length: 43
Last-Modified: Wed, 24 Jun 2020 22:18:31 GMT
Server: ECAcc (frc/8F5C)
Etag: "b4491705564909da7f9eaf749dbbfbb1"
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: E2Dj_31tH2xRzaFPUL8dALD3kPXlNNqGZYOSu5wnsM8GOUE6ZgNtaw==

GET
H/1.1 200
OK pixel.gif
vop-yahoo.akamaized.net/ 43 B
1 KB 46ms
8ms Image
image/gif 92.123.194.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vop-yahoo.akamaized.net/pixel.gif?rand=segyafbz8

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

92.123.194.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a92-123-194-140.deploy.static.akamaitechnologies.com

Software

ATS /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
x-amz-request-id: 2C654597FB425ED0
x-amz-server-side-encryption: AES256
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 43
x-amz-id-2: Y4dBlIo6aZR2dmgi8LtV6Cg4w+HhHNDjQ+nuBVXhJj/owpUzrdCxkLU+1zuJT/wwcKnXjyu98bo=
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Jan 2019 18:47:38 GMT
Server: ATS
X-Frame-Options: DENY
Date: Fri, 15 Oct 2021 16:49:06 GMT
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=22883355
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Access-Control-Expose-Headers: Server,range,hdntl,hdnts

POST
H2 200 p
geo.yahoo.com/ 43 B
73 B 1307ms
40ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=mjEl6Y8oZUYOrHnr,0.43609756212017325&_I=&_AO=0&_NOL=0&_R=&_P=3.53.28%05_a1s%03d%3DAQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4%26S%3DAQAAAvQJxgfXYnAUSZRjEgfS10M%26j%3DGDPR%04_guc%03AQEBBAFhawJiSEIepgRL%04_pl%031%04A_v%033.53.28%04A_cn%03VERSIONED-PROD%04test%03a2-plutus-rr-4%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03kHUgKWqYPSueSRRP%04_w%03news.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575%04_rid%036dlabf9gmjc81%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03W.G.%20Dunlop%04pct%03story%04pd%03non_modal%04pstaid%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstaid_p%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstcat%03news%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1299%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031634316546%04_ms%03341%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43

POST
H2 200 p
geo.yahoo.com/ 43 B
307 B 1289ms
39ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=A9PrxP6mbwPVJQYX,0.9374525453802709&_I=&_AO=0&_NOL=0&_R=&_P=3.53.28%05_a1s%03d%3DAQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4%26S%3DAQAAAvQJxgfXYnAUSZRjEgfS10M%26j%3DGDPR%04_guc%03AQEBBAFhawJiSEIepgRL%04_pl%031%04A_v%033.53.28%04A_cn%03VERSIONED-PROD%04test%03a2-plutus-rr-4%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03kHUgKWqYPSueSRRP%04_w%03news.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575%04_rid%036dlabf9gmjc81%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03W.G.%20Dunlop%04pct%03story%04pd%03non_modal%04pstaid%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstaid_p%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstcat%03news%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A1023%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031634316546%04_ms%03376%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43

GET
H2 200 r-csc.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame D190 2 KB
1 KB 23ms
22ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-csc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: 7RH1nV/cyFjAUojW8mWHoEWBhG0hlaU5+bKQjVZM9krVfNsj9Iy10KjKrKWQLkKjMx2g0leWoRI=
x-amz-request-id: FJE3MJ00FMBVKDZ6
date: Fri, 15 Oct 2021 00:35:38 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "1ff9b6e511ccd76562520a75bae161d2-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 58409
ats-carp-promotion: 1
content-encoding: gzip
content-length: 1160
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame 5316 2 KB
977 B 23ms
23ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-sf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: TRSoRB/hRLcpUg8/UG2sVPHdRuzatIHo7Z8DQVhc2n761DVuR2J/Z6EB/AzzuTV/CalkD5+aabU=
x-amz-request-id: TA5GZQP2FQSC5FVP
date: Fri, 08 Oct 2021 13:33:32 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 616536
ats-carp-promotion: 1
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame 4287 2 KB
816 B 23ms
22ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-sf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: TRSoRB/hRLcpUg8/UG2sVPHdRuzatIHo7Z8DQVhc2n761DVuR2J/Z6EB/AzzuTV/CalkD5+aabU=
x-amz-request-id: TA5GZQP2FQSC5FVP
date: Fri, 08 Oct 2021 13:33:32 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 616536
ats-carp-promotion: 1
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830390%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=23918;adcid=0;itime=316545296;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640920;imprefseq=110908219198551...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 294ms
100ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830390%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=23918;adcid=0;itime=316545296;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640920;imprefseq=110908219198551656;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=MAST;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403557;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=13405;adcid=1;itime=316545270;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640842;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 301ms
99ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=13405;adcid=1;itime=316545270;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640842;imprefseq=110908219198551644;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403553;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=15836;adcid=1;itime=316545276;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640861;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 307ms
105ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=15836;adcid=1;itime=316545276;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640861;imprefseq=110908219198551647;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC2;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403554;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C5205968%7C0%7C0%7CAdId=-3;BnId=0;ct=4180169517;st=5127;adcid=0;itime=316545245;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640783;imprefseq=11090821919855163...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 325ms
109ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C5205968%7C0%7C0%7CAdId=-3;BnId=0;ct=4180169517;st=5127;adcid=0;itime=316545245;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640783;imprefseq=110908219198551635;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=INARTICLE;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y963903257;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=29103;adcid=0;itime=316545313;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640970;imprefseq=110908219198551...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 294ms
97ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=29103;adcid=0;itime=316545313;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640970;imprefseq=110908219198551662;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=MON2;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y408863;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=8031;adcid=1;itime=316545252;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640809;imprefseq=11090821919855...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 320ms
101ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=8031;adcid=1;itime=316545252;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640809;imprefseq=110908219198551638;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LDRB;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403551;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=26446;adcid=0;itime=316545307;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640950;imprefseq=110908219198551...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 126ms
106ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=26446;adcid=0;itime=316545307;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640950;imprefseq=110908219198551659;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=MON;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403548;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 6169a0524d47022a90572b27_o_U_v2.jpg.cf.webp
s.yimg.com/uu/api/res/1.2/rAtGVtPCdWBe6k4FryFfLg--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/15/6169a0524d47022a90572b26/ 41 KB
41 KB 11ms
11ms Image
image/webp 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/rAtGVtPCdWBe6k4FryFfLg--~B/Zmk9c3RyaW07aD02MjQ7cT04MDt3PTEyMDA7YXBwaWQ9eXRhY2h5b24-/https://s.yimg.com/hd/cp-video-transcode/prod/2021-10/15/6169a0524d47022a90572b26/6169a0524d47022a90572b27_o_U_v2.jpg.cf.webp

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

082a196637555363507421f9fc9405ec8c39b8d70992fe77ad58bfbc38956aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:43:31 GMT
x-content-type-options: nosniff
age: 3936
cld_latency: 432
edge-cache-tag: 253229054356389231271044407489013364678,273874357974943579521290260823966010920,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
status: 200 OK
server: ATS
cld_hits: 0
content-disposition: inline; filename="6169a0524d47022a90572b27_o_U_v2.webp"
strict-transport-security: max-age=15552000
content-length: 41520
x-xss-protection: 1; mode=block
cld_by: cache-wdc5530-WDC
x-served-by: cache-wdc5530-WDC
x-cache: MISS
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Oct 2021 15:42:01 GMT
x-request-id: a9e7c5a52bc6ba0357f4d5fb2bc28457
x-timer: S1634312611.062331,VS0,VE432
etag: "d2e86b2f7cca826f7290da3ad861526b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cld_id: a9e7c5a52bc6ba0357f4d5fb2bc28457
x-cache-hits: 0

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
23 B 125ms
39ms XHR
text/plain 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1634316546472&yhlClientVer=3.53.28&yhlRnd=siwR697oUHGounEr&yhlCompressed=3

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:06 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000
expires: -1

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
443 B 115ms
39ms XHR
text/plain 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1634316546483&yhlClientVer=3.53.28&yhlRnd=kIAtz31HtGJzoChL&yhlCompressed=3

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:06 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000
expires: -1

POST
H2 200 p
geo.yahoo.com/ 43 B
73 B 1288ms
43ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=3FLoRcrfu6JUTlgE,0.21523364104555798&_I=&_AO=0&_NOL=0&_R=&_P=3.53.28%05_a1s%03d%3DAQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4%26S%3DAQAAAvQJxgfXYnAUSZRjEgfS10M%26j%3DGDPR%04_guc%03AQEBBAFhawJiSEIepgRL%04_pl%031%04A_v%033.53.28%04A_cn%03VERSIONED-PROD%04test%03a2-plutus-rr-4%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03kHUgKWqYPSueSRRP%04_w%03news.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575%04_rid%036dlabf9gmjc81%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03W.G.%20Dunlop%04pct%03story%04pd%03non_modal%04pstaid%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstaid_p%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstcat%03news%04pt%03content%04ver%03article%04ns_ready%031311%04dcl_ready%03-325%04_E%03saready%04_ts%031634316546%04_ms%03486%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:07 GMT
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ Frame 4287 63 KB
27 KB 8ms
8ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 16:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125434
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 27596
x-amz-id-2: DItVjYXNCeCj0xLfyB8ApWEKWe4EY98ZrOhZBK8WzO3Qj8+kj+8gRWWYa2tBEPHy2h8lbYOOhio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:25 GMT
server: ATS
etag: "cd79ab0317600462e032e470caf03687-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5RWDKME9RQ8MR2M4
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/tag/ Frame 5A07 9 KB
4 KB 43ms
14ms Document
text/html 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus-frame.html?id=4

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F91) /

Resource Hash

9401d45b15dac98d3adc3803a52be3bae9777cfc6f2e5565115bf2d0d02eefc2

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

:method: GET
:authority: opus.analytics.yahoo.com
:scheme: https
:path: /tag/opus-frame.html?id=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
accept-encoding: gzip, deflate, br
cookie: A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; cmp=t=1634316546&j=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html

Response headers

content-encoding: gzip
age: 184626
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Fri, 15 Oct 2021 16:49:06 GMT
etag: "b159463bfd2d3b755e89e683e21cd266+gzip"
last-modified: Wed, 18 Aug 2021 13:30:04 GMT
server: ECAcc (frc/8F91)
vary: Accept-Encoding
x-amz-id-2: tbXGwcux9pVpWBmBWq79Yj47PRnoiCLm1FfBB3Zr6bh1Ps0GcI4qA5zFjD9okFNLymVncsg6BrI=
x-amz-request-id: B7VY161NDWHH279E
x-cache: HIT
content-length: 3427

GET
H2 200 sp.js Show response
tag.idsync.analytics.yahoo.com/ Frame D190 1 KB
920 B 50ms
19ms Script
application/javascript 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 3d48b44f1a81248c7fa11ec634852c317f855f3505442e41d8bfced0f0db0e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
etag: "4bea0b4a9a14ce1a32b257d422a82530+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (frb/67F2)
age: 150
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-request-id: 5QWNN5J8E46G5M4K
content-length: 616
x-amz-id-2: ZkWzU1B5rK5GHEt82HPHzD5USjIP9fdf4fQBLKId2hEKIHInmOIO0bOFqphG1vf8zEnMtAnmcgw=

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ Frame 5316 63 KB
27 KB 8ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 16:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125434
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 27596
x-amz-id-2: DItVjYXNCeCj0xLfyB8ApWEKWe4EY98ZrOhZBK8WzO3Qj8+kj+8gRWWYa2tBEPHy2h8lbYOOhio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:25 GMT
server: ATS
etag: "cd79ab0317600462e032e470caf03687-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5RWDKME9RQ8MR2M4
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4287 80 KB
27 KB 62ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 72 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:06 GMT

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4287 19 B
668 B 46ms
11ms Script
application/javascript 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58294,55953,55936,58160,55938,55829,55859,58222,55986,57926&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame 4287 76 KB
77 KB 16ms
16ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:21:11 GMT
x-content-type-options: nosniff
age: 1676
x-amz-server-side-encryption: AES256
content-length: 78331
x-amz-id-2: 6kTMtgPaBHSc2yGxjMkyuKnro/w8ComDimHocMThiX54BbhIEOF4FzrPbnxEaz67tPvXETsslAg=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GDYHHBY8K2X9QSB2
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=26446;adcid=0;itime=316545307;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640950;imprefseq=110908219198551...
ter-adserver-origin-us.prod.adtechus.com/ Frame 4287 1 B
248 B 316ms
98ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=4180169517;st=26446;adcid=0;itime=316545307;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640950;imprefseq=110908219198551659;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=MON;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403548;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 4287 43 B
985 B 506ms
69ms Image
image/gif 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783173&grp=%3F%3F%3F&nl=1634316545804&rts=1634316545678&pix=1&et=1&a=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-8&m=aXAtMTAtMjItMTIzLTI0Mg..&b=MTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7O2ZjMGM5YzU1ZTI5NjQ3ZWY4MTdlNDM3ODU3NTRlZWIyOzI5NDYzODY4OzE2MzQzMTU0MDA7OzA7OzA7O3Bhc3NiYWNrLTExMDI0Ozs.&uid=y-Ckr2FztE2uoear3f9rQ_H5EKZpXb%7EA&tsrctype=2&xdi=Pz8_fD8_P3xOVCAxMC4wfDE3&xoi=MHxERVU.&hb=true&type=5&af=7&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=5

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 19:54:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/gif
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5316 80 KB
27 KB 74ms
47ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 808 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:06 GMT

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 5316 19 B
305 B 31ms
10ms Script
application/javascript 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame 5316 76 KB
77 KB 9ms
9ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:21:11 GMT
x-content-type-options: nosniff
age: 1676
x-amz-server-side-encryption: AES256
content-length: 78331
x-amz-id-2: 6kTMtgPaBHSc2yGxjMkyuKnro/w8ComDimHocMThiX54BbhIEOF4FzrPbnxEaz67tPvXETsslAg=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GDYHHBY8K2X9QSB2
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=8031;adcid=1;itime=316545252;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640809;imprefseq=11090821919855...
ter-adserver-origin-us.prod.adtechus.com/ Frame 5316 1 B
248 B 314ms
97ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=8031;adcid=1;itime=316545252;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640809;imprefseq=110908219198551638;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LDRB;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403551;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 5316 43 B
79 B 493ms
71ms Image
image/gif 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783199&grp=%3F%3F%3F&nl=1634316545820&rts=1634316545678&pix=1&et=1&a=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-1&m=aXAtMTAtMjItMTAyLTIwNw..&b=MTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7O2UyYzFlOTVmYWM3OTRmMjNiODhmODNkZTIyOTIxNjc3OzI5NDYzODY4OzE2MzQzMTE4MDA7OzA7OzA7O3Bhc3NiYWNrLTE4Mzs7&uid=y-Ckr2FztE2uoear3f9rQ_H5EKZpXb%7EA&tsrctype=2&xdi=Pz8_fD8_P3xOVCAxMC4wfDE3&xoi=MHxERVU.&hb=true&type=5&af=7&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=5

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 19:54:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/gif
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame 4B7A 8 KB
3 KB 8ms
7ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575
Requested by: Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

:method: GET
:authority: tag.idsync.analytics.yahoo.com
:scheme: https
:path: /sp-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
accept-encoding: gzip, deflate, br
cookie: A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; cmp=t=1634316546&j=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html

Response headers

content-encoding: gzip
age: 179
content-type: text/html
date: Fri, 15 Oct 2021 16:49:06 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (frb/669E)
vary: Accept-Encoding
x-amz-id-2: IdOE5yLmmVToTsbWxhpY57RI//rU5uTgJx4/h9Yu1QX7/LtxwUCLYtRP/DImGpNmg0fgYvRne3g=
x-amz-request-id: KMNG58E78FNMY2DW
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3220

GET
H2 200 px.gif
www.yahoo.com/ 42 B
922 B 122ms
44ms Image
image/gif 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yahoo.com/px.gif?ch=1&rn=0.4286542135479199

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-fp74.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=akbg6a1gmjc82&partner=; frame-ancestors 'self' https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com htts://.verizonmedia.com https://.publishing.oath.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 0
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-envoy-upstream-service-time: 2
content-length: 42
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Oct 2021 18:49:28 GMT
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=akbg6a1gmjc82&partner=; frame-ancestors 'self' https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com htts://*.verizonmedia.com https://*.publishing.oath.com
accept-ranges: bytes

GET
H2 200 px.gif
www.yahoo.com/ 42 B
454 B 48ms
45ms Image
image/gif 87.248.100.216
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yahoo.com/px.gif?ch=2&rn=0.4286542135479199

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-fp74.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=834usu1gmjc82&partner=; frame-ancestors 'self' https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com htts://.verizonmedia.com https://.publishing.oath.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 0
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-envoy-upstream-service-time: 2
content-length: 42
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Oct 2021 18:49:28 GMT
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=834usu1gmjc82&partner=; frame-ancestors 'self' https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com htts://*.verizonmedia.com https://*.publishing.oath.com
accept-ranges: bytes

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 3472 0
0 117ms
35ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AOL&orig=ono&redir=true
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 204
No Content log
ups.analytics.yahoo.com/ups/ Frame 5A07 0
597 B 31ms
12ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/log?pixelId55357=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://opus.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 18CD 0
0 114ms
36ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 18CD 0
0 137ms
59ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&orig=ono
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 vzn
cms.analytics.yahoo.com/ Frame 18CD 0
0 111ms
33ms Image
application/json 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/vzn?partner_id=VISPP&orig=ono
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 18CD 0
0 113ms
36ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&orig=ono
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 18CD 0
0 135ms
59ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AUDPR&orig=ono
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-csc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4287 361 KB
122 KB 24ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:06 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5316 361 KB
122 KB 21ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:06 GMT

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4B7A 38 B
427 B 24ms
22ms XHR
application/json 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=false&euconsent=undefined&us_privacy=1---&referrer=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: ATS/7.1.2.138
Age: 0
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://tag.idsync.analytics.yahoo.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4287 107 B
570 B 44ms
18ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4287 42 KB
10 KB 326ms
321ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2309131721578019&correlator=134066967934852&output=ldjh&impl=fif&eid=31063127&vrg=2021101201&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=108347105%2Cca-pub-5786243031610172-tag%2C7141153936%2Cynews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=ADPOSITION%3DMON%26SITEID%3D217738&eri=4&cdm=s.yimg.com&bc=31&abxe=1&dt=1634316546795&dlt=1634316546508&idt=250&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=600&oid=2&adxs=0&adys=0&adks=1106862865&ucis=ch976u3iysx8&ifi=1&ifk=4181615957&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&top=news.yahoo.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=1878788596.1634316547&ga_sid=1634316547&ga_hid=762324591&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

56ffc597e24041dae709ff16358d1e9b8a35eaac1cd7b6ef1c32a036f328e046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10568
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB25 6 KB
4 KB 116ms
25ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:06 GMT
expires: Sat, 15 Oct 2022 16:49:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5316 107 B
165 B 25ms
24ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5316 43 KB
11 KB 325ms
324ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4334395032868819&correlator=862188960301060&output=ldjh&impl=fif&eid=31063135%2C31062526&vrg=2021101201&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=108347105%2Cca-pub-5786243031610172-tag%2C7141153936%2Cynews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=ADPOSITION%3DLDRB%26SITEID%3D217738&eri=4&cdm=s.yimg.com&bc=31&abxe=1&dt=1634316546832&dlt=1634316546528&idt=286&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=728&ish=90&oid=2&adxs=0&adys=0&adks=2248714317&ucis=kp3yd8wnnbel&ifi=1&ifk=1991609740&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&top=news.yahoo.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=148667652.1634316547&ga_sid=1634316547&ga_hid=257986328&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ed95164f1024113b4729f309b0c0174c5a0f57af09a47403b0c574cf69cda4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAA9 6 KB
4 KB 83ms
17ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:06 GMT
expires: Sat, 15 Oct 2022 16:49:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
geo.yahoo.com/ 43 B
98 B 1258ms
40ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=FHjHgKwIrGTs9A1c,0.614169625174102&_I=&_AO=0&_NOL=0&_R=&_P=3.53.28%05_a1s%03d%3DAQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4%26S%3DAQAAAvQJxgfXYnAUSZRjEgfS10M%26j%3DGDPR%04_guc%03AQEBBAFhawJiSEIepgRL%04_pl%031%04A_v%033.53.28%04A_cn%03VERSIONED-PROD%04test%03a2-plutus-rr-4%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03kHUgKWqYPSueSRRP%04_w%03news.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575%04_rid%036dlabf9gmjc81%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03W.G.%20Dunlop%04pct%03story%04pd%03non_modal%04pstaid%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstaid_p%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstcat%03news%04pt%03content%04ver%03article%04A_pfb%031023%04A_pbp%03337%04A_psr%03956%04A_pdi%031605%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031634316546%04_ms%03861%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:07 GMT
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032110042008000/ Frame 4287 190 KB
54 KB 75ms
16ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

48e82050a95f855b0a1c2802ae7aaa7cecd5536fa44ffd8c851186ebad7b9275

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55628
x-xss-protection: 0
server: sffe
date: Tue, 12 Oct 2021 21:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5913024131cc1e21"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Oct 2022 21:07:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032110042008000/v0/ Frame 4287 13 KB
5 KB 78ms
22ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Tue, 12 Oct 2021 21:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Oct 2022 21:07:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032110042008000/v0/ Frame 4287 89 KB
28 KB 79ms
23ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Tue, 12 Oct 2021 21:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Oct 2022 21:07:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032110042008000/v0/ Frame 4287 4 KB
2 KB 78ms
22ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Tue, 12 Oct 2021 21:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Oct 2022 21:07:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032110042008000/v0/ Frame 4287 40 KB
13 KB 88ms
31ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Tue, 12 Oct 2021 21:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Oct 2022 21:07:52 GMT

GET
DATA 200
OK truncated
/ Frame 4287 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac3d6188b69ef4b6691a06dd129383a159c43c53a9b69bca616b638f9a3116b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16248975670828967603
tpc.googlesyndication.com/simgad/ Frame 4287 87 KB
88 KB 67ms
8ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16248975670828967603?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qngcEs5nn-NpYikjhUw2rTjQrJDMQ

