cybernews.com Open in urlscan Pro
172.66.40.59 Public Scan

URL: https://www.facebook.com/cybernewscom/

URL: https://www.youtube.com/c/CyberNews

URL: https://www.linkedin.com/company/cybernews

URL: https://www.tiktok.com/@cybernewscom

URL: https://flipboard.com/@CyberNews_com

URL: https://careers.cybernews.com/
Title: Careers

zrh04s05-in-f98.1e100.net

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_cver=1&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8XlvMM5DEp-4pktZxwEq9Jc-F1HnAd2et1WID4k4CaP80TjWBQ HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1df473cde89217bd&is_secure=true&networkId=14000&version=1&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_cver=1&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8XlvMM5DEp-4pktZxwEq9Jc-F1HnAd2et1WID4k4CaP80TjWBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHwf4tfJJ-5QNigmAFAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8XlvMM5DEp-4pktZxwEq9Jc-F1HnAd2et1WID4k4CaP80TjWBQ

Request Chain 95

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3yxpEpUG9UqOAeBsXfNqSyBMcHWYMOg7y941AreiDd86p-ibIKQ3Tn7g HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3yxpEpUG9UqOAeBsXfNqSyBMcHWYMOg7y941AreiDd86p-ibIKQ3Tn7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3yxpEpUG9UqOAeBsXfNqSyBMcHWYMOg7y941AreiDd86p-ibIKQ3Tn7g

Request Chain 96

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECt7wi4iZsNFPApYMF87HrQ&google_cver=1&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDbGLbnQGjJ6Y3d4r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5NzM3MDI2OA%3D%3D&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDbGLbnQGjJ6Y3d4r

Request Chain 97

https://ads.travelaudience.com/google_pixel?google_gid=CAESECAhDbTPruMeUeqBr95uBRw&google_cver=1&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JCVo_txykFefr_Xw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JCVo_txykFefr_Xw

Request Chain 98

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB5svYSQr0-w78HPwT-pWdE&google_cver=1&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2ixY5bAgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2ixY5bAgg&google_hm=eS13T2xneUFkRTJwSHl6dGR6aExlUzJyRWF4SUtJNUN3cX5B

Request Chain 99

https://d5p.de17a.com/cookies/google?google_gid=CAESEFBjkIh_HpsM1XSVGyaQrPo&google_cver=1&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFBjkIh_HpsM1XSVGyaQrPo&google_cver=1&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q

Request Chain 100

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVx0ZwlABL4WTT2RxiyS7w&google_cver=1&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii3_HhHxxHEoHBWr8YY1Rzfw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVx0ZwlABL4WTT2RxiyS7w&google_cver=1&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii3_HhHxxHEoHBWr8YY1Rzfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxMDIwNDYxMjU2MTc1NTI4MA&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii3_HhHxxHEoHBWr8YY1Rzfw

Request Chain 120

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENIMGJ2zAGpdj_myrFT4r4k&google_cver=1&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx0bC4n97mv5s_YcDvF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx0bC4n97mv5s_YcDvF&google_hm=7TD-K5E-Q6S0sv1un1wbuOA

Request Chain 121

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPhuX-oWq9RAuH3TIGvR7yY&google_cver=1&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRtzZ2VMDBYWdk7_C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRtzZ2VMDBYWdk7_C

Request Chain 122

https://d5p.de17a.com/cookies/google?google_gid=CAESEDDnIzN1thL_-L-EV-03HPY&google_cver=1&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDDnIzN1thL_-L-EV-03HPY&google_cver=1&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ

Request Chain 123

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIOUMU0Ix77oHWY4m6UYWi0&google_cver=1&google_push=AXcoOmTL6RvxKH4oxnR4jdGbJcr8wf1htiyj0DC_q5VHkL6NSOsxPpPeayEXZkc4B-iP5B1SG4j5IqgRVrKMrSJsjWMdDrGIui9k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIOUMU0Ix77oHWY4m6UYWi0&google_cver=1&google_push=AXcoOmTL6RvxKH4oxnR4jdGbJcr8wf1htiyj0DC_q5VHkL6NSOsxPpPeayEXZkc4B-iP5B1SG4j5IqgRVrKMrSJsjWMdDrGIui9k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTL6RvxKH4oxnR4jdGbJcr8wf1htiyj0DC_q5VHkL6NSOsxPpPeayEXZkc4B-iP5B1SG4j5IqgRVrKMrSJsjWMdDrGIui9k