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

6e3a62e7ec43b06ae53f9aec85a8a16141a4b8ab25294c0f0a79f434285358cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:34:23 GMT
x-content-type-options: nosniff
age: 530084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89532
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 11:19:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Oct 2022 13:34:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4287 2 KB
3 KB 77ms
18ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 12654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 16 Oct 2021 13:18:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4287 295 B
778 B 65ms
7ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 71606
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 15 Oct 2021 20:55:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4287 0
0 42ms
40ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Czb5bArFpYemUM4Kq7gPR9KegCvOws-Rlj5Xb5c8Ohr2diMYJEAEgiabvJ2C58L-A2AGgAfGD_ZUDyAEC4AIAqAMByAMIqgS9Ak_Q8sBbqBaQgfFWKlJu_18udgqZ-QJxG3PKYxO__L_FRWJQTOELrrmiXj_FoeAe-ryZwO3-CN2ibNPkOSdAR9O9K4Z5Td-3fxo00K_K-obVzGpLKu95P5FeFdhmAsN8dKWcbA9hwJdyqa9ZstBBV4uk1gC0vGqkh1u16938XTXxsNS2GAX41S6JNg_C2bUZB8NGeZX15e8Aohr7YeGxHF0oJ9FwEfAsL8aSrHBRJ9Vv3p74oYOpW2VO8wEhNOj59okTg8rPmLBGwsjc0CNcU4uKoCy1QMDyaxt9c4ShAi0Os-l84oxI2Drkv-H8TULDxESOCXC4ygxStgcugJ4-L3lhVPg0bCiTEHNWKfVKo0APX_u1YDCdvGACCU4A4lr66I1NvAQUL0ntLEKiAawC2-fWDV_SPbDdIYLcjtfTwAT6qfv84gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHhe25a6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQyPsD0ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01Nzg2MjQzMDMxNjEwMTcyGLHoGg&sigh=PJVF7DNZuiI&uach_m=[UACH]
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4287 11 KB
9 KB 77ms
20ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

20c347bcb7128716018c37207575e38b7b26210e497db448ecfad77a37cc4051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8556
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ Frame 5316 189 KB
55 KB 35ms
4ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 110725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 14 Oct 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Oct 2022 10:03:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 5316 13 KB
5 KB 60ms
32ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 340734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Mon, 11 Oct 2021 18:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 18:10:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 5316 89 KB
28 KB 61ms
32ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 448778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Sun, 10 Oct 2021 12:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 10 Oct 2022 12:09:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 5316 4 KB
2 KB 59ms
31ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Wed, 13 Oct 2021 03:41:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 5316 40 KB
13 KB 58ms
30ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 529820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Sat, 09 Oct 2021 13:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Oct 2022 13:38:47 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5316 2 KB
3 KB 52ms
24ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 12654
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 16 Oct 2021 13:18:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5316 295 B
353 B 34ms
7ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 71606
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 15 Oct 2021 20:55:41 GMT

GET
DATA 200
OK truncated
/ Frame 5316 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3126554ebc79bf09d24911176f9e6e60f300b5d4c1ebd141720d456672252cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 882587834045070700
tpc.googlesyndication.com/simgad/ Frame 5316 19 KB
19 KB 51ms
25ms Image
image/png 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/882587834045070700?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm_s41GeYv1nbVPNCRmxth0fBC9fQ

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

8215710279ec36ffbb92ba7969ee704acdc185ff9999702eb9007213da1da553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:40:06 GMT
x-content-type-options: nosniff
age: 349741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19664
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:13:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Oct 2022 15:40:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5316 0
0 57ms
49ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIbugArFpYdnsNKjC7_UP_KWgwAb8osDOZda8mdfFDuiqtpWLAxABIImm7ydgufC_gNgBoAGs3-H9A8gBAqkCopNuFlJ6sz7gAgCoAwHIAwiqBNQCT9B-ZDCWVuKnf4ZAu1HteSU20JKqWCgGp5ZLGLu_yAsYRLRBJmNHLK8zE4IUj_A1kBsWPXlx_kbvHOnYHjQIkd9S_NscVi3b0Loh5aZRSNQ4q5aKDUU3OBSapglrRB69XWqN6OahhOEhzyDcY3MnZtPQu_6tLX-Hgt1nYUUjNVL6SJpGf8U-SS3UzZiHQvOYFIGflSURXJ8QP-V1XNdYJ28hyZN3D3eFDDprPg3p54YGGN-UkRGdgSuz-Acu86p_b5n46dsUYT0GHVbDJ9JxCxySXBiUOH1zSJ3_V2i-jqExr50fzwcOTaFfO54kRoUTfWIK5eI89jn9wokYtp6rn82jzdJZ1TeDAubH2YfElw6g2xAH9gHoSrBuerLCFnezcKLLmLPXzBSBC7H8UbmHukRPBTwdsGkx_OWNZu-Xr30vidu_ROOM7yxCvaOfc62Duj8QB8AE2K-F5N4D4AQBkgUECAQYAZIFBAgFGASgBgKAB7ygngKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcDEKJ70ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01Nzg2MjQzMDMxNjEwMTcyGLHoGg&sigh=WtXISnfn5Kc
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5316 11 KB
8 KB 45ms
20ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ae91453e518c70b27ea0e5d460268e6c12ddc3dba058804525f969719542a51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8586
x-xss-protection: 0

GET
H2 200 safeframe.html Show response
openweb.jac.yahoosandbox.com/0.8.1/ Frame 856F 378 B
583 B 9ms
7ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/0.8.1/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

1aa0d7b9dcb1866280fa0057fc72e5e8d96f82d251fb24505852398b59ae73fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: openweb.jac.yahoosandbox.com
:scheme: https
:path: /0.8.1/safeframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: cSYdaKy+8gLL3l6w+0KWsAxRfTEhARZbafWFcs2geHhIRM8qoSlkG7+LZ+UXl2tZjy3pdZHVmEE=
x-amz-request-id: EHX6XHDB92E2R3YQ
date: Wed, 13 Oct 2021 07:11:51 GMT
last-modified: Wed, 15 Sep 2021 15:32:38 GMT
etag: "07bf2c9ee801076f1d1fa4edcb14d7b3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: text/html
content-length: 378
server: ATS
referrer-policy: no-referrer-when-downgrade
age: 207438
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4287 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5316 0
0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5316
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

148ms
114ms

Image
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Fri, 15 Oct 2021 16:49:07 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 jac.js Show response
openweb.jac.yahoosandbox.com/0.8.1/ Frame 856F 145 KB
37 KB 7ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/0.8.1/jac.js

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

d4d40eb03699fff7994b78a8f471bbfbd48362ec2dfd209faf9b4e2206b03adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34356
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 37736
x-amz-id-2: I0MTjX47P03FUz3Rgalrz/nPtD9a6g5ZDkpvJUr8DG8MJE+ruAGLytg+KVTW0ifO+nJqUqaoS4k=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Sep 2021 15:32:38 GMT
server: ATS
etag: "84af28754874f03a996c3072b50f233b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5C1XAD50RTDQ4TVQ
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sp_Rba9aFpG Show response
launcher.spot.im/spot/ Frame 856F 395 KB
93 KB 488ms
6ms Script
application/javascript 92.123.194.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Requested by: Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/0.8.1/jac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-140.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: fd6d98e93041bc578240aaa66aaaf4aa87b6391a108514b341f9d33f2710819a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
content-encoding: br
server: fasthttp
cache-control: max-age=14400
content-type: application/javascript; charset=UTF-8
content-length: 94458
expires: Fri, 15 Oct 2021 20:49:07 GMT

GET
H2 204 W3sibiI6InZwaXhpZWMiLCJtIjpbMTY3OS4yMDAwMDAyODYxMDIzLDAsMCwxNjc5LjIwMDAwMDI4NjEwMjMsMCwwLDAsMCwwLDAsMCwxODU2LjcwMDAwMDI4NjEwMjNdLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ2NDk3LCJxIjoiaW1hZ...
ybar-ctidp1m3w1report.wc.yahoodns.net/cs/ 0
212 B 603ms
154ms Image
text/plain 67.195.160.105
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-ctidp1m3w1report.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWMiLCJtIjpbMTY3OS4yMDAwMDAyODYxMDIzLDAsMCwxNjc5LjIwMDAwMDI4NjEwMjMsMCwwLDAsMCwwLDAsMCwxODU2LjcwMDAwMDI4NjEwMjNdLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ2NDk3LCJxIjoiaW1hZ2UiLCJwIjoibmV3cyIsImQiOiJkZXNrdG9wIiwibCI6ImVuLVVTIiwiYiI6ImN0aWRwMW0zdzEifV0=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.195.160.105 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

o2.ycpi.gq1.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InljcyIsIm0iOlsxNjc5LjU5OTk5OTkwNDYzMjYsMCwwLDE2NzkuNTk5OTk5OTA0NjMyNiwxNjg3LjgwMDAwMDE5MDczNDksMTY5OS45MDAwMDAwOTUzNjc0LDE2OTkuOTAwMDAwMDk1MzY3NCwxNzExLjUsMTg0NS41LDE4NDUuNTk5OTk5OTA0NjMyN...
ybar-mcdn-report.wc.yahoodns.net/cs/ 0
212 B 603ms
154ms Image
text/plain 67.195.160.105
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-mcdn-report.wc.yahoodns.net/cs/W3sibiI6InljcyIsIm0iOlsxNjc5LjU5OTk5OTkwNDYzMjYsMCwwLDE2NzkuNTk5OTk5OTA0NjMyNiwxNjg3LjgwMDAwMDE5MDczNDksMTY5OS45MDAwMDAwOTUzNjc0LDE2OTkuOTAwMDAwMDk1MzY3NCwxNzExLjUsMTg0NS41LDE4NDUuNTk5OTk5OTA0NjMyNiwxODU3LjA5OTk5OTkwNDYzMjYsMTg1Ny43MDAwMDAyODYxMDIzXSwiciI6MCwicyI6MTYzNDMxNjU0NjMxOSwiZSI6MTYzNDMxNjU0NjQ5OSwicSI6ImltYWdlIiwicCI6Im5ld3MiLCJkIjoiZGVza3RvcCIsImwiOiJlbi1VUyIsImIiOiJzams0c3Z2YjMifSx7Im4iOiJlZGdlY2FzdCIsIm0iOlsxNjc5LjgwMDAwMDE5MDczNDksMCwwLDE2NzkuODAwMDAwMTkwNzM0OSwxNjkxLjcwMDAwMDI4NjEwMjMsMTY5OC43MDAwMDAyODYxMDIzLDE2OTguNzAwMDAwMjg2MTAyMywxNzExLDE4NDMuNDAwMDAwMDk1MzY3NCwxODQzLjQwMDAwMDA5NTM2NzQsMTg1OC40MDAwMDAwOTUzNjc0LDE4NTldLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ2NTAwLCJxIjoiaW1hZ2UiLCJwIjoibmV3cyIsImQiOiJkZXNrdG9wIiwibCI6ImVuLVVTIiwiYiI6InVuZGVmaW5lZCJ9LHsibiI6ImNsb3VkZnJvbnQiLCJtIjpbMTY3OS41LDAsMCwxNjc5LjUsMTY4Ny44MDAwMDAxOTA3MzQ5LDE3MDEuODAwMDAwMTkwNzM0OSwxNzAxLjgwMDAwMDE5MDczNDksMTcxNC40MDAwMDAwOTUzNjc0LDE4NDQuNDAwMDAwMDk1MzY3NCwxODQ0LjkwMDAwMDA5NTM2NzQsMTg2MywxODYzLjQwMDAwMDA5NTM2NzRdLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ2NTA2LCJxIjoiaW1hZ2UiLCJwIjoibmV3cyIsImQiOiJkZXNrdG9wIiwibCI6ImVuLVVTIiwiYiI6InVuZGVmaW5lZCJ9LHsibiI6ImFrYW1haSIsIm0iOlsxNjc5LjkwMDAwMDA5NTM2NzQsMCwwLDE2NzkuOTAwMDAwMDk1MzY3NCwxODU2LjgwMDAwMDE5MDczNDksMTg2NS4wOTk5OTk5MDQ2MzI2LDE4NjUuMDk5OTk5OTA0NjMyNiwxODcxLDE4OTQuNTk5OTk5OTA0NjMyNiwxODk0LjcwMDAwMDI4NjEwMjMsMTkwMi40MDAwMDAwOTUzNjc0LDE5MDMuMzAwMDAwMTkwNzM0OV0sInIiOjAsInMiOjE2MzQzMTY1NDYzMTksImUiOjE2MzQzMTY1NDY1NDYsInEiOiJpbWFnZSIsInAiOiJuZXdzIiwiZCI6ImRlc2t0b3AiLCJsIjoiZW4tVVMiLCJiIjoidW5kZWZpbmVkIn0seyJuIjoibGV2ZWwzIiwibSI6WzE2NzkuNzAwMDAwMjg2MTAyMywwLDAsMTY3OS43MDAwMDAyODYxMDIzLDAsMCwwLDAsMCwwLDAsMTkwNi41XSwiciI6MCwicyI6MTYzNDMxNjU0NjMxOSwiZSI6MTYzNDMxNjU0NjU1MCwicSI6ImltYWdlIiwicCI6Im5ld3MiLCJkIjoiZGVza3RvcCIsImwiOiJlbi1VUyIsImIiOiJ1bmRlZmluZWQifSx7Im4iOiJsaW1lbGlnaHQiLCJtIjpbMTY3OS41OTk5OTk5MDQ2MzI2LDAsMCwxNjc5LjU5OTk5OTkwNDYzMjYsMTY4Ny44MDAwMDAxOTA3MzQ5LDE2OTEuMjAwMDAwMjg2MTAyMywxNjkxLjIwMDAwMDI4NjEwMjMsMTY5OC44MDAwMDAxOTA3MzQ5LDE4NDEuODAwMDAwMTkwNzM0OSwxODQxLjkwMDAwMDA5NTM2NzQsMjA4OC44MDAwMDAxOTA3MzUsMjA5MC41OTk5OTk5MDQ2MzI2XSwiciI6MCwicyI6MTYzNDMxNjU0NjMxOSwiZSI6MTYzNDMxNjU0NjczMywicSI6ImltYWdlIiwicCI6Im5ld3MiLCJkIjoiZGVza3RvcCIsImwiOiJlbi1VUyIsImIiOiJ1bmRlZmluZWQifSx7Im4iOiJjb3JlZG5zIiwibSI6WzE2NzkuMzAwMDAwMTkwNzM0OSwwLDAsMTY3OS4zMDAwMDAxOTA3MzQ5LDE2NzkuMzAwMDAwMTkwNzM0OSwxNjc5LjMwMDAwMDE5MDczNDksMTY3OS4zMDAwMDAxOTA3MzQ5LDE2NzkuMzAwMDAwMTkwNzM0OSwxNjc5LjMwMDAwMDE5MDczNDksMjgyNC4yMDAwMDAyODYxMDIzLDI4MzEuNzAwMDAwMjg2MTAyMywyODMyLjIwMDAwMDI4NjEwMjNdLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ3NDg3LCJxIjoiaW1hZ2UiLCJwIjoibmV3cyIsImQiOiJkZXNrdG9wIiwibCI6ImVuLVVTIiwiYiI6ImdyZmdkbGk4eCJ9XQ==

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.195.160.105 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

o2.ycpi.gq1.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InZwaXhpZWEiLCJtIjpbMTY3OSwwLDAsMTY3OSwxNjg2LjIwMDAwMDI4NjEwMjMsMTcwNC4wOTk5OTk5MDQ2MzI2LDE3MDQuMDk5OTk5OTA0NjMyNiwxNzIzLjUsMTg0NC43MDAwMDAyODYxMDIzLDE4NDQuOTAwMDAwMDk1MzY3NCwxODYzLjU5OTk5O...
ybar-alc123ok7breport.wc.yahoodns.net/cs/ 0
212 B 493ms
44ms Image
text/plain 212.82.116.200
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-alc123ok7breport.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWEiLCJtIjpbMTY3OSwwLDAsMTY3OSwxNjg2LjIwMDAwMDI4NjEwMjMsMTcwNC4wOTk5OTk5MDQ2MzI2LDE3MDQuMDk5OTk5OTA0NjMyNiwxNzIzLjUsMTg0NC43MDAwMDAyODYxMDIzLDE4NDQuOTAwMDAwMDk1MzY3NCwxODYzLjU5OTk5OTkwNDYzMjYsMTg2My44MDAwMDAxOTA3MzQ5XSwiciI6MCwicyI6MTYzNDMxNjU0NjMxOSwiZSI6MTYzNDMxNjU0NjUxNiwicSI6ImltYWdlIiwicCI6Im5ld3MiLCJkIjoiZGVza3RvcCIsImwiOiJlbi1VUyIsImIiOiJhbGMxMjNvazdiIn1d

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.116.200 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

e1.ycpi.bga.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InZwaXhpZWIiLCJtIjpbMTY3OS4wOTk5OTk5MDQ2MzI2LDAsMCwxNjc5LjA5OTk5OTkwNDYzMjYsMTY4Ny43MDAwMDAyODYxMDIzLDE3MTIuMjAwMDAwMjg2MTAyMywxNzEyLjIwMDAwMDI4NjEwMjMsMTg3MC41OTk5OTk5MDQ2MzI2LDIwMzIuNTk5O...
ybar-b7q53rgpeureport.wc.yahoodns.net/cs/ 0
212 B 473ms
24ms Image
text/plain 188.125.89.201
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-b7q53rgpeureport.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWIiLCJtIjpbMTY3OS4wOTk5OTk5MDQ2MzI2LDAsMCwxNjc5LjA5OTk5OTkwNDYzMjYsMTY4Ny43MDAwMDAyODYxMDIzLDE3MTIuMjAwMDAwMjg2MTAyMywxNzEyLjIwMDAwMDI4NjEwMjMsMTg3MC41OTk5OTk5MDQ2MzI2LDIwMzIuNTk5OTk5OTA0NjMyNiwyMDMyLjcwMDAwMDI4NjEwMjMsMjE5My4zMDAwMDAxOTA3MzUsMjE5My44MDAwMDAxOTA3MzVdLCJyIjowLCJzIjoxNjM0MzE2NTQ2MzE5LCJlIjoxNjM0MzE2NTQ2ODYzLCJxIjoiaW1hZ2UiLCJwIjoibmV3cyIsImQiOiJkZXNrdG9wIiwibCI6ImVuLVVTIiwiYiI6ImI3cTUzcmdwZXUifV0=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.89.201 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

e2.ycpi.via.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:07 GMT
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

OPTIONS
H2 200 pixel
pix.spot.im/api/v1/ Frame 0
0 124ms
94ms Preflight 92.123.194.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6NjI3LCJ0ZXN0X2ZpZWxkIjoiIiwic3BsaXRfbmFtZSI6IiIsInB1Ymxpc2hlcl9jdXN0b21fZGF0YSI6IntcInBhcnRuZXJfaWRcIjpcImEwYWQwMDAwMDA4OU9jeUFBRVwiLFwicGFnZV90eXBlXCI6XCJzdG9yeVwiLFwicHJvZHVjdF9pZFwiOlwieWFob29fbmV3c1wifSIsInNwb3RfaWQiOiJzcF9SYmE5YUZwRyIsInBvc3RfaWQiOiIiLCJzb3VyY2UiOiJsYXVuY2hlcl9zYWZlZnJhbWUiLCJ0eXBlIjoiZXJyb3IiLCJpdGVtX3R5cGUiOiJsb2NhbCBzdG9yYWdlIGRlbGV0ZWQgZHVyaW5nIHJ1bnRpbWUiLCJpdGVtX2lkIjoicmVzdG9yZUxvY2FsU3RvcmFnZSIsInNhZmVfZnJhbWUiOiJ0cnVlIiwiYnJvd3Nlcl90eXBlIjoiQ2hyb21lLTkzIn0%3D&rnd=0.2364695750291843
Protocol: H2
Server: 92.123.194.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-145.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-spotim-device-uuid,x-spotim-page-view-id
Origin: https://openweb.jac.yahoosandbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age: 3600
expires: Fri, 15 Oct 2021 16:49:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT

OPTIONS
H2 200 v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Rba9aFpG/ Frame 0
0 146ms
98ms Preflight 184.25.50.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Rba9aFpG/v2?platform=Desktop
Protocol: H2
Server: 184.25.50.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-89.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin: https://openweb.jac.yahoosandbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-expose-headers
access-control-max-age: 86400
date: Fri, 15 Oct 2021 16:49:08 GMT

OPTIONS
H2 200 pixel
pix.spot.im/api/v1/ Frame 0
0 112ms
100ms Preflight 92.123.194.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6NjQ0LCJ0ZXN0X2ZpZWxkIjoiIiwic3BsaXRfbmFtZSI6IiIsInB1Ymxpc2hlcl9jdXN0b21fZGF0YSI6IntcInBhcnRuZXJfaWRcIjpcImEwYWQwMDAwMDA4OU9jeUFBRVwiLFwicGFnZV90eXBlXCI6XCJzdG9yeVwiLFwicHJvZHVjdF9pZFwiOlwieWFob29fbmV3c1wifSIsInNwb3RfaWQiOiJzcF9SYmE5YUZwRyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rdXNsdmo1Mi44N3UifX0%3D&rnd=0.776913740280651
Protocol: H2
Server: 92.123.194.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-145.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-spotim-device-uuid,x-spotim-page-view-id
Origin: https://openweb.jac.yahoosandbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age: 3600
expires: Fri, 15 Oct 2021 16:49:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT

POST
H2 204 events Show response
direct-events-collector.spot.im/api/v2/ Frame 856F 0
272 B 297ms
99ms XHR
text/plain 54.166.194.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.194.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-194-46.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://openweb.jac.yahoosandbox.com
date: Fri, 15 Oct 2021 16:49:08 GMT
access-control-allow-credentials: true
server: fasthttp
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 metric
metrics-logger.spot.im/ Frame 856F 0
0 440ms
97ms Fetch 107.23.223.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics-logger.spot.im/metric
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-223-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://openweb.jac.yahoosandbox.com
date: Fri, 15 Oct 2021 16:49:08 GMT
content-length: 0