Request Chain 127

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y14suWoF58AMdNIp7dwpOZgOlLqShggadGQJCbP0hFfnj0iivw5Kd13Lc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y14suWoF58AMdNIp7dwpOZgOlLqShggadGQJCbP0hFfnj0iivw5Kd13Lc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y14suWoF58AMdNIp7dwpOZgOlLqShggadGQJCbP0hFfnj0iivw5Kd13Lc

Request Chain 129

https://ads.travelaudience.com/google_pixel?google_gid=CAESELIrIM4bipf-Ibfo2JiL84o&google_cver=1&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rGnEQLU6cxU5B0tNg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aQ9FKCV2QG0NJmTW60ftGQ&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rGnEQLU6cxU5B0tNg

Request Chain 132

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOGa0mThHKL_0Ij8XGlmsEI&google_cver=1&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQF0ZBr7iDlNEUJJtCMCqgTwI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOGa0mThHKL_0Ij8XGlmsEI&google_cver=1&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQF0ZBr7iDlNEUJJtCMCqgTwI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA3NTg4OTk2NDU5NjczMjQwNw&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQF0ZBr7iDlNEUJJtCMCqgTwI

Request Chain 133

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyKvP_ZLFG8zuG-ieqsHX0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyKvP_ZLFG8zuG-ieqsHX0

Request Chain 146

https://um.simpli.fi/gp_match?google_gid=CAESEFslV3Ax3YjN-1vd1cpb4vM&google_cver=1&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFBF5jPPBLFnCzcO7Gk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFBF5jPPBLFnCzcO7Gk

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQacm2Dk1JxybaS78vYtt8&google_cver=1&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58WgABb7bQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58WgABb7bQ&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B

Request Chain 150

https://d5p.de17a.com/cookies/google?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo

Request Chain 152

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_sFEz_v8g1N3wBAuk7cx8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_sFEz_v8g1N3wBAuk7cx8

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmTu4c3kUqifFW1p14h9V9t7Jwmct94KVAyaIfTy25M6MxZvpU_ljb2KMrnDxrMB8KNhxdGECk__QXf6e4Kx_Ty5NkOx57V7Xl4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmTu4c3kUqifFW1p14h9V9t7Jwmct94KVAyaIfTy25M6MxZvpU_ljb2KMrnDxrMB8KNhxdGECk__QXf6e4Kx_Ty5NkOx57V7Xl4

Request Chain 174

https://um.simpli.fi/gp_match?google_gid=CAESEFslV3Ax3YjN-1vd1cpb4vM&google_cver=1&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLyddvax_Pn1qPNLOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLyddvax_Pn1qPNLOw

Request Chain 175

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELyThSscAsQ0Oeck49fdUwU&google_cver=1&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQjUo73HkJbjBTXh72U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQjUo73HkJbjBTXh72U

Request Chain 176

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQacm2Dk1JxybaS78vYtt8&google_cver=1&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYzkbBNlrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYzkbBNlrg&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B

Request Chain 177

https://d5p.de17a.com/cookies/google?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHhdjqqdfXI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHhdjqqdfXI

Request Chain 178

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7kAEIyWBAWRRWrqo2uBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7kAEIyWBAWRRWrqo2uBQ

Request Chain 179

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKAc6hqhOg0K9zeBjcYEuW4&google_cver=1&google_push=AXcoOmS6RQ37_4FQATtQTtPaPaeGfXex6dIq6W7ixrMaHDUhnBZVMKUeojmEOxu4Ad-Jq-BjQXrhsoF0aWgDtw8j0LCuSbTFZySwu4vT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjQxNWM4OGYtN2U4Zi00MzJmLTk1ZTAtZDVlZWI5ZTYzYjY1&google_push=AXcoOmS6RQ37_4FQATtQTtPaPaeGfXex6dIq6W7ixrMaHDUhnBZVMKUeojmEOxu4Ad-Jq-BjQXrhsoF0aWgDtw8j0LCuSbTFZySwu4vT HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 190

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_cver=1&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4wawrf3ygwl34IYNq9S3cd2Yxj-ovM_lGzXykZXJdHRkZKBQ HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4e850391643c16ac&is_secure=true&networkId=14000&version=1&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_cver=1&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4wawrf3ygwl34IYNq9S3cd2Yxj-ovM_lGzXykZXJdHRkZKBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAID8wcle0RpwMlHtvaAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4wawrf3ygwl34IYNq9S3cd2Yxj-ovM_lGzXykZXJdHRkZKBQ