GET
H2 200 pixel
pix.spot.im/api/v1/ Frame 856F 16 B
0 101ms
99ms Fetch
application/json 92.123.194.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6NjI3LCJ0ZXN0X2ZpZWxkIjoiIiwic3BsaXRfbmFtZSI6IiIsInB1Ymxpc2hlcl9jdXN0b21fZGF0YSI6IntcInBhcnRuZXJfaWRcIjpcImEwYWQwMDAwMDA4OU9jeUFBRVwiLFwicGFnZV90eXBlXCI6XCJzdG9yeVwiLFwicHJvZHVjdF9pZFwiOlwieWFob29fbmV3c1wifSIsInNwb3RfaWQiOiJzcF9SYmE5YUZwRyIsInBvc3RfaWQiOiIiLCJzb3VyY2UiOiJsYXVuY2hlcl9zYWZlZnJhbWUiLCJ0eXBlIjoiZXJyb3IiLCJpdGVtX3R5cGUiOiJsb2NhbCBzdG9yYWdlIGRlbGV0ZWQgZHVyaW5nIHJ1bnRpbWUiLCJpdGVtX2lkIjoicmVzdG9yZUxvY2FsU3RvcmFnZSIsInNhZmVfZnJhbWUiOiJ0cnVlIiwiYnJvd3Nlcl90eXBlIjoiQ2hyb21lLTkzIn0%3D&rnd=0.2364695750291843
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-130.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
x-spotim-device-uuid: undefined
x-spotim-page-view-id: 095f347c-225a-4b0f-a052-939aed48db20
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: fasthttp
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length: 16
expires: Fri, 15 Oct 2021 16:49:08 GMT

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ Frame 856F 0
0 43ms
6ms Fetch
text/html 92.123.194.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-180.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 20
x-amz-cf-id: aDQ0WRYJv7pRqwHyR8tD3tjIFmBJl7vwmBcaeKzc2V6yvSN5JIS6lQ==
expires: Sun, 16 Oct 2022 16:49:08 GMT

GET
H2 200 init-1310j13d176pszta85yh.js Show response
api.fouanalytics.com/api/ Frame 856F 0
604 B 267ms
217ms Script
text/javascript 172.67.200.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1310j13d176pszta85yh.js
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.200.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcuN9mPeJntC954N1WEEoKfEZdGFbhbTUq38HTbSuNyii9JZZhWt3IVDKrSSiGOk8GZV7PPyrH1dKexPZ0aQ%2BQpGk1F4BL6lYgjF408LiRBL8gUYFAsigyDT8GiwPYvOLeL1GzrQ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69ea89f95de52798-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: -1

POST
H2 200 v2 Show response
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Rba9aFpG/ Frame 856F 9 KB
2 KB 139ms
107ms Fetch
application/json 184.25.50.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Rba9aFpG/v2?platform=Desktop
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.50.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-89.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: 9154cfbe0796b2e39cc22c2e8be7ed7e0fc3c98c23fd39020599634e8f9f2851

Request headers

x-guid: null
x-post-id: 5f0c6633-86b7-3bde-86d9-08285cce3cc2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8
x-spot-id: sp_Rba9aFpG
x-spotim-page-view-id: 095f347c-225a-4b0f-a052-939aed48db20
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
content-encoding: gzip
server: fasthttp
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
content-length: 2067
x-request-id: d095f051-2dd7-11ec-bd00-1684a1db6ca6
access-control-expose-headers

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ Frame 856F 0
0 40ms
7ms Fetch
text/html 92.123.194.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-180.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 20
x-amz-cf-id: aDQ0WRYJv7pRqwHyR8tD3tjIFmBJl7vwmBcaeKzc2V6yvSN5JIS6lQ==
expires: Sun, 16 Oct 2022 16:49:08 GMT

GET
DATA 200
OK truncated
/ Frame 856F 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pixel
pix.spot.im/api/v1/ Frame 856F 16 B
0 101ms
101ms Fetch
application/json 92.123.194.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6NjQ0LCJ0ZXN0X2ZpZWxkIjoiIiwic3BsaXRfbmFtZSI6IiIsInB1Ymxpc2hlcl9jdXN0b21fZGF0YSI6IntcInBhcnRuZXJfaWRcIjpcImEwYWQwMDAwMDA4OU9jeUFBRVwiLFwicGFnZV90eXBlXCI6XCJzdG9yeVwiLFwicHJvZHVjdF9pZFwiOlwieWFob29fbmV3c1wifSIsInNwb3RfaWQiOiJzcF9SYmE5YUZwRyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rdXNsdmo1Mi44N3UifX0%3D&rnd=0.776913740280651
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-130.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
x-spotim-device-uuid: undefined
x-spotim-page-view-id: 095f347c-225a-4b0f-a052-939aed48db20
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: fasthttp
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length: 16
expires: Fri, 15 Oct 2021 16:49:08 GMT

GET
H2 200 safe-frame-handler-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v2.62.0/launcher/ Frame 856F 11 KB
3 KB 47ms
7ms Script
application/javascript 184.25.50.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v2.62.0/launcher/safe-frame-handler-bundle.js
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.50.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-105.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: 926f7445492513891fb7ba565435637ddc406b261b82a622f22132333cfb3e1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
content-encoding: br
server: fasthttp
x-cache-status: Bypass
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 3299
expires: Sun, 16 Oct 2022 16:49:08 GMT

GET
DATA 200
OK truncated
/ Frame 856F 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 856F 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 856F 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/webp

OPTIONS
H2 200 pixel
pix.spot.im/api/v1/ Frame 0
0 95ms
95ms Preflight 92.123.194.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWwiLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjcwMywidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7XCJwYXJ0bmVyX2lkXCI6XCJhMGFkMDAwMDAwODlPY3lBQUVcIixcInBhZ2VfdHlwZVwiOlwic3RvcnlcIixcInByb2R1Y3RfaWRcIjpcInlhaG9vX25ld3NcIn0iLCJzcG90X2lkIjoic3BfUmJhOWFGcEciLCJzb3VyY2UiOiJsYXVuY2hlciIsInR5cGUiOiJwZXJmb3JtYW5jZSIsIml0ZW1fdHlwZSI6ImNyaXRpY2FsX2Zsb3ciLCJpdGVtX2lkIjoiZW5kIiwic2VnbWVudCI6eyJkdXJhdGlvbiI6NTcuNTk5OTk5OTA0NjMyNTcsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3VzbHZqNTIuODd1In19&rnd=0.007675302934321282
Protocol: H2
Server: 92.123.194.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-145.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-spotim-device-uuid,x-spotim-page-view-id
Origin: https://openweb.jac.yahoosandbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age: 3600
expires: Fri, 15 Oct 2021 16:49:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT

GET
H2 200 device_load Show response
events-collector.spot.im/api/v1/ Frame 856F 36 B
484 B 122ms
96ms Fetch
text/plain 92.123.194.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://events-collector.spot.im/api/v1/device_load
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-130.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: e4b7aaa46df6c8b3ef5a8c76a0034209f14e603eb31b3eae89184f99eff7f14c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: fasthttp
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length: 36
expires: Fri, 15 Oct 2021 16:49:08 GMT

POST
H2 200 metric
metrics-logger.spot.im/ Frame 856F 0
0 387ms
122ms Fetch 107.23.223.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics-logger.spot.im/metric
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-223-65.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://openweb.jac.yahoosandbox.com
date: Fri, 15 Oct 2021 16:49:08 GMT
content-length: 0

GET
H2 200 pixel
pix.spot.im/api/v1/ Frame 856F 16 B
0 105ms
104ms Fetch
application/json 92.123.194.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiIwOTVmMzQ3Yy0yMjVhLTRiMGYtYTA1Mi05MzlhZWQ0OGRiMjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWw%2FX2d1Y19jb25zZW50X3NraXA9MTYzNDMxNjU3NSIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJuZXdzLnlhaG9vLmNvbSIsInVybCI6Imh0dHBzOi8vbmV3cy55YWhvby5jb20vdXMtZ292ZXJubWVudC1kYXRhYmFzZS1leHBsb2l0ZWQtY292aWQtMTQ0NjIwODc0Lmh0bWwiLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjcwMywidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7XCJwYXJ0bmVyX2lkXCI6XCJhMGFkMDAwMDAwODlPY3lBQUVcIixcInBhZ2VfdHlwZVwiOlwic3RvcnlcIixcInByb2R1Y3RfaWRcIjpcInlhaG9vX25ld3NcIn0iLCJzcG90X2lkIjoic3BfUmJhOWFGcEciLCJzb3VyY2UiOiJsYXVuY2hlciIsInR5cGUiOiJwZXJmb3JtYW5jZSIsIml0ZW1fdHlwZSI6ImNyaXRpY2FsX2Zsb3ciLCJpdGVtX2lkIjoiZW5kIiwic2VnbWVudCI6eyJkdXJhdGlvbiI6NTcuNTk5OTk5OTA0NjMyNTcsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3VzbHZqNTIuODd1In19&rnd=0.007675302934321282
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-130.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
x-spotim-device-uuid: undefined
x-spotim-page-view-id: 095f347c-225a-4b0f-a052-939aed48db20
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:08 GMT
server: fasthttp
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length: 16
expires: Fri, 15 Oct 2021 16:49:08 GMT

GET
H2 200 5f0c6633-86b7-3bde-86d9-08285cce3cc2 Show response
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Rba9aFpG/ Frame 856F 108 B
841 B 98ms
98ms Fetch
application/json 184.25.50.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Rba9aFpG/5f0c6633-86b7-3bde-86d9-08285cce3cc2
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Rba9aFpG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.50.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-89.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: 93f1365a8b3b3efe4f01073f0df6ee6f232d435821633a7c19dcbb2b1e2eaaaa

Request headers

Accept: application/json
Referer: https://openweb.jac.yahoosandbox.com/0.8.1/safeframe.html
x-spotim-page-view-id: 095f347c-225a-4b0f-a052-939aed48db20
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-spotim-device-uuid: 0d027808-e411-4d28-ba5b-5a79360805b6

Response headers

date: Fri, 15 Oct 2021 16:49:08 GMT
server: fasthttp
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length: 108
x-request-id: d0ada88a-2dd7-11ec-9f6e-a2cf9adb1e39

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/tag/ Frame 93B3 9 KB
3 KB 8ms
8ms Document
text/html 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/0.8.1/jac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F91) /

Resource Hash

9401d45b15dac98d3adc3803a52be3bae9777cfc6f2e5565115bf2d0d02eefc2

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

:method: GET
:authority: opus.analytics.yahoo.com
:scheme: https
:path: /tag/opus-frame.html?referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
cookie: B=4sa9an1gmjc80&b=3&s=ln; A1=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A1S=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR; GUC=AQEBBAFhawJiSEIepgRL; GUCS=AX_C-M9Z; cmp=t=1634316546&j=0; IDSYNC=16pp~20z4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

content-encoding: gzip
age: 184628
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Fri, 15 Oct 2021 16:49:08 GMT
etag: "b159463bfd2d3b755e89e683e21cd266+gzip"
last-modified: Wed, 18 Aug 2021 13:30:04 GMT
server: ECAcc (frc/8F91)
vary: Accept-Encoding
x-amz-id-2: tbXGwcux9pVpWBmBWq79Yj47PRnoiCLm1FfBB3Zr6bh1Ps0GcI4qA5zFjD9okFNLymVncsg6BrI=
x-amz-request-id: B7VY161NDWHH279E
x-cache: HIT
content-length: 3427

OPTIONS
H2 200 5f0c6633-86b7-3bde-86d9-08285cce3cc2
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Rba9aFpG/ Frame 0
0 94ms
94ms Preflight 184.25.50.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Rba9aFpG/5f0c6633-86b7-3bde-86d9-08285cce3cc2
Protocol: H2
Server: 184.25.50.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-89.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin: https://openweb.jac.yahoosandbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://openweb.jac.yahoosandbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age: 86400
date: Fri, 15 Oct 2021 16:49:08 GMT

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame 06C6 8 KB
3 KB 7ms
7ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
Requested by: Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

:method: GET
:authority: tag.idsync.analytics.yahoo.com
:scheme: https
:path: /sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opus.analytics.yahoo.com/
accept-encoding: gzip, deflate, br
cookie: B=4sa9an1gmjc80&b=3&s=ln; A1=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A3=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M; A1S=d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR; GUC=AQEBBAFhawJiSEIepgRL; GUCS=AX_C-M9Z; cmp=t=1634316546&j=0; IDSYNC=16pp~20z4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://opus.analytics.yahoo.com/

Response headers

content-encoding: gzip
age: 181
content-type: text/html
date: Fri, 15 Oct 2021 16:49:08 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (frb/669E)
vary: Accept-Encoding
x-amz-id-2: IdOE5yLmmVToTsbWxhpY57RI//rU5uTgJx4/h9Yu1QX7/LtxwUCLYtRP/DImGpNmg0fgYvRne3g=
x-amz-request-id: KMNG58E78FNMY2DW
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3220

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 8A34 0
0 35ms
35ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&orig=ono&sInitiator=external
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 06C6 38 B
427 B 10ms
10ms XHR
application/json 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=false&euconsent=undefined&us_privacy=1---&referrer=https%3A%2F%2Fopus.analytics.yahoo.com%2Ftag%2Fopus-frame.html%3Freferrer%3D

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: ATS/7.1.2.138
Age: 0
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://tag.idsync.analytics.yahoo.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame 0C8E 2 KB
822 B 7ms
7ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-sf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: TRSoRB/hRLcpUg8/UG2sVPHdRuzatIHo7Z8DQVhc2n761DVuR2J/Z6EB/AzzuTV/CalkD5+aabU=
x-amz-request-id: TA5GZQP2FQSC5FVP
date: Fri, 08 Oct 2021 13:33:32 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 616539
ats-carp-promotion: 1
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame 5849 2 KB
816 B 7ms
7ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-sf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: TRSoRB/hRLcpUg8/UG2sVPHdRuzatIHo7Z8DQVhc2n761DVuR2J/Z6EB/AzzuTV/CalkD5+aabU=
x-amz-request-id: TA5GZQP2FQSC5FVP
date: Fri, 08 Oct 2021 13:33:32 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 616539
ats-carp-promotion: 1
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-6-0/html/ Frame D649 2 KB
816 B 7ms
7ms Document
text/html 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /rq/darla/4-6-0/html/r-sf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Response headers

x-amz-id-2: TRSoRB/hRLcpUg8/UG2sVPHdRuzatIHo7Z8DQVhc2n761DVuR2J/Z6EB/AzzuTV/CalkD5+aabU=
x-amz-request-id: TA5GZQP2FQSC5FVP
date: Fri, 08 Oct 2021 13:33:32 GMT
last-modified: Thu, 01 Oct 2020 20:43:22 GMT
etag: "38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 616539
ats-carp-promotion: 1
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=10426;adcid=1;itime=316545259;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640821;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 106ms
106ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=10426;adcid=1;itime=316545259;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640821;imprefseq=110908219198551641;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LDRB2;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403552;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=18717;adcid=1;itime=316545285;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640882;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 98ms
98ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=18717;adcid=1;itime=316545285;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640882;imprefseq=110908219198551650;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC3;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403555;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830389%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=21147;adcid=1;itime=316545290;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640894;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ 1 B
248 B 101ms
100ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830389%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=21147;adcid=1;itime=316545290;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640894;imprefseq=110908219198551653;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC4;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403556;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ Frame 0C8E 63 KB
27 KB 7ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 16:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125437
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 27596
x-amz-id-2: DItVjYXNCeCj0xLfyB8ApWEKWe4EY98ZrOhZBK8WzO3Qj8+kj+8gRWWYa2tBEPHy2h8lbYOOhio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:25 GMT
server: ATS
etag: "cd79ab0317600462e032e470caf03687-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5RWDKME9RQ8MR2M4
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ Frame 5849 63 KB
27 KB 15ms
15ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 16:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125437
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 27596
x-amz-id-2: DItVjYXNCeCj0xLfyB8ApWEKWe4EY98ZrOhZBK8WzO3Qj8+kj+8gRWWYa2tBEPHy2h8lbYOOhio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:25 GMT
server: ATS
etag: "cd79ab0317600462e032e470caf03687-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5RWDKME9RQ8MR2M4
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-6-0/js/ Frame D649 63 KB
27 KB 19ms
19ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 02 Oct 2021 16:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125437
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 27596
x-amz-id-2: DItVjYXNCeCj0xLfyB8ApWEKWe4EY98ZrOhZBK8WzO3Qj8+kj+8gRWWYa2tBEPHy2h8lbYOOhio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Oct 2020 20:43:25 GMT
server: ATS
etag: "cd79ab0317600462e032e470caf03687-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5RWDKME9RQ8MR2M4
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0C8E 80 KB
27 KB 21ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 54 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:09 GMT

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 0C8E 19 B
668 B 27ms
9ms Script
application/javascript 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame 0C8E 76 KB
77 KB 8ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:21:11 GMT
x-content-type-options: nosniff
age: 1679
x-amz-server-side-encryption: AES256
content-length: 78331
x-amz-id-2: 6kTMtgPaBHSc2yGxjMkyuKnro/w8ComDimHocMThiX54BbhIEOF4FzrPbnxEaz67tPvXETsslAg=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GDYHHBY8K2X9QSB2
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=10426;adcid=1;itime=316545259;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640821;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ Frame 0C8E 1 B
248 B 102ms
101ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=1;ct=4180169517;st=10426;adcid=1;itime=316545259;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640821;imprefseq=110908219198551641;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LDRB2;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403552;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 0C8E 43 B
630 B 69ms
69ms Image
image/gif 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783797&grp=%3F%3F%3F&nl=1634316545800&rts=1634316545677&pix=1&et=1&a=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-2&m=aXAtMTAtMjItMTEwLTIyMA..&b=MTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7O2E1MGI1MzE5ZTRmOTQxOWJhOGJhZjFkNjcxNmFjNjJmOzI5NDYzODY4OzE2MzQzMTE4MDA7OzA7OzA7O3Bhc3NiYWNrLTE4Mzs7&uid=y-Ckr2FztE2uoear3f9rQ_H5EKZpXb%7EA&tsrctype=2&xdi=Pz8_fD8_P3xOVCAxMC4wfDE3&xoi=MHxERVU.&hb=true&type=5&af=7&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=5

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 19:54:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/gif
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5849 80 KB
27 KB 24ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 903 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:09 GMT

GET
H/1.1 200
OK pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 5849 19 B
668 B 26ms
13ms Script
application/javascript 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame 5849 76 KB
77 KB 8ms
7ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:21:11 GMT
x-content-type-options: nosniff
age: 1679
x-amz-server-side-encryption: AES256
content-length: 78331
x-amz-id-2: 6kTMtgPaBHSc2yGxjMkyuKnro/w8ComDimHocMThiX54BbhIEOF4FzrPbnxEaz67tPvXETsslAg=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: GDYHHBY8K2X9QSB2
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=18717;adcid=1;itime=316545285;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640882;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ Frame 5849 1 B
248 B 98ms
97ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=18717;adcid=1;itime=316545285;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640882;imprefseq=110908219198551650;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC3;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403555;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adEvent.do
eu-central-1-web-oao.ssp.yahoo.com/admax/ Frame 5849 43 B
79 B 69ms
69ms Image
image/gif 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-central-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783368&grp=%3F%3F%3F&nl=1634316545807&rts=1634316545679&pix=1&et=1&a=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-5&m=aXAtMTAtMjItOTgtMTk5&b=MTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7OzllYzcwMjhhNGM4YzRjMGRiM2QwNWY4NDc4NTY2MjI5OzI5NDYzODY4OzE2MzQzMTE4MDA7OzA7OzA7O3Bhc3NiYWNrLTE5Njs7&uid=y-Ckr2FztE2uoear3f9rQ_H5EKZpXb%7EA&tsrctype=2&xdi=Pz8_fD8_P3xOVCAxMC4wfDE3&xoi=MHxERVU.&hb=true&type=5&af=7&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=5

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Oct 2021 19:54:20 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/gif
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK adServe.do Show response
oao-js-tag.onemobile.yahoo.com/admax/ Frame D649 171 B
594 B 297ms
15ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oao-js-tag.onemobile.yahoo.com/admax/adServe.do?cTag=ad929115&bcrid=passback-196&brxdPublisherId=brxd20459933223&brxdSectionId=149676551&brxdSiteId=brxd4464051&csrtype=2&dcn=brxd4464051&ht=250&pos=y403556&req(url)=https%3A//news.yahoo.com/us-government-database-exploited-covid-144620874.html&secure=1&wd=300&yadpos=LREC4&ybkt=a2-plutus-rr-4&ypubblob=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%7C%7C1197618800%7CLREC4%7C%7C&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/93.0.4577.63%20Safari/537.36&of=js&sd=1
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 27f270ed1a3f7f34415b6c953963da88dc1416e4be61c0609a45e1023d5e4cd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: ATS/7.1.2.138
Age: 0
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 171
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adcount%7C2.0%7C5113.1%7C4830389%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=21147;adcid=1;itime=316545290;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640894;imprefseq=1109082191985...
ter-adserver-origin-us.prod.adtechus.com/ Frame D649 1 B
248 B 110ms
110ms Image
application/x-javascript 23.22.168.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4830389%7C0%7C170%7CAdId=-41;BnId=1;ct=4180169517;st=21147;adcid=1;itime=316545290;reqtype=5;guid=4sa9an1gmjc80&b=3&s=ln;;impref=1634316545952640894;imprefseq=110908219198551653;imprefts=1634316545;adclntid=1004;spaceid=1197618800;adposition=LREC4;lmsid=a0ad00000089OcyAAE;revshare=lmsid%253Aa0ad00000089OcyAAE%253Brevsp%253Aafp%252Ecom%253Blpstaid%253A5f0c6633%252D86b7%252D3bde%252D86d9%252D08285cce3cc2%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r;sectionid=149676551;kvpgcolo=ir2;kvhashtag=1638500:12811000;kvrs=lmsid:a0ad00000089ocyaae:5f0c6633-86b7-3bde-86d9-08285cce3cc2:afp.com:article:pd:0:content:pct:story:lu:site:news:ver:pt:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1638500:12811000;kvsecure=true;kvmn=y403556;kvy-bucket=a2-plutus-rr-4;kvwiki_topics=vaccine_hesitancy:vaccine_adverse_event_reporting_system:white_house:statistics:misinformation:vaccination:centers_for_disease_control_and_prevention:tucker_carlson;kvsecure-darla=4-6-0%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-6-0/js/sfext-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.168.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-168-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:09 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0C8E 361 KB
122 KB 18ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:09 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5849 361 KB
122 KB 23ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 16:49:09 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0C8E 107 B
122 B 63ms
35ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0C8E 17 KB
10 KB 256ms
256ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1229522377827630&correlator=2649170405225420&output=ldjh&impl=fif&eid=31063134%2C31062524%2C31063139&vrg=2021101201&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=108347105%2Cca-pub-5786243031610172-tag%2C7141153936%2Cynews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=ADPOSITION%3DLDRB2%26SITEID%3D217738&eri=4&cdm=s.yimg.com&bc=31&abxe=1&dt=1634316549668&dlt=1634316549475&idt=154&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=727&ish=89&oid=2&adxs=0&adys=0&adks=1169004456&ucis=22ht4bebu785&ifi=1&ifk=1991606767&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&top=news.yahoo.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=1795529428.1634316550&ga_sid=1634316550&ga_hid=559032064&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6beb282ae6c00898250ab72e2a7eb1b39f871c1d7ba6c26f07ef6ece6dc7521a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9947
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7604 6 KB
3 KB 52ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:09 GMT
expires: Sat, 15 Oct 2022 16:49:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5849 107 B
122 B 53ms
52ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5849 17 KB
10 KB 262ms
262ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1226436013685599&correlator=3765450897581172&output=ldjh&impl=fif&eid=31062526%2C31062930&vrg=2021101201&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=108347105%2Cca-pub-5786243031610172-tag%2C7141153936%2Cynews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=ADPOSITION%3DLREC3%26SITEID%3D217738&eri=4&cdm=s.yimg.com&bc=31&abxe=1&dt=1634316549700&dlt=1634316549482&idt=168&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=299&ish=249&oid=2&adxs=0&adys=0&adks=429840752&ucis=y5ivqcl13c6&ifi=1&ifk=4184310624&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&top=news.yahoo.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=700557924.1634316550&ga_sid=1634316550&ga_hid=430095561&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

939ebc5c8c447cb1a59eb8a26bb668ba9fd76f189fbc32e5ae4d3e5f63ce6941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9987
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 202C 6 KB
3 KB 64ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:09 GMT
expires: Sat, 15 Oct 2022 16:49:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A94 6 KB
3 KB 25ms
7ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:09 GMT
expires: Sat, 15 Oct 2022 16:49:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0C8E 11 KB
8 KB 54ms
30ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8ef815352903fbb80cc8cfadbab52b5d6509d502773fce2dfe2cc6f6b0e3ab63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8527
x-xss-protection: 0

GET
H3 200 container.html Show response
b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DFA 6 KB
3 KB 9ms
8ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 16:49:09 GMT
expires: Sat, 15 Oct 2022 16:49:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5849 11 KB
8 KB 36ms
35ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ea6f649727e96fc124f1a64770848fb920e668683fdd07a698a44d48e68fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8452
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5C8B 645 B
306 B 37ms
22ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkrjB9ILLb3A4tkZTCNZv9wSGfbvlnRYGTGHXvdIhEoPWiKQulvzec2zYhYIwI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 15 Oct 2021 16:49:10 GMT
server: cafe
cache-control: private
content-length: 285
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A94 25 KB
13 KB 52ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-m-XUG1uvrQ0k3Ih9IUBxSb1cxFr8mnNLNyCBG82zzXTudR6bh5y5nXYD9-w34yO7yK4P-Cl1lH5YdFIwRaR4k7CaejmibjEH9FkAvEqgkhvsSH6LqEIn8rdqfHIVvtLTuh9xgrb0QKtxmKda_Ia_4kjGzg&cry=1&dbm_d=AKAmf-CKBxNIfC2BpVaPp8Y-Bek3AfQ_GWql_04x9UBIj0eFRvMwQ-KZbiC8SP7oHDnnzf9Ey6GZhct7ejt3hiPslZJQ4Xs-VOIxItn8iaucimYrxvuhW6K-Pkq3laSAgOCaoWMNkCy01FYReYQVDX4NIh7QQPc4p4MpwE80rw9YN3DkXm36ShPoXvYp9Mga1oR7ODlr6LzDxcsJ4kbpnonLCeTc-auQudXegB_DrNGDZbHH1GU7UXYOGzpmnpbr_dq4o1Oyyicuq8QjdXHGlZG1femINNXhCDs8_sXcNrN5GxkS1OLyS_9OjXjtpa-RhYM_jsmMmRkj5ZHiDO59AYsF8KFI4qhUPvZMiGWP3GTnYsBJkN5VMGD00YLS8QsEiOkTnWZpBfszOlG8EGYrq14pMXsyuNptyqUG5IA62XcC_2ZPIm1h82TUSe5XjQCTywJkM97-qZyn2BTJ0Z_g63uWI51CwSVF7vTjiPXEJmcVDM7A3u7kxtz8jNAD4uwVKSyAC-1m172V2A74HWAU4ttkD5ZHdgQjbVXHWCNblkWosBOLPrj5WQz6bcBGGXQmdzOq0cby9nYBPNerZ-YLcjWzelx1SCx4q1IBdY7aUbPV89gcOYpQwbjNoVuMEXADo6O3nBRCbQAV26afB31LxqI2hfUQR8lgyHvqS7BBedyoERffJXaioYb5WtzKnHdtySVC8s05S1h1b0fi3I6aKievy54GsDt9HXxVty4ZQvXpPL4Fhs2Cv72HNTMfNGkkeJW60EqhwXA2QAF4zFheXGvNU2ZDQpwK73bI9pgOi0x-sS-MoariwkRD92dJLrpnlScT5cO6irSp6U_YhpTlxfaXzAWYrCZTTwBtcw4T8smVE5O_clbu6tfUHhNmHTXBFlXyV2zNaRN9lxY8LwFa66KtHvptIcbtOo2d0LD1bMXmYwGxLolxFobyWc6CoFFxMWtf7cIszHg2OqaqiEpjy1qOrYNoLGRw_6DqQp58Xv4IJywXM1PfQ0-Db-gbLBH5bNFNLdrwI221l3ZtqX05LP3O2fBvofWSsxMOgqiSBIeLXcNjUCivGr-N_jgjx3UtHGbkXXEFNn8YlhdwmalI4Veriu8-49youi7qJoHA3N_3T7GYGKhNv8piI1TABBnjVXD1jYBJQ-HJKJyl5Q45eHAKDaC6Cp7ExC789A5FSrv943KsHl8_00cEYIEvAs3Wh8a8w8Rxh1jP2CLWH_6Bi_OhrAi6CACHnYqW4IDVSpQkr59LqaTp1XEoBEfyF3GT5NsplJe4voJmpwAdRcxrtfSZ97UULYilLOg7KtRrLZ-dXIA-GFucoDZPLmwDieuA6k5rrwUhzXR-TqGY_rhEbjlvBputAPFDta9xxp_gBlG-53wPCMb0emqJPT7a9hHI-FKNgo4v7KFb2P4zdVeMgKt8aZVIKtVw6IFTicJY6FhGiiZChGgRqFq8M4sITaU0VDBebSTAVKHGV0SxjQ_yVnYkWGLdxYFR9_CS3VRYwDr_n-uDaxc1Jgie07THOYfKTH3H-YeOF4tBHZdgySkUESKzWN_FM3absy9-EiG3nTBDk8Ap-ZNSTbdCDjD9IoYe2RVG7hQK3FpU8WMUy12qXBxzZq18pATI-S0AWo4LMc61ia6fqPu2upYBpVo3NtECSq3kdV2Y5hBCFuN2X0HkfU-EKRMiqBQm79gx_0-TGF3i3cqfM4WZXMakgGv0bUHI0ieLzFHUTb2-h5ty6OGTCBmCiLPF9QEfIGla6Pdn6_uhC3wLfV05MR7lkxp1xDsOy9J3K7m_AqgoJwX04SVNYDYGNFdhFn9Slnx4mKmlHAWFjjfQzh78RsTolUc9thAItnp2CyiIEijK57NYlsBlmgoO5-7QeZynanov0NoqwzpY_8D7VfUo4XWENZnqdSloBxnpYjYmHQRIMKBeI2dtzOZ9nwkvGltsu2oEOlk8rwGL66sxeuGQluEq8WEIO5zkgV7eUrUKjtPAqFYrK0FKtfzKfGipY3a6_btT8Pec7qnj1tOlZ2tUAVld5S4LFHV8HQzIKCyy5wasggdsZwRjnotbwl6uPzogMVPBYPyTxo5QkYiNzvdT8lZLPqDT9hsQw7mqgQUSmmRghZCk9rxs4mYUadZGaB4VFE2uFAiXV9DojD7PwsB3uLRxIjLatyGizemHeNMyr0pJHicKK01xtfzyUGgTYcdeP9pDVPzweou4tnhoDCZVLxT-CiH8C2cPYw8p55gZX1nDjTdYoC_8ztkvgmAbFIwYcNBrUn-Z5N1SAMIWdL5GZGz_9gc00bo9ed0hiJfpZ3G9rKcapnEUwBeYvD2cdVF3KwX4TlEs04fme9DVZd7I2d_vHm767UgB9OEb8GQPuccbxU5iFI4iuqhcVfldZIEZbdrHUie2_VGTbEVd4YRY_S3gu4T1kXzrNZm4FQvyL9xwjzzqw2Ims9PVMSQFjhlY--QNEe3w_s7X90arydQDFA82nnXEUAz1getX7uTj2I2aOREmxXJxkOvXVe5NzaMLHskO1O0h71SGF363fazTLyVyz0XWRwFh3O17KR47maQ_Mloz8pRoMSByajKFSH9IqsJKyA0EKcLN8oP2HfpIk5HIiqpAGFKx11q1MdbXYsp-0oGpHlhoqK_wD-lkT7unzoEvpaM_K0J3O2szQ8SN1wvWvONd5An6w-Kyvwo8p9Jw7CMeDTh-LErs009QX5q_62jEC3M5s1reSJFfIh_bCpmF8c-Q9BnT4Y4MUa9Az1yMX2cQecSP_TS18GDrMYlfUWeXX-l806dmab1rF_c0C3kL9lnudnGiTxGB54zl9rJ6_fXUjvRRSzS-o2Q-6cmRdQPek58znyOSrI8cSpPzFiru-FQFeA49ZphT6QUPjZK40UbWMnf2P0xnyBLHZeuAz_rNn8ulP2P5GB-ZZePyQkebtGw0aqRh9iR-AC943U3ok88_K8rS2frMc3EkzqVhrjoHWIAT4mq4w9MRmryioEJxdeJnaScMsURlYUaYsCxun95KQqZrxrE4eFS8f3-ioFm-Ncoc67Bf9Z0kSZsKrdqc9t24A60sUvMo26bYC_SD9QL-SnyUgRJQkAZOyCch3IdRVyeoEe-XgmrqPCmc3a7n5Ft8ClKaM7kSfXGnsjQL1EHafu0DfMqwvEWTCMlRw8qOg0It08biRjFHYLbAFQOy48tCYkBx7rH2DwWglpjvuMlXsD7B7-jPin-bG6v-nPpnPynVMnMhRzId1smaNi85kuStrtsva7ehjou69y2LEHplDMEDDsdumxOGjFSGLowLKI5m-vylock0gT5qV8cePqGyBEiR9zPGrW_sQvmm9lhMLVeyTNzprY6Qvv5FNhximojGoNizdxITkkkJyfv50KC6SsTtlZrWxH0XVVn1Kpa-Ftim23alchW24cA0cQ&cid=CAASEuRotneYUZkyxvjikf_-ycFkxw&rfl=2%2Chttps%253A%252F%252Fnews.yahoo.com%242%2Chttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-6-0%252Fhtml%252Fr-sf.html%240

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3c7f2cf92e4d06cc77e142f9ddf40068d40d9132da0f91977bc4cd99bf25c7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A94 42 B
63 B 75ms
53ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsI3-feLg6Uebud-SMwE3A7_yF3FAh4kekTlkhTjvfbmxCe0BQYy6xj54FTykvRdHXZkAecRapTsVPTxwncMmMmrqLlfA4LzTB4IuNKx9eiOWtB6g

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3A94 3 KB
1 KB 63ms
25ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:47:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A94 123 KB
38 KB 72ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 16:49:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3A94 14 KB
6 KB 57ms
21ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:46:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A94 0
0 48ms
24ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4TbND-ym2I65pen_jU1g8Qguy1p5z9_CIf_aVDr7Kp_3MQgXoqFmZWg8ifo1phLbjQeZXiCWHaKuKAP9fdQO3IY_wAQ
Requested by: Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C8E 17 KB
6 KB 62ms
39ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 16:49:10 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 34C2 668 B
325 B 29ms
28ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkrjB9ILLb3A4tkZTCNZv9wSGfbvlnRYGTGHXvdIhEoPWiKQulvzec2zYhYIwI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 15 Oct 2021 16:49:10 GMT
server: cafe
cache-control: private
content-length: 304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6DFA 25 KB
13 KB 49ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvWmSiijc5pciLrJKt9Biru6jfoOs9V7TFrcBsacd5-P-FzUzodXUFSOMrovXhe11eCU7HSgndeZ2siqnvYfvg7fNnorSYZS5qaNg_-rrUMIBC1h_1mn7axb41T3RuNuPj8KdiDgIIst0v9XlB6zzl2tASg&cry=1&dbm_d=AKAmf-BwZdCzmAgXoKvlon-6IcPmMBwjzGZHzNYFNu6oh-TZfxIqsTIIlfShNfeuFG9wVImHOuc-L4_D8PWGq2-fwfjPDQWYHsVf0uy-zsJv960puMc-cXxJaj3nGXVcwia-j1PfkpUty-sdH6whttc17Il58CO_YOxWOVQdPq9KSLKAVgb7cqPY4j1wW_QPU4OhpjgcmvPXU1WTRVSotl3ZlWzQF8jTW16cSMT06VG846kSn9GIeSI6Ozx3CLGK9ADe3u2N6k-SMSw8lahOVKhoumO0HgmpG71hLMwzVw4xo8f7DFemBU27SnDGywO175ktc0M93-ueJQx7U9C6EK2mElx3YqVvhkyMM-Yc1dbc4yVozVNKlXQUHjfdtFwIiCnTmvUT5piGXPOco6riM59EWxYHxfa3DYHvziE_Baca7hv4lLkJOc3DD6UwH8r8mXKfobbd6_ocfqpatmtShOc6IZhqoxA2mfhnHixQMHR17fEbUisMx77qKYumLxJtl46NcMz0JvSiTskeMqTPqxuJ7GEZ7p1gZAa1LKKdfI2Oo_Z39LTeOmfZFOtDH9qWf86xroMFqIEvTD2HPCzxxiDYJqK6r4soh1Z6mhM3JreU6LKgITAIup2EKDZ5YjMX1gfjyrTv0sc1z6G5JhNKDTqfL507jK6HDNzZILAu9uMeniwtK_CGfKxNnP-bF4IW_oojSxkU-ESO-r4q8e5NKT_K1m2p7hJwxf50POuC3DkXqoBg7_TZe7OUsWUI1TLRrToU2G9QeSjen9kfRJ8AOF9gOryMMAToDEIqcgoFQ8a_iGVqH7sWQdCpSK1VM0qJbrM2vu1Haz7lg7qYxcaXqKZ09r5Exk80PkbeegoZCUzzkYcNY-ocMQDbp2ZPR80en2BiqCFutd8MXufh3U7Fb6QoaYVvzNLa9_h3QBBwNbClaamztBEIVPJEvQVcFx_rhvyuOYV3CzcqP1wWD4HnQ6CLWDT86vlqbw5sDuExK6lHLCQSzOpHN0WnHzpm7Nq5IxJEUgZ6L-iqRibmMOJtX52KJGFBfxT60gKbIiLnYgB8jl23xKJaCztguEy2FzUp7C4hGakhQpz57NsY9IXD-35M2e6HjdnhDkdWkI9iIOE0Q0a2B-tKIrGW16H3lBc8KbH8VORr27eGvPauHGdCmKiOafYDF9oYfTrTQMMRojnU1x9dV11Ldl7Umva6rvQbiWFDr-zXj6xbFNAyF9N6ePLHkdM3hJMC_P1QTOdUeX1kqQhFzbCsiTO0KNOpZwGATPHXt0u-4jHFxu08vl2MvOSiYfs-Irnop45QgFaL5cgeN7rHjA3MGcNmb_SZg0Xvqi8nxfg-uN1aYWC4ghxPPXeSRZ5B53IsiObHMPV5K-gIgeq8o2r3l8AOw68H8beMYPsRhXrjGZGieoMsvFSCe0JY36rV4AcB0FiVTQFySRLqqpPen2n0CbZKi0QVFPZkq83z1Y5P08_VJJU13ZgCZlWxKbr0StBulfuPVEpctGT_jGyW64r1Bszne4FuhfRRb8snLCHAAzpSSrJvADN92zuDiadru2tgplf4lVsUw7FNdLTQNGt_W9UJbgcBhJumuaUwAoZV5vLXQ8-hk5CazboyqKxa4t8sqfsrZCTczCh3fcIKV8az3ZzjWmA2mdDaGtBnjKYfQ0Sc5ZapxMGldb925jxd_BnQHxTu7ZrSkPn1cToMobdgzkADMu-mRhnlC5kI6g15u_SBo6bPdJVz2KBCgeUQQk-bFEeft4K02frRQvvgYu6MKpEKQSpc7yzGbWFXNVSVisgrqBDStFI45f0utsoNotp1BOprYMTA9c-SCmYAnDMQKieg9U0TB6nVTsRLdVDxTK8fBuW05cBs2kfWgb_2jhm1_aJqI3lfrwghQuF6PTRtUu684KtdlSobFiPufmzECCCsr1bTQilUASGceFwacgV6fDEmrOmtsk2JC3Tkq0-g-0puCGAFIOi_CpFErFcKWKkePPugiZwAKQy3r5ABipHSsQGTAkrVlVg1vigBdXAe4JFCYVQFTeOYhsDB8Fx1cgBn-e88Uq9iVrJ9PUC59NJuGMO7CHmLbc8O-rJBLpaz81fmcrs4Oks9J3zjWQUN-NhBvTC1SikdOTE9tF8zQDaL8eyQd3pXxB-8KDf9MsXbTckV4r9K575s9__WRLD9pitQGS_uStK5NM6gSa4zLSEB8SdALK6ABS6MPbV4SLotKX_t3JvWZkKx8plsjCj8Q7Sn-xYLBQ13RNytTRHZyXx9KIAvXrKmIavzHPt-4cAsGCHR6XNsq20RcEJumU3WOok9THMHgEsNmwyRF4oTQRYRijzOW1059503TFv74N1SdCFnh7Ou2o0XoAEUVn8L90vBd1tR40FvUuF_XxEM5e_E8CAl2sILZ4H6MbRBVVppHuFN-rPlzbKrq2-sEuRRSlvCu3dt19yxUSTpHL6ab6IzsV6k9KBb7m8P2nTh-QqzsgbCjkh1IV1MoFzBAnWbWx4EjcfN67JSGcjXl8lvBTniym-7C8jbIZC86eeIlC2PgnUy_vq0owrC4OwURbB3aiWj-AR1y3_NtmrRymL77PuDUlOiOcYyXFzpsq8BJ00vmA80oDw1QpKp-Hqi8sV03M_RJep-w34sG-ZylTa11_QDrVRDggspRRBISw05BrfMtBl3GXwwj7DqLxQ7zFWma3KTa-9vyd8QCKy-hq_qm5CM1Sa4ikOUdl96Eo9N5PEWpMNKW0GbcZSLTEktL2bXefUaKmZ-3XBFnxsn79PYgTbdpn6_ilTcKOrPers7mtmtlBN_DvPgYiv5cgfa6RanlT1E-a2EQt0g4Te4-Uu9236VLs-w12vbWy9z417OBVro6frTFQxmWBZaikBeGzB9QEMAIGWyT_g4UW8mkwtWx0XKogzTsSRbraemRuv34061F6pmhSLQmrMG85kSLSoqyw7Fh3mmufae6wJRa3cg8K5ayZWtCSMp2ou2OMofFxZ8qFVzVDACrY3h7qJpO1Mla2sbkMvvHqEO0sPWHJ4FW8MU182OcNTq8Bo3uNkGJ4QB5iaSJpJfos1qi1_avplCxxJ27tQprRGc2zA7yjlLX8IQcppNViqSetMt0CH9KW-bc6GQr-sHFCz81aqvGoFKvzXPRw7kuEW-2XkUOeKArEgPWaomWgyXNFwTqyVIXT9hDZpaaxdu5yHwnwlcvGYJIf7sVVRQLJKFsPpmZ3Q47FQugOCdmYjo9g5xv7QCBBfTPl8vmjomIse0pw1mmQpNZRt4uBpCLSEPL4prWvmEhjafsCeNOCH_9u4RgllicGgai25kb8pEIlfXTIw40skzTlds-Vo6OKULAD6L7I3rvJzjrEijrVQnYzzQn8OJ-R2Wloi7mGU89JvWa9eh07aZXZH6mw6XxWMSrLUru3cdLGDlvQ&cid=CAASEuRoXbUF7WQuPySLlRDjI8aCug&rfl=2%2Chttps%253A%252F%252Fnews.yahoo.com%242%2Chttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-6-0%252Fhtml%252Fr-sf.html%240

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a42e632de0700d7ed583cf2b48cf4909cca22a2d6b448dd6344eb96e5a6deec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DFA 42 B
63 B 51ms
50ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1A9CmSwRdD6dogq8ma8ddxqXQX8aFQwqGcm4kPp5fP5GurD0aD110a_I4B0xfMBaYCDNvP1eSBf5dG2Ct4_CMyTuXE79Hb_wClQkTmTcvU3xtvlE

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6DFA 3 KB
1 KB 42ms
27ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:47:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DFA 123 KB
37 KB 77ms
63ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 16:49:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6DFA 14 KB
6 KB 31ms
17ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:46:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6DFA 0
0 26ms
24ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9bzVSrYSr7AcpFLrS_NC6jEq7ZTwb-Kv39OKGxcXBim5kXmwPm0qIp9kTLoWBqx0X-LeqJja646RUgf-YeR0HJNvWxg
Requested by: Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5849 17 KB
6 KB 62ms
61ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 16:49:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5C8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0&C=1

43 B
1014 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 16:49:10 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 319
Expires: Fri, 15 Oct 2021 16:49:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5C8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmxBkJ-vJwGBTn6HxeMGwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 16:49:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNtZvzLTlT_2dO9zUzYcj4&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 5C8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKibKsC_cJbDfciLxwHlw30&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKibKsC_cJbDfciLxwHlw30%26google_cver%3D1