Request Chain 191

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 192

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFRU3cbiIqyJLVSOW1H67ME&google_cver=1&google_push=AXcoOmTKBC4QGSAWM-hXzJhlsoIFKjHdIMIgHJrj5YcKjUFpOIlF5WCMeNlGlQH948ZIiJyzHOXi_uT1HM_s-0JnbgNMjX_lscwMwmY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRU3cbiIqyJLVSOW1H67ME&google_push=AXcoOmTKBC4QGSAWM-hXzJhlsoIFKjHdIMIgHJrj5YcKjUFpOIlF5WCMeNlGlQH948ZIiJyzHOXi_uT1HM_s-0JnbgNMjX_lscwMwmY

Request Chain 195

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF0Y_Hkic0VsaU_OzrbTmos&google_cver=1&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jPrk3UrjhhUGFQ-A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jPrk3UrjhhUGFQ-A

Request Chain 198

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 303
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&f=i&uid=7075889964596732407

Request Chain 201

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 202

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UDn9cgdq8CdLOat2Am_kJgI0qiVLNfonBDn2mi3l

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 206

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1228720579 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B

Request Chain 207

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDAzUUxpT1BZMU5SMy1CQWRHSTBjSW9iUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=7075889964596732407&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUxN0U3QjEtNjMyMy00MURDLThENkEtMEYyRjJFNTE1QjZC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-hMCLyCXL0StdeR8J_IjQ&google_cver=1

Request Chain 211

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7075889964596732407

Request Chain 213

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NPCYh1hE2uXpTEI6MydnTK2boLUllyA-~A&gdpr=0

Request Chain 216

https://gcdn.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4D135E255694B18C0D52A5F4E1F8B2441BB19E41.6FF4358737F4AD40BEDD89BF47D47F90E9BE15F9/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/681A7354BDAC8A2D9CF06D2F576ECB87B1BC622E.5F58491C4E2A879DDA89D4BC2AFBD54CA0BE0A32/key/cms1/cms_redirect/yes/mh/98/mip/176.115.237.224/mm/42/mn/sn-4g5ednsy/ms/onc/mt/1699457892/mv/u/mvi/1/pl/24/file/file.mp4

Request Chain 223

https://pixel.rubiconproject.com/sync.php?p=prebid HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=rubicon&uid=LOPXZNGB-12-58K

Request Chain 226

https://googleads.g.doubleclick.net/pagead/adview?ai=CWtH9k69LZc68If2D1fAPwq2gqAWs-4XAbuCRxo7nC2QQASC21-l7YJUCoAG__rOXA8gBCakCNPb5UM_ksT6oAwHIA8sEqgTHAk_QWhUJO-9Ro20X7Bi_5JyLcE2HRUwgCrvGvvFx78iCd6phuo9u9lWDCTUXG0xWiyMWoqWR6-pe9DgaeFqW909wjSO7BJ8WQIQ4IRFLv0BGWyqjE_oaC3nRulb0Yl-PKVQdDjEipZvkzBEdvA3k0gChwfP8nqX6-eS76N4NtxlmdjSAEfCzDMSfNMdeC4qdsPOwAOpWYAIIYRR45sUoDOkfyLY-wozaWMNXY7Lc5oUUrrP59644KXNOwb8UEcdxwIo8npl332hENGYBBAY4zy3DaaJcUtp9M-xXbcJ489N7xlD7UO15RIjGIGUX_2sGo0K5nEK7DEi3JSVe6P8Zjq4ILZ9GxEYMaY5VfOWg_uarcNSqm1TdZmlNXlI35JxSz1AedyDzYmDgzJ-2EgU_TN6XWgWZMI1MIGA0Ihtbz1b6ObowuWuDy8AEsPXQ6PcCiAXYrLyhB5IFBAgEGAGSBQQIBRgEoAYugAepgcxoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjM0H0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJRWh0dHBzOi8vcmVzb3VyY2VzLmJlYW1leC5jb20vZGUvdWx0aW1hdGUtY2FsaWJyYXRpb24tZWJvb2stMi4tYXVmbGFnZYAKAcgLAaIMDCoKCgjktLEC7rWxArgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=-013SZjmsNk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNmTY2GhrJ8TNgDflwt-01sjBMPdijjkE4qsqxxpNqBYdqVUEAX_7QvJV2Rt3FnUIUi7Hy7aw2GAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223886359044407274940%22,%22debug_reporting%22:true,%22destination%22:%22https://beamex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22854392639%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229665780006233665457%22}&andc=true