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKibKsC_cJbDfciLxwHlw30%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVxIx5YZqMGz9-_oD12X_VqyMcCQZSimGnXy3yC6i3tYrHk2pxEs0HF286ZtUW9VGi-f0I2VOT3BE-qrUWjzqbU28cL_lAQaQq12gjLiSin1ipIpP8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
X-Proxy-Origin: 216.131.114.145; 216.131.114.145; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c9373586-899b-4eaf-9bc7-c425fc93f04c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
X-Proxy-Origin: 216.131.114.145; 216.131.114.145; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1b6dbf4a-b791-4184-ac0b-82a4006f0854
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKibKsC_cJbDfciLxwHlw30%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C8B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyMjExMzczOTY3OTQzMzMyMw%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyMjExMzczOTY3OTQzMzMyMw%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
X-Proxy-Origin: 216.131.114.145; 216.131.114.145; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 24e36baa-f4bf-419d-9e52-bf04252a044d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyMjExMzczOTY3OTQzMzMyMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 3A94 23 KB
9 KB 9ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-m-XUG1uvrQ0k3Ih9IUBxSb1cxFr8mnNLNyCBG82zzXTudR6bh5y5nXYD9-w34yO7yK4P-Cl1lH5YdFIwRaR4k7CaejmibjEH9FkAvEqgkhvsSH6LqEIn8rdqfHIVvtLTuh9xgrb0QKtxmKda_Ia_4kjGzg&cry=1&dbm_d=AKAmf-CKBxNIfC2BpVaPp8Y-Bek3AfQ_GWql_04x9UBIj0eFRvMwQ-KZbiC8SP7oHDnnzf9Ey6GZhct7ejt3hiPslZJQ4Xs-VOIxItn8iaucimYrxvuhW6K-Pkq3laSAgOCaoWMNkCy01FYReYQVDX4NIh7QQPc4p4MpwE80rw9YN3DkXm36ShPoXvYp9Mga1oR7ODlr6LzDxcsJ4kbpnonLCeTc-auQudXegB_DrNGDZbHH1GU7UXYOGzpmnpbr_dq4o1Oyyicuq8QjdXHGlZG1femINNXhCDs8_sXcNrN5GxkS1OLyS_9OjXjtpa-RhYM_jsmMmRkj5ZHiDO59AYsF8KFI4qhUPvZMiGWP3GTnYsBJkN5VMGD00YLS8QsEiOkTnWZpBfszOlG8EGYrq14pMXsyuNptyqUG5IA62XcC_2ZPIm1h82TUSe5XjQCTywJkM97-qZyn2BTJ0Z_g63uWI51CwSVF7vTjiPXEJmcVDM7A3u7kxtz8jNAD4uwVKSyAC-1m172V2A74HWAU4ttkD5ZHdgQjbVXHWCNblkWosBOLPrj5WQz6bcBGGXQmdzOq0cby9nYBPNerZ-YLcjWzelx1SCx4q1IBdY7aUbPV89gcOYpQwbjNoVuMEXADo6O3nBRCbQAV26afB31LxqI2hfUQR8lgyHvqS7BBedyoERffJXaioYb5WtzKnHdtySVC8s05S1h1b0fi3I6aKievy54GsDt9HXxVty4ZQvXpPL4Fhs2Cv72HNTMfNGkkeJW60EqhwXA2QAF4zFheXGvNU2ZDQpwK73bI9pgOi0x-sS-MoariwkRD92dJLrpnlScT5cO6irSp6U_YhpTlxfaXzAWYrCZTTwBtcw4T8smVE5O_clbu6tfUHhNmHTXBFlXyV2zNaRN9lxY8LwFa66KtHvptIcbtOo2d0LD1bMXmYwGxLolxFobyWc6CoFFxMWtf7cIszHg2OqaqiEpjy1qOrYNoLGRw_6DqQp58Xv4IJywXM1PfQ0-Db-gbLBH5bNFNLdrwI221l3ZtqX05LP3O2fBvofWSsxMOgqiSBIeLXcNjUCivGr-N_jgjx3UtHGbkXXEFNn8YlhdwmalI4Veriu8-49youi7qJoHA3N_3T7GYGKhNv8piI1TABBnjVXD1jYBJQ-HJKJyl5Q45eHAKDaC6Cp7ExC789A5FSrv943KsHl8_00cEYIEvAs3Wh8a8w8Rxh1jP2CLWH_6Bi_OhrAi6CACHnYqW4IDVSpQkr59LqaTp1XEoBEfyF3GT5NsplJe4voJmpwAdRcxrtfSZ97UULYilLOg7KtRrLZ-dXIA-GFucoDZPLmwDieuA6k5rrwUhzXR-TqGY_rhEbjlvBputAPFDta9xxp_gBlG-53wPCMb0emqJPT7a9hHI-FKNgo4v7KFb2P4zdVeMgKt8aZVIKtVw6IFTicJY6FhGiiZChGgRqFq8M4sITaU0VDBebSTAVKHGV0SxjQ_yVnYkWGLdxYFR9_CS3VRYwDr_n-uDaxc1Jgie07THOYfKTH3H-YeOF4tBHZdgySkUESKzWN_FM3absy9-EiG3nTBDk8Ap-ZNSTbdCDjD9IoYe2RVG7hQK3FpU8WMUy12qXBxzZq18pATI-S0AWo4LMc61ia6fqPu2upYBpVo3NtECSq3kdV2Y5hBCFuN2X0HkfU-EKRMiqBQm79gx_0-TGF3i3cqfM4WZXMakgGv0bUHI0ieLzFHUTb2-h5ty6OGTCBmCiLPF9QEfIGla6Pdn6_uhC3wLfV05MR7lkxp1xDsOy9J3K7m_AqgoJwX04SVNYDYGNFdhFn9Slnx4mKmlHAWFjjfQzh78RsTolUc9thAItnp2CyiIEijK57NYlsBlmgoO5-7QeZynanov0NoqwzpY_8D7VfUo4XWENZnqdSloBxnpYjYmHQRIMKBeI2dtzOZ9nwkvGltsu2oEOlk8rwGL66sxeuGQluEq8WEIO5zkgV7eUrUKjtPAqFYrK0FKtfzKfGipY3a6_btT8Pec7qnj1tOlZ2tUAVld5S4LFHV8HQzIKCyy5wasggdsZwRjnotbwl6uPzogMVPBYPyTxo5QkYiNzvdT8lZLPqDT9hsQw7mqgQUSmmRghZCk9rxs4mYUadZGaB4VFE2uFAiXV9DojD7PwsB3uLRxIjLatyGizemHeNMyr0pJHicKK01xtfzyUGgTYcdeP9pDVPzweou4tnhoDCZVLxT-CiH8C2cPYw8p55gZX1nDjTdYoC_8ztkvgmAbFIwYcNBrUn-Z5N1SAMIWdL5GZGz_9gc00bo9ed0hiJfpZ3G9rKcapnEUwBeYvD2cdVF3KwX4TlEs04fme9DVZd7I2d_vHm767UgB9OEb8GQPuccbxU5iFI4iuqhcVfldZIEZbdrHUie2_VGTbEVd4YRY_S3gu4T1kXzrNZm4FQvyL9xwjzzqw2Ims9PVMSQFjhlY--QNEe3w_s7X90arydQDFA82nnXEUAz1getX7uTj2I2aOREmxXJxkOvXVe5NzaMLHskO1O0h71SGF363fazTLyVyz0XWRwFh3O17KR47maQ_Mloz8pRoMSByajKFSH9IqsJKyA0EKcLN8oP2HfpIk5HIiqpAGFKx11q1MdbXYsp-0oGpHlhoqK_wD-lkT7unzoEvpaM_K0J3O2szQ8SN1wvWvONd5An6w-Kyvwo8p9Jw7CMeDTh-LErs009QX5q_62jEC3M5s1reSJFfIh_bCpmF8c-Q9BnT4Y4MUa9Az1yMX2cQecSP_TS18GDrMYlfUWeXX-l806dmab1rF_c0C3kL9lnudnGiTxGB54zl9rJ6_fXUjvRRSzS-o2Q-6cmRdQPek58znyOSrI8cSpPzFiru-FQFeA49ZphT6QUPjZK40UbWMnf2P0xnyBLHZeuAz_rNn8ulP2P5GB-ZZePyQkebtGw0aqRh9iR-AC943U3ok88_K8rS2frMc3EkzqVhrjoHWIAT4mq4w9MRmryioEJxdeJnaScMsURlYUaYsCxun95KQqZrxrE4eFS8f3-ioFm-Ncoc67Bf9Z0kSZsKrdqc9t24A60sUvMo26bYC_SD9QL-SnyUgRJQkAZOyCch3IdRVyeoEe-XgmrqPCmc3a7n5Ft8ClKaM7kSfXGnsjQL1EHafu0DfMqwvEWTCMlRw8qOg0It08biRjFHYLbAFQOy48tCYkBx7rH2DwWglpjvuMlXsD7B7-jPin-bG6v-nPpnPynVMnMhRzId1smaNi85kuStrtsva7ehjou69y2LEHplDMEDDsdumxOGjFSGLowLKI5m-vylock0gT5qV8cePqGyBEiR9zPGrW_sQvmm9lhMLVeyTNzprY6Qvv5FNhximojGoNizdxITkkkJyfv50KC6SsTtlZrWxH0XVVn1Kpa-Ftim23alchW24cA0cQ&cid=CAASEuRotneYUZkyxvjikf_-ycFkxw&rfl=2%2Chttps%253A%252F%252Fnews.yahoo.com%242%2Chttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-6-0%252Fhtml%252Fr-sf.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:47:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A94 41 KB
15 KB 18ms
17ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 34C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0

43 B
180 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKemanlztg_asLW6U321Kn0&google_cver=1&gdpr=0
date: Fri, 15 Oct 2021 16:49:10 GMT
via: 1.1 google
server: OXGW/16.217.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 34C2
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTA0YjkwYmMtZmI0Yi0yYzc5LWVmOGQtZjdlNDlmYWEzNzU0

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTA0YjkwYmMtZmI0Yi0yYzc5LWVmOGQtZjdlNDlmYWEzNzU0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Oct 2021 16:49:10 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTA0YjkwYmMtZmI0Yi0yYzc5LWVmOGQtZjdlNDlmYWEzNzU0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 34C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
https://sync.teads.tv/um?eid=3&uid=CAESED6l8biUHmlP_0Hb2nIlRpk&google_cver=1&gdpr=0

23 B
172 B

49ms
31ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESED6l8biUHmlP_0Hb2nIlRpk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 15 Oct 2021 16:49:10 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESED6l8biUHmlP_0Hb2nIlRpk&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 34C2 23 B
172 B 76ms
33ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYyriRLzAB&v=APEucNU19utbQTMxivRya5EdkEBxubxKtoGQnpAJU6jB8xdd5XNMqs5X7n3DYPNbs74FMezipgzvJ-xe8sjWwMcqnVe2B-G16KfxFXGqZInJ_9a4veDrriI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 15 Oct 2021 16:49:10 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK dfkx1snbhmf9 Show response
hal9000.redintelligence.net/zone/ Frame 3A94 11 KB
4 KB 41ms
11ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/dfkx1snbhmf9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D
Requested by: Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 54eb3423038d92642f525ac04569df4a465fac4f5a16fd698d6a3d60f3b646d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3995
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 6DFA 23 KB
9 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvWmSiijc5pciLrJKt9Biru6jfoOs9V7TFrcBsacd5-P-FzUzodXUFSOMrovXhe11eCU7HSgndeZ2siqnvYfvg7fNnorSYZS5qaNg_-rrUMIBC1h_1mn7axb41T3RuNuPj8KdiDgIIst0v9XlB6zzl2tASg&cry=1&dbm_d=AKAmf-BwZdCzmAgXoKvlon-6IcPmMBwjzGZHzNYFNu6oh-TZfxIqsTIIlfShNfeuFG9wVImHOuc-L4_D8PWGq2-fwfjPDQWYHsVf0uy-zsJv960puMc-cXxJaj3nGXVcwia-j1PfkpUty-sdH6whttc17Il58CO_YOxWOVQdPq9KSLKAVgb7cqPY4j1wW_QPU4OhpjgcmvPXU1WTRVSotl3ZlWzQF8jTW16cSMT06VG846kSn9GIeSI6Ozx3CLGK9ADe3u2N6k-SMSw8lahOVKhoumO0HgmpG71hLMwzVw4xo8f7DFemBU27SnDGywO175ktc0M93-ueJQx7U9C6EK2mElx3YqVvhkyMM-Yc1dbc4yVozVNKlXQUHjfdtFwIiCnTmvUT5piGXPOco6riM59EWxYHxfa3DYHvziE_Baca7hv4lLkJOc3DD6UwH8r8mXKfobbd6_ocfqpatmtShOc6IZhqoxA2mfhnHixQMHR17fEbUisMx77qKYumLxJtl46NcMz0JvSiTskeMqTPqxuJ7GEZ7p1gZAa1LKKdfI2Oo_Z39LTeOmfZFOtDH9qWf86xroMFqIEvTD2HPCzxxiDYJqK6r4soh1Z6mhM3JreU6LKgITAIup2EKDZ5YjMX1gfjyrTv0sc1z6G5JhNKDTqfL507jK6HDNzZILAu9uMeniwtK_CGfKxNnP-bF4IW_oojSxkU-ESO-r4q8e5NKT_K1m2p7hJwxf50POuC3DkXqoBg7_TZe7OUsWUI1TLRrToU2G9QeSjen9kfRJ8AOF9gOryMMAToDEIqcgoFQ8a_iGVqH7sWQdCpSK1VM0qJbrM2vu1Haz7lg7qYxcaXqKZ09r5Exk80PkbeegoZCUzzkYcNY-ocMQDbp2ZPR80en2BiqCFutd8MXufh3U7Fb6QoaYVvzNLa9_h3QBBwNbClaamztBEIVPJEvQVcFx_rhvyuOYV3CzcqP1wWD4HnQ6CLWDT86vlqbw5sDuExK6lHLCQSzOpHN0WnHzpm7Nq5IxJEUgZ6L-iqRibmMOJtX52KJGFBfxT60gKbIiLnYgB8jl23xKJaCztguEy2FzUp7C4hGakhQpz57NsY9IXD-35M2e6HjdnhDkdWkI9iIOE0Q0a2B-tKIrGW16H3lBc8KbH8VORr27eGvPauHGdCmKiOafYDF9oYfTrTQMMRojnU1x9dV11Ldl7Umva6rvQbiWFDr-zXj6xbFNAyF9N6ePLHkdM3hJMC_P1QTOdUeX1kqQhFzbCsiTO0KNOpZwGATPHXt0u-4jHFxu08vl2MvOSiYfs-Irnop45QgFaL5cgeN7rHjA3MGcNmb_SZg0Xvqi8nxfg-uN1aYWC4ghxPPXeSRZ5B53IsiObHMPV5K-gIgeq8o2r3l8AOw68H8beMYPsRhXrjGZGieoMsvFSCe0JY36rV4AcB0FiVTQFySRLqqpPen2n0CbZKi0QVFPZkq83z1Y5P08_VJJU13ZgCZlWxKbr0StBulfuPVEpctGT_jGyW64r1Bszne4FuhfRRb8snLCHAAzpSSrJvADN92zuDiadru2tgplf4lVsUw7FNdLTQNGt_W9UJbgcBhJumuaUwAoZV5vLXQ8-hk5CazboyqKxa4t8sqfsrZCTczCh3fcIKV8az3ZzjWmA2mdDaGtBnjKYfQ0Sc5ZapxMGldb925jxd_BnQHxTu7ZrSkPn1cToMobdgzkADMu-mRhnlC5kI6g15u_SBo6bPdJVz2KBCgeUQQk-bFEeft4K02frRQvvgYu6MKpEKQSpc7yzGbWFXNVSVisgrqBDStFI45f0utsoNotp1BOprYMTA9c-SCmYAnDMQKieg9U0TB6nVTsRLdVDxTK8fBuW05cBs2kfWgb_2jhm1_aJqI3lfrwghQuF6PTRtUu684KtdlSobFiPufmzECCCsr1bTQilUASGceFwacgV6fDEmrOmtsk2JC3Tkq0-g-0puCGAFIOi_CpFErFcKWKkePPugiZwAKQy3r5ABipHSsQGTAkrVlVg1vigBdXAe4JFCYVQFTeOYhsDB8Fx1cgBn-e88Uq9iVrJ9PUC59NJuGMO7CHmLbc8O-rJBLpaz81fmcrs4Oks9J3zjWQUN-NhBvTC1SikdOTE9tF8zQDaL8eyQd3pXxB-8KDf9MsXbTckV4r9K575s9__WRLD9pitQGS_uStK5NM6gSa4zLSEB8SdALK6ABS6MPbV4SLotKX_t3JvWZkKx8plsjCj8Q7Sn-xYLBQ13RNytTRHZyXx9KIAvXrKmIavzHPt-4cAsGCHR6XNsq20RcEJumU3WOok9THMHgEsNmwyRF4oTQRYRijzOW1059503TFv74N1SdCFnh7Ou2o0XoAEUVn8L90vBd1tR40FvUuF_XxEM5e_E8CAl2sILZ4H6MbRBVVppHuFN-rPlzbKrq2-sEuRRSlvCu3dt19yxUSTpHL6ab6IzsV6k9KBb7m8P2nTh-QqzsgbCjkh1IV1MoFzBAnWbWx4EjcfN67JSGcjXl8lvBTniym-7C8jbIZC86eeIlC2PgnUy_vq0owrC4OwURbB3aiWj-AR1y3_NtmrRymL77PuDUlOiOcYyXFzpsq8BJ00vmA80oDw1QpKp-Hqi8sV03M_RJep-w34sG-ZylTa11_QDrVRDggspRRBISw05BrfMtBl3GXwwj7DqLxQ7zFWma3KTa-9vyd8QCKy-hq_qm5CM1Sa4ikOUdl96Eo9N5PEWpMNKW0GbcZSLTEktL2bXefUaKmZ-3XBFnxsn79PYgTbdpn6_ilTcKOrPers7mtmtlBN_DvPgYiv5cgfa6RanlT1E-a2EQt0g4Te4-Uu9236VLs-w12vbWy9z417OBVro6frTFQxmWBZaikBeGzB9QEMAIGWyT_g4UW8mkwtWx0XKogzTsSRbraemRuv34061F6pmhSLQmrMG85kSLSoqyw7Fh3mmufae6wJRa3cg8K5ayZWtCSMp2ou2OMofFxZ8qFVzVDACrY3h7qJpO1Mla2sbkMvvHqEO0sPWHJ4FW8MU182OcNTq8Bo3uNkGJ4QB5iaSJpJfos1qi1_avplCxxJ27tQprRGc2zA7yjlLX8IQcppNViqSetMt0CH9KW-bc6GQr-sHFCz81aqvGoFKvzXPRw7kuEW-2XkUOeKArEgPWaomWgyXNFwTqyVIXT9hDZpaaxdu5yHwnwlcvGYJIf7sVVRQLJKFsPpmZ3Q47FQugOCdmYjo9g5xv7QCBBfTPl8vmjomIse0pw1mmQpNZRt4uBpCLSEPL4prWvmEhjafsCeNOCH_9u4RgllicGgai25kb8pEIlfXTIw40skzTlds-Vo6OKULAD6L7I3rvJzjrEijrVQnYzzQn8OJ-R2Wloi7mGU89JvWa9eh07aZXZH6mw6XxWMSrLUru3cdLGDlvQ&cid=CAASEuRoXbUF7WQuPySLlRDjI8aCug&rfl=2%2Chttps%253A%252F%252Fnews.yahoo.com%242%2Chttps%253A%252F%252Fs.yimg.com%252Frq%252Fdarla%252F4-6-0%252Fhtml%252Fr-sf.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 16:47:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DFA 41 KB
15 KB 17ms
16ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2850 12 KB
5 KB 17ms
17ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 15 Oct 2021 16:28:10 GMT
expires: Sat, 15 Oct 2022 16:28:10 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6019 783 B
535 B 17ms
16ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

c6231614835f10f8da48bd2ee62b7414d400b70c9aaf256af29b33119256f5e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OrF/96GB6V6WOuZlSpIlqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 15 Oct 2021 16:49:10 GMT
date: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OrF/96GB6V6WOuZlSpIlqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ECE0 22 KB
8 KB 17ms
16ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 120845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK j9vjvxztr9lv Show response
hal9000.redintelligence.net/zone/ Frame 6DFA 11 KB
4 KB 33ms
12ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/j9vjvxztr9lv?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D
Requested by: Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 1ccf1a93318ed1a7ad44e0a240d5248b3799787dcd1fbfd977c1b29c8ebdec2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4000
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 604B 22 KB
8 KB 16ms
16ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 120845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 62A3 12 KB
5 KB 17ms
17ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 15 Oct 2021 16:28:10 GMT
expires: Sat, 15 Oct 2022 16:28:10 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2952 783 B
535 B 16ms
16ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

1c21ec00b528369f3421aad6571e08fdbc2f376c6c63707ab37e12b971bfa3e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fGhnmfTpZAEqN31Y7jklnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 15 Oct 2021 16:49:10 GMT
date: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fGhnmfTpZAEqN31Y7jklnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame 3A94
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

108ms
79ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=8277227028938&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 28a3b8591cbab5453df21909735beee41034c42bb49d1172254aff9cb769c031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 20728700132478500628834011748014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 895
Expires: Fri, 15 Oct 2021 17:49:10 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=8277227028938&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 15 Oct 2021 17:49:10 +0200

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 6DFA
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

96ms
75ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=9849864635837&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 50d739334df964f1e462e5ba8773b97dd9d3548888953630d2ff5b0f247197ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 28277600114525600628838011748021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 894
Expires: Fri, 15 Oct 2021 17:49:10 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=9849864635837&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 15 Oct 2021 17:49:10 +0200

GET
H3 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2850 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H3 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame ECE0 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H3 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 604B 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H3 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 62A3 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H2 200 p
geo.yahoo.com/ 43 B
96 B 37ms
37ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1197618800&pvid=KU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-6-0&D_l=274%2C-1%2C-1%2C-1%2C-1%2C-1%2C-1%2C276%2C3048&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=7%2C11115385%2CLDRB2%2C728x90%2C999999%2C999999%2C999999%2C0%2C0%2C198%2C1%2C-1%2C26803112%2C-1%2C2%2CKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3A-1%3ALDRB2%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C0%2C1%2C0%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttps%253A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%253F_guc_consent_skip%253D1634316575%2C%2C1%2C2%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B7%2C11115211%2CLREC3%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C220%2C1%2C-1%2C26803111%2C-1%2C2%2CKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3A-1%3ALREC3%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C0%2C1%2C0%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttps%253A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%253F_guc_consent_skip%253D1634316575%2C%2C1%2C2%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B7%2C11115211%2CLREC4%2C300x250%2C999999%2C999999%2C999999%2C0%2C0%2C390%2C-1%2C-1%2C26803111%2C-1%2C2%2CKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3A-1%3ALREC4%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C0%2C1%2C0%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttps%253A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%253F_guc_consent_skip%253D1634316575%2C%2C0%2C2%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22LDRB2%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fter-adserver-origin-us.prod.adtechus.com%2Fadcount%257C2.0%257C5113.1%257C4830385%257C0%257C225%257CAdId%3D-41%3BBnId%3D1%3Bct%3D4180169517%3Bst%3D10426%3Badcid%3D1%3Bitime%3D316545259%3Breqtype%3D5%3Bguid%3D4sa9an1gmjc80%26b%3D3%26s%3Dln%3B%3Bimpref%3D1634316545952640821%3Bimprefseq%3D110908219198551641%3Bimprefts%3D1634316545%3Badclntid%3D1004%3Bspaceid%3D1197618800%3Badposition%3DLDRB2%3Blmsid%3Da0ad00000089OcyAAE%3Brevshare%3Dlmsid%25253Aa0ad00000089OcyAAE%25253Brevsp%25253Aafp%25252Ecom%25253Blpstaid%25253A5f0c6633%25252D86b7%25252D3bde%25252D86d9%25252D08285cce3cc2%25253Bpt%25253Acontent%25253Bpd%25253Anon%25255Fmodal%25253Bver%25253Aarticle%25253Blu%25253A0%25253Bpct%25253Astory%25253Bsite%25253Anews%3Bpvid%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3Bsectionid%3D149676551%3Bkvpgcolo%3Dir2%3Bkvhashtag%3D1638500%3A12811000%3Bkvrs%3Dlmsid%3Aa0ad00000089ocyaae%3A5f0c6633-86b7-3bde-86d9-08285cce3cc2%3Aafp.com%3Aarticle%3Apd%3A0%3Acontent%3Apct%3Astory%3Alu%3Asite%3Anews%3Aver%3Apt%3Arevsp%3Alpstaid%3Anon_modal%3Bkvssp%3Dssp%3Bkvctopid%3D1638500%3A12811000%3Bkvsecure%3Dtrue%3Bkvmn%3Dy403552%3Bkvy-bucket%3Da2-plutus-rr-4%3Bkvwiki_topics%3Dvaccine_hesitancy%3Avaccine_adverse_event_reporting_system%3Awhite_house%3Astatistics%3Amisinformation%3Avaccination%3Acenters_for_disease_control_and_prevention%3Atucker_carlson%3Bkvsecure-darla%3D4-6-0%257Cysd%257C1%3Bkvadtc_dvmktname%3Dunknown%3Bkvadtc_dvosplt%3Dwindows_10%3Bkvadtc_dvbrand%3Dgoogle%3Bkvadtc_dvtype%3Ddesktop%3Bkvadtc_dvmodel%3Dchrome_-_windows%3Bkvrepo_dvosplt%3Dwindows_10%3Bkvadtc_dvosversion%3DNT%252010.0%3Bkvadtc_crmcc%3DUNKNOWN%3Bkvadtc_crmnc%3DUNKNOWN%3Bgdpr%3D0%3B%22%2C%22dur%22%3A103%2C%22st%22%3A68%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Feu-central-1-web-oao.ssp.yahoo.com%2Fadmax%2FadEvent.do%3Ftidi%3D770771327%26dcn%3Dbrxd4464051%26posi%3D783797%26grp%3D%253F%253F%253F%26nl%3D1634316545800%26rts%3D1634316545677%26pix%3D1%26et%3D1%26a%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-2%26m%3DaXAtMTAtMjItMTEwLTIyMA..%26b%3DMTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7O2E1MGI1MzE5ZTRmOTQxOWJhOGJhZjFkNjcxNmFjNjJmOzI5NDYzODY4OzE2MzQzMTE4MDA7OzA7OzA7O3Bhc3NiYWNrLTE4Mzs7%26uid%3Dy-Ckr2FztE2uoear3f9rQ_H5EKZpXb%257EA%26tsrctype%3D2%26xdi%3DPz8_fD8_P3xOVCAxMC4wfDE3%26xoi%3DMHxERVU.%26hb%3Dtrue%26type%3D5%26af%3D7%26brxdPublisherId%3D20459933223%26brxdSiteId%3D4464051%26brxdSectionId%3D149676551%26dety%3D5%22%2C%22dur%22%3A70%2C%22st%22%3A68%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2021101201.js%22%2C%22dur%22%3A38%2C%22st%22%3A116%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D58269%2C55940%2C58294%2C55953%2C55936%2C58160%2C55938%2C55829%2C55859%2C58222%2C55986%2C57926%26referrer%3D%26limit%3D12%26us_privacy%3Dnull%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A28%2C%22st%22%3A68%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A22%2C%22st%22%3A67%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%2C%22LREC3%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fter-adserver-origin-us.prod.adtechus.com%2Fadcount%257C2.0%257C5113.1%257C4830388%257C0%257C170%257CAdId%3D-41%3BBnId%3D1%3Bct%3D4180169517%3Bst%3D18717%3Badcid%3D1%3Bitime%3D316545285%3Breqtype%3D5%3Bguid%3D4sa9an1gmjc80%26b%3D3%26s%3Dln%3B%3Bimpref%3D1634316545952640882%3Bimprefseq%3D110908219198551650%3Bimprefts%3D1634316545%3Badclntid%3D1004%3Bspaceid%3D1197618800%3Badposition%3DLREC3%3Blmsid%3Da0ad00000089OcyAAE%3Brevshare%3Dlmsid%25253Aa0ad00000089OcyAAE%25253Brevsp%25253Aafp%25252Ecom%25253Blpstaid%25253A5f0c6633%25252D86b7%25252D3bde%25252D86d9%25252D08285cce3cc2%25253Bpt%25253Acontent%25253Bpd%25253Anon%25255Fmodal%25253Bver%25253Aarticle%25253Blu%25253A0%25253Bpct%25253Astory%25253Bsite%25253Anews%3Bpvid%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3Bsectionid%3D149676551%3Bkvpgcolo%3Dir2%3Bkvhashtag%3D1638500%3A12811000%3Bkvrs%3Dlmsid%3Aa0ad00000089ocyaae%3A5f0c6633-86b7-3bde-86d9-08285cce3cc2%3Aafp.com%3Aarticle%3Apd%3A0%3Acontent%3Apct%3Astory%3Alu%3Asite%3Anews%3Aver%3Apt%3Arevsp%3Alpstaid%3Anon_modal%3Bkvssp%3Dssp%3Bkvctopid%3D1638500%3A12811000%3Bkvsecure%3Dtrue%3Bkvmn%3Dy403555%3Bkvy-bucket%3Da2-plutus-rr-4%3Bkvwiki_topics%3Dvaccine_hesitancy%3Avaccine_adverse_event_reporting_system%3Awhite_house%3Astatistics%3Amisinformation%3Avaccination%3Acenters_for_disease_control_and_prevention%3Atucker_carlson%3Bkvsecure-darla%3D4-6-0%257Cysd%257C1%3Bkvadtc_dvmktname%3Dunknown%3Bkvadtc_dvosplt%3Dwindows_10%3Bkvadtc_dvbrand%3Dgoogle%3Bkvadtc_dvtype%3Ddesktop%3Bkvadtc_dvmodel%3Dchrome_-_windows%3Bkvrepo_dvosplt%3Dwindows_10%3Bkvadtc_dvosversion%3DNT%252010.0%3Bkvadtc_crmcc%3DUNKNOWN%3Bkvadtc_crmnc%3DUNKNOWN%3Bgdpr%3D0%3B%22%2C%22dur%22%3A100%2C%22st%22%3A78%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Feu-central-1-web-oao.ssp.yahoo.com%2Fadmax%2FadEvent.do%3Ftidi%3D770771327%26dcn%3Dbrxd4464051%26posi%3D783368%26grp%3D%253F%253F%253F%26nl%3D1634316545807%26rts%3D1634316545679%26pix%3D1%26et%3D1%26a%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r-5%26m%3DaXAtMTAtMjItOTgtMTk5%26b%3DMTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7OzllYzcwMjhhNGM4YzRjMGRiM2QwNWY4NDc4NTY2MjI5OzI5NDYzODY4OzE2MzQzMTE4MDA7OzA7OzA7O3Bhc3NiYWNrLTE5Njs7%26uid%3Dy-Ckr2FztE2uoear3f9rQ_H5EKZpXb%257EA%26tsrctype%3D2%26xdi%3DPz8_fD8_P3xOVCAxMC4wfDE3%26xoi%3DMHxERVU.%26hb%3Dtrue%26type%3D5%26af%3D7%26brxdPublisherId%3D20459933223%26brxdSiteId%3D4464051%26brxdSectionId%3D149676551%26dety%3D5%22%2C%22dur%22%3A71%2C%22st%22%3A78%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2021101201.js%22%2C%22dur%22%3A38%2C%22st%22%3A120%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fservice.idsync.analytics.yahoo.com%2Fsp%2Fv0%2Fpixels%3FpixelIds%3D58269%2C55940%2C58294%2C55953%2C55936%2C58160%2C55938%2C55829%2C55859%2C58222%2C55986%2C57926%26referrer%3D%26limit%3D12%26us_privacy%3Dnull%26js%3D1%26_origin%3D1%26gdpr%3D0%26euconsent%3D%22%2C%22dur%22%3A30%2C%22st%22%3A77%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Ftag%2Fjs%2Fgpt.js%22%2C%22dur%22%3A26%2C%22st%22%3A77%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%2C%22LREC4%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Foao-js-tag.onemobile.yahoo.com%2Fadmax%2FadServe.do%3FcTag%3Dad929115%26bcrid%3Dpassback-196%26brxdPublisherId%3Dbrxd20459933223%26brxdSectionId%3D149676551%26brxdSiteId%3Dbrxd4464051%26csrtype%3D2%26dcn%3Dbrxd4464051%26ht%3D250%26pos%3Dy403556%26req(url)%3Dhttps%253A%2F%2Fnews.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%26secure%3D1%26wd%3D300%26yadpos%3DLREC4%26ybkt%3Da2-plutus-rr-4%26ypubblob%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%257C%257C1197618800%257CLREC4%257C%257C%26ua%3DMozilla%2F5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%2F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%2F93.0.4577.63%2520Safari%2F537.36%26of%3Djs%26sd%3D1%22%2C%22dur%22%3A298%2C%22st%22%3A89%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fter-adserver-origin-us.prod.adtechus.com%2Fadcount%257C2.0%257C5113.1%257C4830389%257C0%257C170%257CAdId%3D-41%3BBnId%3D1%3Bct%3D4180169517%3Bst%3D21147%3Badcid%3D1%3Bitime%3D316545290%3Breqtype%3D5%3Bguid%3D4sa9an1gmjc80%26b%3D3%26s%3Dln%3B%3Bimpref%3D1634316545952640894%3Bimprefseq%3D110908219198551653%3Bimprefts%3D1634316545%3Badclntid%3D1004%3Bspaceid%3D1197618800%3Badposition%3DLREC4%3Blmsid%3Da0ad00000089OcyAAE%3Brevshare%3Dlmsid%25253Aa0ad00000089OcyAAE%25253Brevsp%25253Aafp%25252Ecom%25253Blpstaid%25253A5f0c6633%25252D86b7%25252D3bde%25252D86d9%25252D08285cce3cc2%25253Bpt%25253Acontent%25253Bpd%25253Anon%25255Fmodal%25253Bver%25253Aarticle%25253Blu%25253A0%25253Bpct%25253Astory%25253Bsite%25253Anews%3Bpvid%3DKU4i7zEwLjJOKSq4YWmxAAZgMjE2LgAAAAD5J24r%3Bsectionid%3D149676551%3Bkvpgcolo%3Dir2%3Bkvhashtag%3D1638500%3A12811000%3Bkvrs%3Dlmsid%3Aa0ad00000089ocyaae%3A5f0c6633-86b7-3bde-86d9-08285cce3cc2%3Aafp.com%3Aarticle%3Apd%3A0%3Acontent%3Apct%3Astory%3Alu%3Asite%3Anews%3Aver%3Apt%3Arevsp%3Alpstaid%3Anon_modal%3Bkvssp%3Dssp%3Bkvctopid%3D1638500%3A12811000%3Bkvsecure%3Dtrue%3Bkvmn%3Dy403556%3Bkvy-bucket%3Da2-plutus-rr-4%3Bkvwiki_topics%3Dvaccine_hesitancy%3Avaccine_adverse_event_reporting_system%3Awhite_house%3Astatistics%3Amisinformation%3Avaccination%3Acenters_for_disease_control_and_prevention%3Atucker_carlson%3Bkvsecure-darla%3D4-6-0%257Cysd%257C1%3Bkvadtc_dvmktname%3Dunknown%3Bkvadtc_dvosplt%3Dwindows_10%3Bkvadtc_dvbrand%3Dgoogle%3Bkvadtc_dvtype%3Ddesktop%3Bkvadtc_dvmodel%3Dchrome_-_windows%3Bkvrepo_dvosplt%3Dwindows_10%3Bkvadtc_dvosversion%3DNT%252010.0%3Bkvadtc_crmcc%3DUNKNOWN%3Bkvadtc_crmnc%3DUNKNOWN%3Bgdpr%3D0%3B%22%2C%22dur%22%3A111%2C%22st%22%3A90%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A23%2C%22st%22%3A26%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%5D%7D&t=1634316550235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H3

200

activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743 Show response
5994599.fls.doubleclick.net/ Frame AC32
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?

392 B
344 B

54ms
33ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

d5dbc73b7ead4f4e4958bfedf033993186e7ce0261fc3f0bed75efa919f818d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkrjB9ILLb3A4tkZTCNZv9wSGfbvlnRYGTGHXvdIhEoPWiKQulvzec2zYhYIwI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 15 Oct 2021 16:49:10 GMT
expires: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 15 Oct 2021 16:49:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame E837 4 KB
2 KB 33ms
11ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=20728700132478500628834011748014&a=a7c571db
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=4a13a65d21&subid=&uid=f837356b7fc3ede7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyzzOBbFpYfaNK4KgrAT2zIPAC7v6hIpXn8Oo5tEK8C4QASCJpu8nYLnwv4DYAcgBCakCjCB9w9N0sz6oAwGqBJACT9AVCcDSQd498TLTTYpJ6490Nsc4k7qmqYKYQUdPEEdnq9-fIzHiEVV4F5rKWxjRWAQb39xYbjBPysBYnzfF_7Z0kCEFsfFdE3eCxTzzGzP3F8aZL7eJfvRvcW3Dl72YiP5LClFRJiS56qrShqaOxVo_Ew2Uy6NWqObojsxyoiCTMUpySy5cVuHUkjXNKFY5HaZJxZO2vH4DL1hA7t8jGPZky4jPTXMQ9xfie2wItW1NYVnfqBBwtSo3pvRM4-eadMqZec7oJOpRhrR-tQ-JTiKMV4UM6Upb_u1l_Y7M7eFzPPuV4DWnig0RUI5vWdmujWRffgGijfWqDlTtisc0B1C7AJ9Q8c1cJj8-YW_HIBHABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRotneYUZkyxvjikf_-ycFkxw%26sig%3DAOD64_0lX394M_fLuqoq7mtAjvItBQUPYA%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-DF5YZJ_rkJ41UZs_wQNyIjnUjTzDOmdxOj_oXaXv2_Iiv2PjrIQtZIOVmwyUvPIVJyLenNj-vgR5YLjXi6NGaPs4ZMqV3IAy0Vd4CSl2n6HNCvNcbbUC8JlZxKSQyaxsEq8EnzCZ2dB3zZzZ_UayaW9m4hWg%26cry%3D1%26dbm_d%3DAKAmf-Dn2Ih83VVK0DeP-qsUsSo--e7aZebJlErAlMWtIJxhwkFaSGVq5HUAHZIyL0TIF-X9JSsgbbtcAovO8RFI2_S0hfqUXaBUKZvFgCy3gTVgngt7-m0zgUq5xcs4wbUqy2cUXcudK3Z_AuF9yXzZZqECGNq9L-pJsDA4rgPdwNPV0I2mvNyXbRLFMIola8T1gUZK1IPWMb4WGtKOeJk3pXN2LKNq4y6ILPCQkebuN0MiBbbaRmceNSe0qSN868JPhtskjU1RQIm9WyzUasgpev9qiwp0xc5RjH-qQk2bXth9YHHoI5v4DRWGsaaW1MmyPidP0yCNhcHqa7bmku_i1OffPjXPddO3wNBPTL-ENvHBA5vALIOIobB0fMHrENV62N6ivVZH9boRjQX69KOEu7jwdLV26e_lKOMo7fmGjo6qlhevDqLNAczQz2FZhQCgWYAkSfe2xhEpKGxS9bCVLA-j125cO7-fe7MWzGhbS-voVPUkNHWqylCzWaa7rrD48wVLzcr1%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=8277227028938&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e152b44156d34e6ac3b3d2440a0eeee8e19294ae24c762591b64c6857ab4b377

Request headers

Host: hal900014.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6e4eeb02e98fe8d0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 15 Oct 2021 17:49:10 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1536
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CF5 1 KB
749 B 7ms
7ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 70975
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3A94 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 841f6e9762a39bc2af58f9bdf73df4fcbd7ce21c8ebec334b7f0fc6d7c9e0cd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418 Show response
5994599.fls.doubleclick.net/ Frame FAA1
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?

391 B
346 B

39ms
39ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

acbd15c1ac3999355aaa90dcf89226bd1410eb49de4d2d2ff92c516ecb48068f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkrjB9ILLb3A4tkZTCNZv9wSGfbvlnRYGTGHXvdIhEoPWiKQulvzec2zYhYIwI; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 15 Oct 2021 16:49:10 GMT
expires: Fri, 15 Oct 2021 16:49:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 15 Oct 2021 16:49:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 9BDC 4 KB
2 KB 35ms
11ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=28277600114525600628838011748021&a=b347e057
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=j9vjvxztr9lv&nw=20&renderingType=javascript&namespace=faa60417e0&subid=&uid=29a17d6b41970b5f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCN0vxBbFpYeqILZ7a7_UPj8iA0AO7-oSKV97Njr3wCfAuEAEgiabvJ2C58L-A2AHIAQmpAlS1FResc7M-qAMBqgSUAk_Qf11nQXIch_RSWt8726wm-HRykWwZjTlPPGaX1BwL5TZ8_ncCgbr7-cK9cabT4eODYFGrQKtxygsYlVrFaeDbMmHRF18WY6HjsjqNzid6LCWWfzvDRaLqqe6mkV_-omzjGkac9jqk2kzV69os7GJkO6chH67e0orwmlH2dMwRSsFPGSZZsZc0ZflNvwRaN6LqlDCCY2JNOppik8cCJh1eozVcSTr87CCJVJ1pVueKpwI1-xytS6ssUd5bWK4m9k92LdtxOrWkLjDW3qt0o0bFolYZGfRGYLpXvESzmHgbC0XmqXTPo-LyCjPLRO6MX7hHxfCCdtuVn253Fpv7f3pQtXsU0jCnyKClmBGV_eg1m25Gt8AEmLKggcYB4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPa0LUK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoXbUF7WQuPySLlRDjI8aCug%26sig%3DAOD64_28yscZRufxdHS4VTLgrIPHJ7m0Ng%26client%3Dca-pub-5786243031610172%26dbm_c%3DAKAmf-BWNkWI_dwJ_k4QYJj1YUgFExOxuq-LJaMTCEsDAHd_z8WGhJDEM5Ra1U8Z2PZbj0qPBqked3rkBygk63L9vfGBlzICWZu_tfmY4hmg2rLewFNciEGi6ER2tJVeD3B5-B2BIaUHZXPDbvuTi3VLzp0UzyEySw%26cry%3D1%26dbm_d%3DAKAmf-DAREdSCyQg2A6p1aXF-6ue7z2XVf_4Hh1nTcdWEom5N0A3rCeIpmHwyD0VNBczNou7luAfwilzJ3JfUSm_y3Q_NjiUcaFpXj6g5g0dOXgLuzAk90W5WSPqEf1FQrOmSU0wLx8wfdmYLF6UD5ikcLkhXpbovIh7O89F8-g69KB0lSboT3TggYuMINChpLdgt9vNz6A4ug8TD3DA73QW16f9TIV6D5KEyapM_uvWwFlBPMyIiVHEt6dYLWP5AWrAuTDp3ygjhrj2O7iWwzVaDpofrQNmBuUyd4Gyh6G2RO_X72Y0XN2fDx_fnKGI-y_1mAACBauSIR22Zi1x7z5Mg92w6Q6_-6DIpKii23dXhZdvpC8onBqJWlss6agY9c4DwcrHrUs8ZK2pZgi_DfcaPx5z1YTJDQU6kPcvxnO9kdUeshTrlRHDL2pfBPKw_DRtTFSL9APwfL8WJ6ef71yaKyzRt_grBrqAHP15EElralvqcxPWXi5R8jpy7YpUqsJ93DGCyAtg%26adurl%3D&documentReferer=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-6-0%2Fhtml%2Fr-sf.html&ancestorOrigins=https%3A%2F%2Fs.yimg.com%2Chttps%3A%2F%2Fnews.yahoo.com&random=9849864635837&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 98d692bb3df2230a423df9b72009aaa344f76d366b3152eab782063d3273a388

Request headers

Host: hal900021.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=6e4eeb02e98fe8d0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 15 Oct 2021 17:49:10 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1535
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7D2 1 KB
749 B 7ms
7ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 70975
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6DFA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa11b80b2901a9f3bc65fce98fe65eba42694f6ab29a9740729ae282dc6faa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 728x90-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame E837 38 KB
38 KB 63ms
18ms Image
image/jpeg 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90-MSSTORE-Office2016-Launch%20(1).jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=20728700132478500628834011748014&a=a7c571db
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Last-Modified: Tue, 16 Feb 2016 11:37:05 GMT
Server: nginx
ETag: "56c309e1-96da"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 38618