Request Chain 233

https://r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/681A7354BDAC8A2D9CF06D2F576ECB87B1BC622E.5F58491C4E2A879DDA89D4BC2AFBD54CA0BE0A32/key/cms1/cms_redirect/yes/mh/98/mip/176.115.237.224/mm/42/mn/sn-4g5ednsy/ms/onc/mt/1699457892/mv/u/mvi/1/pl/24/file/file.mp4 HTTP 302
https://r2---sn-4g5lzned.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/73E10319D136CE30EED204B3DA2DB34F8CF82E8D.CFB4FCCA0C4C7D2FC91FB43E8280910F6A10E5/key/cms1/mh/98/pl/32/redirect_counter/1/rm/sn-4g5eds7e/req_id/4bd9d15eefc836e2/cms_redirect/yes/ipbypass/yes/mip/2a01:7e01:e001:1c8::202/mm/42/mn/sn-4g5lzned/ms/onc/mt/1699458051/mv/m/mvi/2?file=file.mp4

Request Chain 238

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1699458968_549fa992-7e4f-11ee-bbbe-22643cd2ee20&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 241

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNLD6oDitIIDFaKP_QcdYGQNrg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023110816560990395147273X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023110816560990395147273X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 244

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPHH6oDitIIDFduigwcd5SEC1A;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023110816560990395147279X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

Request Chain 248

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1699458968_5499b620-7e4f-11ee-bbbe-22643cd2ee20&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 251

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CL_J6oDitIIDFYISiwodB5gCGw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023110816560990395147277X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023110816560990395147277X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 254

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIPB6oDitIIDFYftEQgdnCcEiA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023110816560990395147275X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

266 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/ 127 KB
31 KB 686ms
253ms Document
text/html 172.66.40.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef60796ea8e8bb989dc7b76c68a114a0533a47ad3bdc909ec5152a10802254b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 822f00f21d829bb8-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-site
ct-content-bucket: cyber-war
ct-content-type: Editorial
ct-date-published: 2023-08-28
date: Wed, 08 Nov 2023 15:56:02 GMT
expires: Wed, 08 Nov 2023 19:56:02 GMT
last-modified: Wed, 08 Nov 2023 12:28:55 GMT
permissions-policy: geolocation=(), camera=(), microphone=()
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 387ms
27ms Script
application/javascript 104.18.214.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1081
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 822f00f5ee999bca-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 15:56:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
85 KB 378ms
34ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3379425a1a6ce9f2b03f0c09af236e8c5c99a2cca3fa26391021969688b1efae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86909
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 15:56:02 GMT

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ad116ae1e0c852d421942d4bc1d98305c8ed70437e69dcfa77583a656f2294

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 base-69f914aba75b1bb036ab.js Show response
cybernews.com/js/ 24 KB
10 KB 118ms
117ms Script
application/javascript 172.66.40.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybernews.com/js/base-69f914aba75b1bb036ab.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49a24935c33b6588afe92ff18fd96fb3186453e8ce83caf438101329c9c35ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age: 13089
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=24352
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 08 Nov 2023 07:00:07 GMT
cf-bgj: minify
server: cloudflare
etag: W/"654b31f7-5f20"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
permissions-policy: geolocation=(), camera=(), microphone=()
cf-ray: 822f00f469389bb8-FRA
expires: Wed, 08 Nov 2023 19:56:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 484ms
88ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3205dcbf2858c6fb1b83b79f819ac99b10a41f7ae8c39bd4857b5e6252c266a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://cybernews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52108
x-xss-protection: 0
server: cafe
etag: 6624658275885261458
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 429ms
66ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

2353ecbbe75757e7cd0582f961d11d1152c16ec76d67914b9526ff152b0ae14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31404
x-xss-protection: 0
server: cafe
etag: 144 / 19669 / 31079511 / config-hash: 6902417098709738194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:02 GMT

GET
H2 200 5774 Show response
stpd.cloud/saas/ 342 KB
104 KB 721ms
340ms Script
text/javascript 104.18.30.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/5774
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef97ab35217e2ce4eac36ca6655dfb3cdb9f90832c9d45f0147887fdb487840

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 19:56:03 GMT
date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 15:55:59 GMT
server: cloudflare
age: 4
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 822f00f68a765c50-FRA
stpdhash: cache

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Zc04Wug9aj0/ Frame 096D 35 KB
36 KB 427ms
57ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Zc04Wug9aj0/hqdefault.jpg

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

fa8319a7de1f988af9c9b44cf634acfd4eed3ff9e52c8b92595e714543e26660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36312
x-xss-protection: 0
server: sffe
etag: "1693232197"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Nov 2023 17:56:03 GMT

GET
H2 200 Stefanie.jpg
media.cybernews.com/2022/11/ 27 KB
28 KB 499ms
68ms Image
image/jpeg 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/2022/11/Stefanie.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cfb4feaf4f8719eb6d662a3607fad57726112d6eca603a5c8a106c17eb71b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 9639
x-amz-cf-pop: FRA50-C1
cf-polished: origSize=38664
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 27781
last-modified: Tue, 29 Nov 2022 14:27:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "02a2adaa39b5431864d1ba9a5742d85b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab173677-FRA
x-amz-cf-id: oGImnyx1EOwna3-ZIFr_SjrY0RyWceZ7--V166F9mBiIjt7m3tW66A==
expires: Thu, 09 May 2024 07:16:03 GMT

GET
H2 200 WarsawStockExchange.jpg
media.cybernews.com/images/750w/2023/08/ 53 KB
53 KB 718ms
288ms Image
image/avif 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/750w/2023/08/WarsawStockExchange.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c9e49d06d3318c7ab964cb65b01f1b325433a40a01a356474faecc9862885f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 54129
cf-resized: internal=ok/h q=0 n=37+180 c=0+0 v=2023.9.8 l=54129
last-modified: Mon, 28 Aug 2023 18:40:12 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfDGi5-69wdb8wPq_cifZ4HE9Ju5KfpxHRw9djGO55DQ:e49f4a89186c3486d78d095242c1a0f4"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab1b3677-FRA

GET
H2 200 bookreviewGoingInfinite.jpg
media.cybernews.com/images/thumbnail/2023/11/ 18 KB
18 KB 515ms
85ms Image
image/avif 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail/2023/11/bookreviewGoingInfinite.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6230cb6538ab0738ccf6f068b860283f95c5c52a32404d366907c360f3e0b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 18394
cf-resized: internal=ok/h q=0 n=26+142 c=0+0 v=2023.9.8 l=18394
last-modified: Fri, 03 Nov 2023 09:23:01 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfHERaeuOC290kjeDOKlwEiBU2Pri99XVCPD58WiJxDQ:426f6847c5633ebbe712da743193bfd6"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab153677-FRA

GET
H2 200 exoplanet-discovery-ai.jpg
media.cybernews.com/images/thumbnail_small/2023/10/ 3 KB
3 KB 514ms
84ms Image
image/avif 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/10/exoplanet-discovery-ai.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05cd13161a893b6d815c353de95b25ff3a273e4baa4b503376817ec5c0ab259

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 2934
cf-resized: internal=ok/h q=0 n=35+0 c=15+63 v=2023.9.8 l=2934
last-modified: Tue, 31 Oct 2023 14:13:06 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfNAOz1sw3sRX4-W8CjRF6wvIh8iFZYhIqdjUqgfspDQ:0e244048c1ad101ee733562a41d8a8bd"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab1c3677-FRA

GET
H2 200 finding-waldo-missing-person.jpg
media.cybernews.com/images/thumbnail_small/2023/11/ 4 KB
4 KB 497ms
68ms Image
image/avif 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/11/finding-waldo-missing-person.jpg

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7842050c8ca63ebd3d9fd3b93af4f92d7677b26d6182bdc567cf79c6b3eeead

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 4187
cf-resized: internal=ok/h q=0 n=23+0 c=4+70 v=2023.9.8 l=4187
last-modified: Mon, 06 Nov 2023 13:55:20 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfvKevg11G5TmJL1i0-mCDqzZG8iFZYhIqdjUqgfspDQ:69bd180c63ef9907b586150fed461f46"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab143677-FRA