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame E837 0
150 B 32ms
11ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=20728700132478500628834011748014&a=f991a221&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=20728700132478500628834011748014&a=a7c571db
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=20728700132478500628834011748014&a=a7c571db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E837 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI3wJD7jEFagvAkH71dgmEA&google_push=AYg5qPKz2DwbtzWu9HPiJTBDkP3m--GtpYIo_P9zbDvERgRQl703OlHsuI...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI3wJD7jEFagvAkH71dgmEA&google_push=AYg5qPKz2DwbtzWu9HPiJTBDkP3m--GtpYIo_P9zbDvERgRQl703OlHsuISeDn4iwtOXyhpuRJ2-sZ5VzqlmwX7uP3K5o8mVmUE3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634316563.223407,VS0,VE178
x-served-by: cache-fra19174-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI3wJD7jEFagvAkH71dgmEA&google_push=AYg5qPKz2DwbtzWu9HPiJTBDkP3m--GtpYIo_P9zbDvERgRQl703OlHsuISeDn4iwtOXyhpuRJ2-sZ5VzqlmwX7uP3K5o8mVmUE3
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4CF5 0
141 B 33ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEETkiAlNGrWoG6BOMOwXTh8&google_cver=1&google_push=AYg5qPLS0htT9wgii1JZJvAnqzF9eZZYdKhXC9XRRhubJv-jOmyw4xbpWKVvbGCXqFykYsYEw5PkuPkOQqlcns-LlZEYDsl2qt3i
Requested by: Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBB7lxDNH61ktAdig3JPZFY&google_cver=1&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kc...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMzNjEzMzU3MjE2MzczMw%3D%3D&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kcifIO...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMzNjEzMzU3MjE2MzczMw%3D%3D&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kcifIOIOHm3R2jXy

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMzNjEzMzU3MjE2MzczMw%3D%3D&google_push=AYg5qPLyyix-Ha6F81kbvhZ4g6NeDKRkvH0Uj9iTvjnAsMjqsj33ECWF9-GXXJ7o5GhGmUa8qVhX1EqdW985kcifIOIOHm3R2jXy
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELr_mxt2Ye6NSF_33ZyBPJI&google_cver=1&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5ecbiY66-VtSxumExW

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5ecbiY66-VtSxumExW

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKfrxHhesbRgiEuxJXVbR7nCI5zv5WfbMjGu-LeAoiyO7GaOyE2FEetzNij2TIoOp07cECEWm1Awk5ecbiY66-VtSxumExW
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFK-SnQRjcPN2k1R8BP7QlQ&google_cver=1&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s&google_hm=U3LJSpu6y_McGeHqhlHDjg==

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s&google_hm=U3LJSpu6y_McGeHqhlHDjg==

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:09 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyVop9pvN-iKDeBc0-AO2pCAhGR16E1GQ8v-jg97CKzb4ofo4se5l1Z0cnhfod-JBufUSY12Z3X6q8sebnogx8cKqJm4s&google_hm=U3LJSpu6y_McGeHqhlHDjg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vbq3btojvgpb05rhku7sou6g7h7iufee

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKcDv7Ixy4BRPrOYoVyOF7E&google_cver=1&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51a...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VVmoC1-DS2xnZTyAK4n9gtiDcpE&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VVmoC1-DS2xnZTyAK4n9gtiDcpE&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51ae892ObSM4zakZ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VVmoC1-DS2xnZTyAK4n9gtiDcpE&google_push=AYg5qPIDhRKTsHvvQh9QKJmLNEAVtNCkL7dZg501L-gFy77yObQGxwrxmCJTnal0oHGo0CFpdD76TTbowCu-51ae892ObSM4zakZ
Date: Fri, 15 Oct 2021 16:49:10 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET

pixel
cm.g.doubleclick.net/ Frame 4CF5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLB...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CF5 0
12 B 19ms
19ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kjy8-N_cKN3dMmPWGUvHVDhzweVw7KXmNSZErYXSrOekEm9_AWtq1Fz83REof_HbwDRAc0

Requested by

Host: cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
URL: https://cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK 300x250-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 9BDC 43 KB
43 KB 57ms
21ms Image
image/jpeg 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250-MSSTORE-Office2016-Launch%20(1).jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28277600114525600628838011748021&a=b347e057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: f8528716993a3c25c2f21c1bfdc852b1d229229527ed4993c75bc88cdccd6ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Last-Modified: Tue, 16 Feb 2016 10:09:14 GMT
Server: nginx
ETag: "56c2f54a-aad3"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 43731

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 9BDC 0
150 B 35ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=28277600114525600628838011748021&a=c5f9cc0a&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28277600114525600628838011748021&a=b347e057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=28277600114525600628838011748021&a=b347e057
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 9BDC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743
adservice.google.com/ddm/fls/z/ Frame AC32 42 B
63 B 49ms
48ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMmnv8vvzPMCFQilUQod8tcDpw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1243982172657.1743?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDVkZHJIZGMxTUJxb201&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy5...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDVkZHJIZGMxTUJxb201&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy57Kx3iEaLj2R9COTQdvqkaR7WIKMa21Qf0f8cF40oKtcs4YPpYdc8

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-06de16c304b43890a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDVkZHJIZGMxTUJxb201&google_gid=CAESEApu1XaI8_mb-uSO_nE86MI&google_cver=1&google_push=AYg5qPLEt6lBBmr3Vh_75LsgbeEW-xZVRVw7N1lTdKrhQy57Kx3iEaLj2R9COTQdvqkaR7WIKMa21Qf0f8cF40oKtcs4YPpYdc8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE2IGI1fnb5ZUCghpasSlNU&google_cver=1&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef9y764VQZzp7AY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8582E826790942E2A96889F249D11676&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8582E826790942E2A96889F249D11676&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef9y764VQZzp7AY

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8582E826790942E2A96889F249D11676&google_push=AYg5qPJ5WwGA3c0_mh4d0DZlYeUxvjc7R7Kh37DiIWnFXu64GjLyNAt8NGDx23pVLA1niYCgdBxnJfI8KG4GCef9y764VQZzp7AY
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 14 Oct 2021 16:49:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHORlgOYCz-caheuVUM4TKg&google_cver=1&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVC...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEHORlgOYCz-caheuVUM4TKg&google_cver=1&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVC...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=HdP52Aayl_CysayzV8Oamw&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQ...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=HdP52Aayl_CysayzV8Oamw&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQweUgRNLdw0mznAqfDhW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=HdP52Aayl_CysayzV8Oamw&google_push=AYg5qPI6pdh5y6_JNtQUk2qTTVKi_ssz-7AsvyLx3I10cFqSlmQX4UGUOsOVCTv0xMIvlOdScCDygbPnQweUgRNLdw0mznAqfDhW
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKcDv7Ixy4BRPrOYoVyOF7E&google_cver=1&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aGk...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jX7iOJlcRQZ4jB9DsvOgENiDcpE&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jX7iOJlcRQZ4jB9DsvOgENiDcpE&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aGkFe7dMMPZIPFyY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jX7iOJlcRQZ4jB9DsvOgENiDcpE&google_push=AYg5qPLJKT155zsm1eQa7ctQZD9chNTqRQKnGHE6UcWE_rTC0APpfBo8aj_01mOhv8g14meb0RQL4_vm-uz5aGkFe7dMMPZIPFyY
Date: Fri, 15 Oct 2021 16:49:10 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEPaTyJNYWXLGksgU1kn_rxU&google_cver=1&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERbO-pAeI6WI9qWy...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Y1ZaRDN4OEFUbld0&google_ula=2046794&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERb...

170 B
188 B

153ms
153ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Y1ZaRDN4OEFUbld0&google_ula=2046794&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERbO-pAeI6WI9qWyIbGU

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Y1ZaRDN4OEFUbld0&google_ula=2046794&google_push=AYg5qPJJqLg6p5ETNLsooGkwPwuamvry4QKauK_zwA-dUlxa1Jc-yVF9wVxm92lVhflLmgdH1h7y3jMERbO-pAeI6WI9qWyIbGU
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame C7D2 0
478 B 62ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKmmNcKgkB9S7C10eiJ4FnhDFxMefG2Ns_GPST-oV8b_0FxgeRN_eK8o7TNrlVkU1sbrM2RF5yPm9r5C47ZmTIB-xnFLTQ%26google_hm%3D%5BUID%5D&google_gid=CAESEICRXA4lsOEUmno5YJAdBfo&google_cver=1

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 16:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECpjNM57yHuIU92Anr-Fto0&google_cver=1&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6_qSTKITmImkz

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6_qSTKITmImkz

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Oct 2021 16:49:10 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIGgb8TrHMnD8yzXJD75FQfnFul6_LZaEIwxZSCVw37iOGBvEWqJGGHb9yp7Y-2yA-buOGZlbeww376fAR6_qSTKITmImkz
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: jm5Eho79RbnLSZu2mWzdFkQWSeKkW1K0zjWto28zZS5MnhSX4hCZHw==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C7D2 0
12 B 15ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KekUQ-ymAfCwjMxm3zOpXgE3QVXGZ5l1vK1W33gJXDPiAOAaRMYaliYlcb-UXdxYmJj7uL

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:49:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418
adservice.google.com/ddm/fls/z/ Frame FAA1 42 B
63 B 49ms
49ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMubwsvvzPMCFWyVUQodQZ0IcA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6239592419104.418?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C8E 0
20 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=1229522377827630&bg=!8fKl8rbNAAao6lBpqOo7ACkAdvg8WjcvrwOycDKrjkMk7k-yYcfNW3y6Ih1KU9fjtRI_T4k0P3j0agIAAAGJUgAAABloAQcKAJSwlfmSI9EHQ6G8gGEVdiVEiNiPo_2ijzEarjg-M5vhmpSFvnuiskjdu8cVh5KWb00-54cDNe37D9Q4Y0OdidZZSiQ9tltnaGfQIUbTPthxTQpc6xsF0Dy6ucmMh69mdlNvBnDGxYDrEeRFU_OAJaaQS9JieAfpHlRPufltj8wNhLnnC4mNfacIOHvCT1Gj25Aano8FmQLlrJz1uuiCh5kCjg6PYT2zzg9dKk21E9pqE0K6mW-_Wzo5lVqcloMlinDz4OTOVF1Snu-iYGyI2U6LMvvd8qQZvKkvgwL3l-jp2hJLtvYJPIwkinKmGS_YxPUjbCOFj4jSvEyqlQ7Lj4Q_FwuyUxj01ei-pkU2NQcj_k-3hBe3tT2LvSyFbdujEid3AorXnfK038gdQSQBdi_uJ4_D0QqgP3DS_iEvdiPELJRxkedrfFO2Mfu9jVFhvQUXn0KhU10R_jlNUGQwcHN6HHRYMWZgcbs_YqzLwH6P0Ah6iSSPtJ_IO4Uv4v0LTtwBLbijkVnnAQxyfgPQkIRsg3jlHRTpZpHFUk0bdmHl7PAs36OWV1sCDB_tlTAm-vFU7a8GkI1efw0kLd83UEyKl0KbO1FbZ4XeS0Uw1IVqqydrzjq5oE1PEuvQy67dw--0I-v7bN5mAqhZII2ySeAMPP8d2AStfua-Q9ZGftf-VxUY9JozIn6okkZmU_hMKqQjeG_OX_uP0AitBqyLnsBklzSFQuo-mPo2djEmjtzV-OuuB74ybMtKZA09285QewJnLhEVnxnt0Y1TdGPFz7V0NOQuPEAx9cHOhCcgMXCvJG4boIQvyucaAb3JTRIWRLUpNYGxk5ApHp8nqEL-0SWQx6hjqrxxeZIbIgj_e0KtGWc3VZhoV-7EOdqPfjIGpcY-SG4E5Uhr1X-GxUn6hh7tidB69rbp_ESC36U7zw_wX64AcZXgvqAH4OZgX9eKkDj7kT2l2SN7frF7bFgtvurouWFRBRUmyBjrTvaWueyCAPLfkKQs3O26IW75D2iFB-5qOVlOKFAi2w2A4nYw5Oq1PoYJ9RfouFUL2BYTDB0hAzpkBxfBKsavalSiI0UiWm_EChqw0MLcGLLFqp-YdzmZhHSRe-P9vZHUwDVXcUzqsD3LVvvUjCUo9iLbfMOHwuQhHdbYc0tfY3QDYq7zoHJ4vgpGm7XBxYDdQg5P

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECE0 0
20 B 43ms
43ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOQMEBrFpYdmQAZCY3gOcyq6ADgAAAAA4AeAEAg&bg=!BQalBkLNAAao6lBpqOo7ACkAdvg8WhJeaz_-e3hLVqaUm8FdnP158osApTFqimoSfIfiiddBhQRwawIAAAGXUgAAABJoAQcKAGMXI7x1lmGyKG8o2J2li-KMzHJjDWkttUgVzrc5oHhahSEbVJBWuoGsNT_YYwFoDVs5oHwCTc6f5uHoHWOUpUu-pp5bhVQkRIxtSWSNGCgS57lSD2Yc8yDzTuIX86zE5QafSqKZAwicFVQ9q2d4wAVdEVqeOiXNxc4S1Ie1I1NiSSpTe8Tkigc9b70LSC2T6_q7NuWa7BGcumLnOlrtjIuw8LCWXkC4dt3ejeQ2qF6VHRn6BeBafMLZhc32EoVEBNrOxwub8i1LCpAPC1sCxxsZli8wFXQ6JKBXWgIh70dj3FIhuKEiVMGIcElFhJvVELQTRxDMZU47JuzByPc0OgRTJoR9h56rsfgOO_vlMY-bwKJtr_Z6znnPb94ihorbXF01UMp87S9VnVKs6QU91XbW7-S-RbvVJTEBnIFOk0uoFeDuCYjSBet_ZORTiZnPLzi4I0pC98Gpe-v2l0ZIa89A6eHAnHMSoxv7yXT80EDq5ps20CN9U8U3yd105nPOeHBYIfrPY1sa2_ShXhjCu9owE7Vz1ReQYGdeiTb0VH1bixLPr_6oD6Tz0G0oe_cJ7qRCWQ3jgTBdG59-RmG585W7xb17uVhZsA4DWnutDbhZr-sbGhzWQgd1cgFquwAx0qzMejV5DtxS7XFuFyaMxDKpE24OMTfMdTSVGCSIZ-R3pXlTOSotAI2Df4BA6UbEFdTzP-7r7BDYu4RYAonbxbQs4k2gsxymZdwYSK5fUwoTT3znWUz41OSU1Dvg_0vuKtUa7VgH6QwEm1ZsVoh0JdzbIgEMffjTpLQbAopeEQ8PhEN2dk5KvlmUH8lNDPP-FdKIMLD94OMqD6-oWXy3D0K00WfrI2KE6InUvhmEqRw17PQAuME2hjWY0cyhSBVlJa8fajWnDG0bZ_JuqH5YFd3pz5WgRiRvnXTrIk8OOGSYvvBNHlGb19rcwBKmapuyKmo5yB63b8Etg5FVo5hKUVjXJ-sZR69yRkcutt-sUgzth84CrHzoptkfnutDV-Cg7LfZj6wxk4GgBNfoo_sAhbUjLoOpgwQ9rkM-UFbJwq9hIzq_iDTHNySIxlTG7Xs1OqLJlfJ4JW8bYvuICmK6jSlfB28wnWN8E_Th05jWHhWmQbvi6_k1mTMmcfwZXpOiips2wKCfB5op1jUjqQCcDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 604B 0
20 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA88TBrFpYZW0AomIrAT0obuwDgAAAAA4AeAEAg&bg=!-vml-b3NAAao6lBpqOo7ACkAdvg8WorrT0dln8YaJe66yMVZkrQ3obblLoBth5skOslwUEdU26x_XAIAAAGDUgAAABFoAQeZAzJ3C2IJb7RSPckIwd6oef9kH7_7a9_UTiMFPREM_vAC2X1dslwV5_lSTAd4o7HAh9qNarzw32ZFDsUMZ0xfI5I9RpUSM9m2Wrv29SXqmJnQpECdp62DpMxy5BnhExEmDqasGuV-FfXTJkel6NEYLfewxPABAjndj899aqlKIoO-X0pmKkd31JDixlYoXIXCnylsPs5glImHJk41_Y_qKh7i6fLUkAy8eyiHpU2QXTUOBbtCn8cfHG2VGfCje2LU1uM4L7QQwtjIRQfcNajRcuRnU4e1f-qpa2SAf_W1Win3vCDgN77C6ORBGwL6IPk6dE3qfIlyA2QEmdbltsTZJJJ8i6Psqs63w93rS7DQRI3YPsQhBD5SpITD-QQQzZFRY-OcmekNGSPN-JVT3QxR-_VkUiuLUg-mvYQqea9qw21z5IzlBrLdeybbrGvPdh0rSRt1UHmWvLM0uE5qJvcxpYJOOoUcS6m2l4eKOkS-VniSsmQAoEE2YG0eBUeVJRnLkVnJEJVrZT4IGWEd6Kfm4xDPRkJPOjjtt6NRcJ6M13t1mvvoy65Us6JrN6YpctWXk_MSfcya8tJkGHXjOrfAT9imgsJdE-kIDwmlh8LKzMWAScpah19lop3Izf17M9SssoKWXFmQGEl3wkDkxtjVHOQFO2oi8idAPqRiHPvxvEWz43s4ZPx26mZAkO0GEv-T6RB6sDxurl_5-oPFx7EaDcFLtv64YuASaI1VXm-MyWqXIIJ6jMi_gb3fDFC1AS6AT5qKWXCUgT9g0KfC6YNHr4RcfP_CN7cBXoJ1CcpG0Tx4T87a4CMAV8fpqvvFlYjlCeIT2FMOXzf9L8hj27vsr2vCnX0ZFgQtEaUClCtAVMjhee9swCP86iHLndKM3WHnnOhYHHlONrtY4LL-6rYNuOZ6qjjjrad9m6c55XrQToJUyR634O41j_faMl-yhVsziw9pL6IWBT9TAUJlecT98ww5bIqS8_SZ7Jpb50HtoP-8wfEeck2XDCyD7OkZ4jVCC030lw0Q1EiMjsYyYHRE4R0Fjbqw8_q9otYhBbP0r-_Y9psCdDNi9-DswrlPjeluwVcRvA

Requested by

Host: b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
URL: https://b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5849 0
20 B 45ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=1226436013685599&bg=!QkGlQQXNAAao6lBpqOo7ACkAdvg8WleE_MzoK5XBtASwNwH2nDhmTm2laodhogQyibQiCuHi80YJqwIAAAF4UgAAABJoAQcKABLuF9cTN-nqPU53U9dS2Njg8sqZAsebeTRAcdfBTvB0nRjgDzN8N5lku_V57G5WrMBwFUEpeAdqHG87kcJo1IGOzMWSB6L2c-pPShEdGL5LwSx1J8Xu4qfdXsskZUzNohAAKcTH2kuJ8TjM-zQkUquOCwXqsOyeLG5XIRbM0KnuMM_ac7Do7J9ij346fiq5gGEzyZHbB6Pk0HhEw9VjBsXy4Fpab7-H-AhnNozSgZaef5oeOBdJdmYMI8HTH-4FIRaxlKA3bHWn9WYNTFFglrgfi9eKEUP1nf2vz_TkQ-qzuzP0Efvgihuw_70_nLvx34RSauemTsMdhAfKHo_PYNiTe82naNFxdqKwvxQwuaDiPxi_y0bmpT5wRZ_2fo9y90XbeCj3xey_3RlUWVIAsZvyU7YSGzsfL6HfZa2TnV4xs4gl8AMtjk03n5aBdH36CFSQFshtzfnmj_K_lDd44JStMthBjCv9lQlxA1mFPA_rkCug0qFVo6NTgOlyiS5aOXBqsDhZG8VIOdwHVrZng1KtBNBW4gw7tsrID3seLdknljNwnQZHg9FaVVlYju0_aauynEngwmfG_mzcb-NTTsLz_TVTO2J9NOQlq37wHUkaQ5hI_23mp1WGlE2F65spxmvD7QfhfFW8XgvlJ1cdVjXr6a7RoJpCGuu2WvlGDYitGF74WaaoghqWQUsT4uyutKSmNJXE4UlLmb0v8NNv5D0qF4Atuzg71UjQD8tmJke8HVzfbt9jQMzZ1dYISUWHyEfdbZ6af1PXmn5zFNJM-xtzA_m0eOxwk6SeBV3HFL2B_Iq8lmWnh1XGFSQuRL98XJcUW1XC5LrKPWidMp3D6qgwC3ErojYU1m78w1kcK-cNfXDtU0zxG5mh5c-dGxihweS-MlNkdQWGKYa8Xe0OO6kN_n1ubtNru6nJ1HxEXb9m6KP9m8vSqndWBe0wV9ywO82ndi0vhX4DbIn_lnM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rq/darla/4-6-0/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
96 B 35ms
35ms Ping
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=8sDnzUijGv1OyNxa,0.20054392456299763&_I=&_AO=0&_NOL=0&_R=&_P=3.53.28%05_a1s%03d%3DAQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4%26S%3DAQAAAvQJxgfXYnAUSZRjEgfS10M%26j%3DGDPR%04_guc%03AQEBBAFhawJiSEIepgRL%04_pl%031%04A_v%033.53.28%04A_cn%03VERSIONED-PROD%04test%03a2-plutus-rr-4%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03kHUgKWqYPSueSRRP%04_w%03news.yahoo.com%2Fus-government-database-exploited-covid-144620874.html%3F_guc_consent_skip%3D1634316575%04_rid%036dlabf9gmjc81%04abk%03%04colo%03ir2%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_hosted%03hosted%04pcp%03W.G.%20Dunlop%04pct%03story%04pd%03non_modal%04pstaid%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstaid_p%035f0c6633-86b7-3bde-86d9-08285cce3cc2%04pstcat%03news%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A1987%2C%22AFT1%22%3A1987%2C%22AFTNOAD%22%3A1712%2C%22STR%22%3A1299%2C%22VIC%22%3A2500%2C%22PLT%22%3A3627%2C%22DOMC%22%3A1419%2C%22HTTPC%22%3A128%2C%22CP%22%3A74%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A1767%2C%22ADSTART_LDRB%22%3A1788%2C%22ADSTART_MON%22%3A1803%2C%22DARLA_REND%22%3A1809%2C%22ADEND_MON%22%3A2456%2C%22ADEND_LDRB%22%3A2485%2C%22ADSTART_LDRB2%22%3A4817%2C%22ADSTART_LREC3%22%3A4822%2C%22ADSTART_LREC4%22%3A4827%2C%22ADEND_LDRB2%22%3A5020%2C%22ADEND_LREC3%22%3A5047%2C%22ADEND_LREC4%22%3A5221%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031634316552%04_ms%03282%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/us-government-database-exploited-covid-144620874.html?_guc_consent_skip=1634316575
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 16:49:11 GMT
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v-ctidp1m3w1.wc.yahoodns.net
URL: https://v-ctidp1m3w1.wc.yahoodns.net/pixel.gif

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yahoo.com/	1970-01-20 06:44:12	Name: B Value: 4sa9an1gmjc80&b=3&s=ln
.yahoo.com/	1970-01-20 06:44:34	Name: A1 Value: d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M
.yahoo.com/	1970-01-20 06:44:34	Name: A3 Value: d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M
.yahoo.com/	1969-12-31 23:59:59	Name: A1S Value: d=AQABBACxaWECEF5DElLmKnBwHUVSoPlzRuQFEgEBBAECa2FIYtw-0iMA_eMBAAcIALFpYbgqKU4&S=AQAAAvQJxgfXYnAUSZRjEgfS10M&j=GDPR
.yahoo.com/	1970-01-20 06:44:34	Name: GUC Value: AQEBBAFhawJiSEIepgRL
.yahoo.com/	1970-01-19 21:58:38	Name: GUCS Value: AX_C-M9Z
.yahoo.com/	1970-01-20 06:44:12	Name: cmp Value: t=1634316546&j=0
.scorecardresearch.com/	1970-01-20 15:15:24	Name: UID Value: 171DQ2UTVNQ2CPNYQX1Y3Eg1634316546
.analytics.yahoo.com/	1970-01-20 06:44:12	Name: IDSYNC Value: 16pp~20z4
.doubleclick.net/	1970-01-20 07:20:12	Name: IDE Value: AHWqTUkrjB9ILLb3A4tkZTCNZv9wSGfbvlnRYGTGHXvdIhEoPWiKQulvzec2zYhYIwI
.doubleclick.net/	1970-01-19 21:58:40	Name: DSID Value: NO_DATA
.spot.im/	1970-01-20 06:37:00	Name: spotim-ab Value: 75:B\|72:A\|70:A\|67:A\|600:A\|56:A\|55:A\|51:A\|48:A\|47:B\|46:A\|37:B\|35:B\|34:C\|33:A\|32:A\|101:B\|100:B\|
.casalemedia.com/	1970-01-20 00:08:12	Name: CMPS Value: 3181
.adnxs.com/	1970-01-20 00:08:12	Name: uuid2 Value: 7451546999332958195
.openx.net/	1970-01-20 06:44:12	Name: i Value: 5f887c2f-9bbb-4d2a-a0bb-65b5316fcac9\|1634316550
.casalemedia.com/	1970-01-19 22:00:02	Name: CMST Value: YWmxBmFpsQYA
.adnxs.com/	1970-01-20 00:08:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaOoUsbI!@wnfH8K6pQK`!5=E<L5?%KD4[i<b6Fq.Lf](R!j$2vv/L)BP8gVQq_BQU/P(hw9P-HC_#tu0D$b/r
.casalemedia.com/	1970-01-20 06:44:12	Name: CMID Value: YWmxBtga5MIi71JKvpvcRAAA
.casalemedia.com/	1970-01-20 00:08:12	Name: CMPRO Value: 1145
.casalemedia.com/	1970-01-20 06:44:12	Name: CMRUM3 Value: 2d6169b1062760CAESEGNtZvzLTlT_2dO9zUzYcj4
.redintelligence.net/	1970-01-20 00:08:12	Name: 8lcfmzhxc8d6_uid Value: 6e4eeb02e98fe8d0
.blismedia.com/	1970-01-20 06:44:16	Name: b Value: 6169B1063F618B3235C16D1FBLIS
.adfarm1.adition.com/	1970-01-20 00:08:12	Name: UserID1 Value: 7019336133572163733
.adsby.bidtheatre.com/	1970-01-19 22:08:41	Name: __kuid Value: 1b483b49-dc8d-4bd5-b3cd-544387b711dd.403530550
.w55c.net/	1970-01-20 07:28:50	Name: wfivefivec Value: T5ddrHdc1MBqom5
.w55c.net/	1970-01-19 22:41:48	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 06:45:38	Name: suid Value: 8582E826790942E2A96889F249D11676
.m6r.eu/	1970-01-19 21:58:40	Name: test Value: true
.m6r.eu/	1970-01-20 00:08:12	Name: cct Value: 1634316550712
.m6r.eu/	1970-01-20 00:08:12	Name: id Value: 1dd3f9d806b297f0b2b1acb357c39a9b
.everesttech.net/	1970-01-20 06:44:12	Name: everest_g_v2 Value: g_surferid~YWmxBgAJWNkr3QA6
.rutarget.ru/	1970-01-20 02:17:48	Name: userId Value: cVZD3x8ATnWt
sync.srv.stackadapt.com/	1970-01-20 06:44:12	Name: sa-user-id Value: s%3A0-8d7ee238-995c-4506-788c-1f43b2f3a010.zFxILE6DZvMZhxcHy1BzdzSlmfHfLufDcMDnEi7HdBI
.srv.stackadapt.com/	1970-01-20 06:44:12	Name: sa-user-id-v2 Value: s%3A0-8d7ee238-995c-4506-788c-1f43b2f3a010%24ip%24216.131.114.145.G3kxD6627CZMVQdCZi7hOxTbkchf%2Fefbbx80k6XTMek

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://s.yimg.com/rq/darla/4-6-0/js/g-r-min.js Message: Unrecognized feature: 'vr'.
network	error	URL: https://v-ctidp1m3w1.wc.yahoodns.net/pixel.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://vop-yahoo.secure.footprint.net/pixel.gif?rand=3wjta6kz4 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://openweb.jac.yahoosandbox.com/0.8.1/jac.js Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmxBtga5MIi71JKvpvcRAAABHkAAAIB&google_gid=CAESEPS0eInvGwDIym_EXtwYRV4&google_push=AYg5qPJDOXJgOW4fPKcIDx_oxRNru3Emc9HjdiytyH-d8gvODLBOH_uZRsZCB_rcgCv-5eR6fm3SBg41jAzJDAFEPG829bdAKmVA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6dlabf9gmjc81&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

122b6d54ba407a9bfbcb80e7db735f45.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
adservice.google.com
api-2-0.spot.im
api.fouanalytics.com
b8d0cd3663cddc8a3a607994a947a779.safeframe.googlesyndication.com
bf22abff02b9079b6cd671e243d6987b.safeframe.googlesyndication.com
cd85b5dcf74ca65993109b72f5eadb92.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.contentspread.net
cdn.js7k.com
cerebro.edna.yahoo.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
d1vl8wytztdz.cloudfront.net
direct-events-collector.spot.im
dns-grfgdli8x.sombrero.yahoo.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
edge-mcdn.secure.yahoo.com
edgecast-vod.yahoo.net
eu-central-1-web-oao.ssp.yahoo.com
events-collector.spot.im
geo.yahoo.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
guce.yahoo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900021.redintelligence.net
ib.adnxs.com
launcher.spot.im
match.adsby.bidtheatre.com
metrics-logger.spot.im
news.yahoo.com
oao-js-tag.onemobile.yahoo.com
openweb.jac.yahoosandbox.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
pix.spot.im
pm.w55c.net
publisher-assets.spot.im
rtb.openx.net
s.ad.smaato.net
s.yimg.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
static-cdn.spot.im
sync-tm.everesttech.net
sync.go.sonobi.com
sync.srv.stackadapt.com
sync.teads.tv
tag.idsync.analytics.yahoo.com
ter-adserver-origin-us.prod.adtechus.com
tpc.googlesyndication.com
tr.blismedia.com
tracking.m6r.eu
udc.yahoo.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v-alc123ok7b.wc.yahoodns.net
v-b7q53rgpeu.wc.yahoodns.net
v-ctidp1m3w1.wc.yahoodns.net
vop-yahoo.akamaized.net
vop-yahoo.secure.footprint.net
www.google.com
www.googletagservices.com
www.yahoo.com
yahoovod.hs.llnwd.net
ybar-alc123ok7breport.wc.yahoodns.net
ybar-b7q53rgpeureport.wc.yahoodns.net
ybar-ctidp1m3w1report.wc.yahoodns.net
ybar-mcdn-report.wc.yahoodns.net
cm.g.doubleclick.net
tpc.googlesyndication.com
v-ctidp1m3w1.wc.yahoodns.net
104.111.242.245
107.23.223.65
13.32.29.124
142.250.181.226
142.250.184.198
142.250.184.228
142.250.185.162
142.250.185.226
142.250.185.65
142.250.186.65
142.250.186.66
142.250.186.97
142.250.186.98
144.76.238.55
151.101.194.49
152.195.132.116
152.195.51.15
152.199.23.180
159.65.197.210
169.50.137.190
172.67.200.52
176.9.26.250
178.162.133.149
178.79.242.0
18.156.0.31
18.66.242.25
18.66.248.71
184.25.50.105
184.25.50.89
188.125.72.139
188.125.89.201
2.18.234.21
212.82.100.182
212.82.116.200
23.22.168.226
3.124.143.99
34.201.255.167
34.96.105.8
35.186.253.211
35.244.159.8
37.252.173.215
52.16.16.109
52.28.203.152
54.166.194.46
67.195.160.105
67.27.159.129
69.147.80.124
72.251.244.140
78.46.90.238
80.64.106.147
85.114.131.234
85.114.159.118
87.248.100.137
87.248.100.208
87.248.100.216
87.248.116.89
87.248.118.22
87.248.118.23
92.123.194.130
92.123.194.140
92.123.194.145
92.123.194.180
00273aeebe88440c82b7f2cb5c1340f5fa4433f0a66af9c4f3cdb762c7d1f865
030a7f62c9068ddfdae92417ea9e9a3a95cd65314fc47c59aa8f00f929f07e8d
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
082a196637555363507421f9fc9405ec8c39b8d70992fe77ad58bfbc38956aee
09cf36ae915a7a09889382f6ab6d2f1a97a2f9b65a918e26fe388224bcf6fc8e
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
11eabdc062f6d1574a2ae41620fc9a6bc2244cd199709a3f85dafe639f3e1be8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1aa0d7b9dcb1866280fa0057fc72e5e8d96f82d251fb24505852398b59ae73fc
1b6f60b0715e162c4f3ca6c4b54b64a1e8edfa8b5ad1859982d990c9258abf3d
1c21ec00b528369f3421aad6571e08fdbc2f376c6c63707ab37e12b971bfa3e1
1ccf1a93318ed1a7ad44e0a240d5248b3799787dcd1fbfd977c1b29c8ebdec2f
20c347bcb7128716018c37207575e38b7b26210e497db448ecfad77a37cc4051
22e9e86d745200109fbcb3e96695307fea67880fca509728194b2cfce3906fa7
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
23db038e7131d1c06516bc39ee0bc3c543e51c3377f6c8da82f6d77a31ab81f8
263f3c06eba4f4b57903b66aadabadc3da9e57715dac5b3418c65220c0f5564b
27f270ed1a3f7f34415b6c953963da88dc1416e4be61c0609a45e1023d5e4cd4
28a3b8591cbab5453df21909735beee41034c42bb49d1172254aff9cb769c031
290160a54f89b2cec6a0edc4d04fa83e239cc3e956451ec5c5e0226c88cd6c5b
2c7cebcf5248de8030e34a3fadb9b71e06aad53aad41317421a2d1d167e3b89a
2cc2dae32205ad6128b2ab29a58d016ace1fc3eaf92f18b2ea35c588a0446de6
2d13440e744b9b95b94c10ea2c3eab110559ca7c1df059c988a6890b4947955a
2fd6a4a94b6b45c553fc4a0a162c5d8454f7229a5a80f6d575499239e8f197b7
3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9
30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff
3107c8d85f9424f0dc196ecb3cea178f1f6c3feefe41f18b9710d018b8fd3d42
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34d4ebfe194e09dab342e983b63bbe06d8fc7132242c0ca2dc1a4d8dcdb536a3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
39329372a757958047b0dfa2576f0efdb2e25d2f6c65e4e88ab253854346ef99
3b43c4bff78d3a17627c5978ed94e2cc032d5db60086125bf98ce7c7de533161
3c7f2cf92e4d06cc77e142f9ddf40068d40d9132da0f91977bc4cd99bf25c7fb
3d48b44f1a81248c7fa11ec634852c317f855f3505442e41d8bfced0f0db0e94
3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
3f46034ce8b797aa96c0af5796f1e06c80c49c7e0e0188d46c72b21afb6cdf49
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
426b046038143ad054687058dab793d909fa3dd666079ebcb36489ec5b8e0f40
44c019f08e8df117d255d2ab549b8a35fb004f702e1c08cada2d5906227db85d
48e533ad7ddb46f72584c7097cd5fbe6ca720ad6151f452b3ddcd51a6a438c8e
48e82050a95f855b0a1c2802ae7aaa7cecd5536fa44ffd8c851186ebad7b9275
4a9c995279b52d1f5e643e312ad44c799250d839d22f67fb79dbc60587b811bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506648db425e3801b3b45aca2382efaed10698e5af1dcb90fc8cffb2b090704e
50d739334df964f1e462e5ba8773b97dd9d3548888953630d2ff5b0f247197ac
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54eb3423038d92642f525ac04569df4a465fac4f5a16fd698d6a3d60f3b646d4
56bf9104ecbe403eeba39c44137be1aa594c3f29d9d7115e945dc5d3071f8d11
56ffc597e24041dae709ff16358d1e9b8a35eaac1cd7b6ef1c32a036f328e046
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5e6cf25023bd391350052b05c814e49c323aa10e7ee77b9022fa62536fecaf99
6070d8bcd7c1875f38296337e2cc31dc1a03f98dbdcb09a5d8edb9a511c1725c
67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332
6beb282ae6c00898250ab72e2a7eb1b39f871c1d7ba6c26f07ef6ece6dc7521a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e3a62e7ec43b06ae53f9aec85a8a16141a4b8ab25294c0f0a79f434285358cb
6e6c93da53316a3f32928e5aa1a1226af29471dbc51e2e2789efd50dca16d58b
6f17ff1b8820792a933bf3d770cfa2eb7d00d0399b3015450c6e96f0ecdd5cc7
7266d2a818f2eccfbd71cf16946251bc4ee0857883214a0081a5e4441fd8cb8f
730527f38c473d08ead9f86baca79526f5068b41d8e267ac77336574a6f0ddc4
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
7cd39ec8268df0f495e9561763a90dedfcc8a356aeb55c8908cfd9f8f3a1a458
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
8215710279ec36ffbb92ba7969ee704acdc185ff9999702eb9007213da1da553
831044726fc68a612351ab72185e412b71ac27152fd0be14f214cebc403bdb10
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
841f6e9762a39bc2af58f9bdf73df4fcbd7ce21c8ebec334b7f0fc6d7c9e0cd4
866b833c82d2acae5e6572f2ae3794b8b807abed156b34c3980854102b3b0ae9
8849308e08055c269665f15d93b30497b35641e1eee6f246e6703fdb6dc0d0b3
891f503c1b94768ca0080ffc17fb7652fe0e22c2adc6b1ac5fffa9308d9ca713
8973cff83ecbbcde03019fab88c0b6c7c4c42dfe154773d5e779dc7f1c4ea3e9
8d17d398f7edd387b33748547b5d16c448b04a6dd68d948dfb73e36cf6b346fb
8ef815352903fbb80cc8cfadbab52b5d6509d502773fce2dfe2cc6f6b0e3ab63
90ae67bf47fb19e9ba8624a6bd478769da914826f83345a562adadfee566abf6
9154cfbe0796b2e39cc22c2e8be7ed7e0fc3c98c23fd39020599634e8f9f2851
926f7445492513891fb7ba565435637ddc406b261b82a622f22132333cfb3e1f
939ebc5c8c447cb1a59eb8a26bb668ba9fd76f189fbc32e5ae4d3e5f63ce6941
93f1365a8b3b3efe4f01073f0df6ee6f232d435821633a7c19dcbb2b1e2eaaaa
9401d45b15dac98d3adc3803a52be3bae9777cfc6f2e5565115bf2d0d02eefc2
948788b9d19747db6f0979dc68c04036697678e7d6d46402b3b7ee04b82934da
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
98d692bb3df2230a423df9b72009aaa344f76d366b3152eab782063d3273a388
99c4c1d7732467fbe4c302fc7fe430a448684d1506a499e79feaad29dd5f65e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c60bf8c4d12f5cf79309f348d47c5c9c2b711ab298a2941c20580f404ee3b69
9c7839ef30628cceb2af6edbc09a6c40a962cd54a16fc5b8a50e6ac75406532e
9fffe0b764d5debac40a65ebca1cb753c7a45cfdbd9a07a2c67b3de67e28fc05
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95
a4214a2f00feb2b91525955c2ee60134bc0134606599e9509581dc803b677b36
a42e632de0700d7ed583cf2b48cf4909cca22a2d6b448dd6344eb96e5a6deec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e38a82438ff664064f8cf268d05f0fddb3f2a23deec34fbcd864e6fea84a06
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6e7a35c39ccb539b54ebdf880be41d4849c78542d41f6e4f90f57559709fdd5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a941d803ca1c3ba9843cc9d365f7e31d57f613040d9155db97e6280384b146c5
ac3d6188b69ef4b6691a06dd129383a159c43c53a9b69bca616b638f9a3116b6
acbd15c1ac3999355aaa90dcf89226bd1410eb49de4d2d2ff92c516ecb48068f
ae91453e518c70b27ea0e5d460268e6c12ddc3dba058804525f969719542a51a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f1121ade21148cd44865689c43cc26433b8a0110867b7482b765fcffd9b4a
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b390785788c27f5e6588bb9e9d62666e8314fdf4b7a38f077fe9ba088fc6e9cf
b4ea6f649727e96fc124f1a64770848fb920e668683fdd07a698a44d48e68fdc
b626fe63949e900666c4a3879f48c8f99a8fec38466adaa95042a5381d244494
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
b8e050a6298c6a3340d288bdf1e184afe1912d1f3cac338addb93b5767ac6049
b9b56f458485868b06183daabde0dfa40a671c0403d9cd1f681c199626d8c5da
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bdf76b259edd4d7a8169cde16dace1fa85b483422c3cf2ce916c2da39252e1b8
befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4
bfb9ba3dcd77b9abed950d62e254b76b373f3dfef28719d67c604578156b4eef
c14a2c984a651c7b5ade7656ddb251876773cb6e2cff6fcc4a28e0eeb00c5159
c38ad659d5c95dc2e75b9a79247d9b40ef1e00b9b377a9919b54d8e03024b20b
c5bd73d5d6772356734f502422ee76d869608aa49a087160f16b186870ad278e
c6231614835f10f8da48bd2ee62b7414d400b70c9aaf256af29b33119256f5e5
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
cc2cc463fbafa5eea3cc38d983027a2c2574c1ab23c22ed317e33225d6fec1b4
d0724f889c823cbc697d50fbaa2c31ab5cfcc56d9ba12ba7e557c7d6cc0c951d
d1bbed352f79d8930c79e552b22097ec8d67dd8164593254775f0d254aa02c77
d2a75aa8c560d18e49684eb0029c0ac9b9b53bcc937d4f6085e7ac10e07f37e9
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d4d40eb03699fff7994b78a8f471bbfbd48362ec2dfd209faf9b4e2206b03adb
d4e305677c8bf9811e9d43f06825b8d255e9a0cf2c02a78e3f08ecd4e93f5bd4
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
d5dbc73b7ead4f4e4958bfedf033993186e7ce0261fc3f0bed75efa919f818d6
d72f0121820c16c48edc7a747a002baf33d3a3175cc29a4897060e9c8fe16c2b
d975f609e28d82def35222983b5cf32817ce1fb5a14f1345bdeae79e47f73b33
daa11b80b2901a9f3bc65fce98fe65eba42694f6ab29a9740729ae282dc6faa9
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
dedc786694a09c3e0a0f86acaa763cb0bb15fa3bae9165735855de4f2dcc07b4
dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44
e152b44156d34e6ac3b3d2440a0eeee8e19294ae24c762591b64c6857ab4b377
e3126554ebc79bf09d24911176f9e6e60f300b5d4c1ebd141720d456672252cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e4b7aaa46df6c8b3ef5a8c76a0034209f14e603eb31b3eae89184f99eff7f14c
e52ef7339462d79a247918c6b2eda02d2c8e5928c287fa64a309382d5fb751fb
ed8057680b0e1e1c4aac59e684f3081f65e2afa5a75d848539aabc2c0eea0151
ed95164f1024113b4729f309b0c0174c5a0f57af09a47403b0c574cf69cda4e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f
f0f839401ca503be4df9ff4f79f963619f65d36b1f7666e1479e022da098049c
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f803dd8b7bf6380e5512a31e369488a65c2f09f732d7ba85b7cafa48a8ef9e87
f8528716993a3c25c2f21c1bfdc852b1d229229527ed4993c75bc88cdccd6ee2
fbbbd482623be6ca737e9c0fd0480f38b31e221e1d6b4380a56291937806c85a
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
fc9b27c7db86c06a8c138b7ab112e93a0b606cd9b3e15bfb7a66bc10fb8a19c8
fd6d98e93041bc578240aaa66aaaf4aa87b6391a108514b341f9d33f2710819a

news.yahoo.com Open in urlscan Pro 87.248.100.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

309 Requests

98 %HTTPS

0 %IPv6

36 Domains

75 Subdomains

53 IPs

6 Countries

3498 kBTransfer

7625 kBSize

34 Cookies

33 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.yahoo.com Open in urlscan Pro
87.248.100.208 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

98 %
HTTPS

0 %
IPv6

36
Domains

75
Subdomains

53
IPs

6
Countries

3498 kB
Transfer

7625 kB
Size

34
Cookies

309 HTTP transactions
8 data transactions