GET
H2 200 gary-mckinnon-one.png
media.cybernews.com/images/thumbnail_small/2023/10/ 3 KB
4 KB 311ms
67ms Image
image/avif 172.66.43.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cybernews.com/images/thumbnail_small/2023/10/gary-mckinnon-one.png

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7514b57976180ef294d9334ebf14d8dbc62cbe8f164bf119f64e352c384cbbb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 3560
cf-resized: internal=ok/h q=0 n=42+0 c=24+71 v=2023.9.8 l=3560
last-modified: Mon, 30 Oct 2023 09:17:34 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cf2Jdktgf93kbK6advbdVao6Bf8iFZYhIqdjUqgfspDQ:0ce6d9da1b2a046257b34a6c120563e4"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=15780000
accept-ranges: bytes
cf-ray: 822f00f7ab1e3677-FRA

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 45ms
44ms Script
application/javascript 104.18.214.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1081
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 822f00f61ef99bca-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 15:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 41ms
40ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b84dec5f06465cb3341d00853059e105b5c789fde96eb439e46381ff8fc38c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 15:56:02 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 450ms
152ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230055-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 3 KB
2 KB 368ms
32ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1699458962978&cv=11&fst=1699458962978&bg=ffffff&guid=ON&async=1&gtm=45He3b60v813159125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&hn=www.googleadservices.com&frm=0&tiba=Polish%20stock%20exchange%2C%20banks%20knocked%20offline%20by%20pro-Russian%20hackers%20%7C%20Cybernews&auid=113302561.1699458963&uamb=0&uaw=0&data=contentBucket%3Dcyber-war%3BcontentType%3DEditorial&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

cafe /

Resource Hash

47a9c24fa32c5ee7f6d3bedf824d413015acbce8d642ab170dcc7262dbd1fe4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 389ms
14ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 15:56:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Wru/+WTZgk0i3/bd0V8UKoymTG/jLL0HqnG+Clq6BIuLtyhWB4L/ygyiIqF5FInlJ8hLgJ89eY8ljZm7F5MTAA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ 427 KB
134 KB 40ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1519
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136817
x-xss-protection: 0
server: cafe
etag: 14142176788290477171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 07 Nov 2024 15:30:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
82 B 255ms
48ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cybernews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b65665e32c89ce2e092011b269b0fa005ab33c1ef15cb74f8e9a43838ff2300d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58
x-xss-protection: 0
expires: Wed, 08 Nov 2023 15:56:03 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 417ms
69ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je3b60v882489589z8813159125&_p=1699458962527&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=252605014.1699458962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699458963&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&dt=Polish%20stock%20exchange%2C%20banks%20knocked%20offline%20by%20pro-Russian%20hackers%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=cyber-war&ep.pagePostAuthor=Stefanie%20Schappert&tfd=1262
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 459ms
42ms Ping
text/plain 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=252605014.1699458962&gtm=45je3b60v882489589z8813159125&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 441ms
91ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=252605014.1699458962&gtm=45je3b60v882489589z8813159125&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1706240543

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 235ms
99ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31079473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03da929bc583ef63bdad194145be9e3d59e7333ae9de2d12199bfac568d32000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138486
x-xss-protection: 0
server: cafe
etag: 9728811889241073789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame D411 10 KB
5 KB 211ms
14ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 00:38:36 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 00:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 383ms
18ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcybernews.com%2F&domain=cybernews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cybernews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 08 Nov 2023 15:56:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 222166
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
414 B 111ms
26ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cybernews.com
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 405ms
31ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcybernews.com%2F&domain=cybernews.com&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 239350
expires: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 389ms
32ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231108

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a268fda0b2f2099a2df8d8c03602c3b7f2b0810c3c5dae9592240066a3f439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42909
x-jsd-version: 1.0.1867
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-JnTlFCqqRyZz2+hti6jCfqm7a4s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GebDo8H1AvFWBzC8VNEpTvao0OnhMyHUswFe2rO%2B2VNhgL6dIewTxNFsJlvg1vqpGjDKwHIGVKHNH7woJzn50XN6ekYM2aZ3uEJ4bzIcpWxtZGgPS%2BQLi2uj%2BNDN%2BaoDC0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 822f00fb4c69360b-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/589784210/ 42 B
455 B 368ms
24ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/589784210/?random=1699458962978&cv=11&fst=1699455600000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v813159125&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&frm=0&tiba=Polish%20stock%20exchange%2C%20banks%20knocked%20offline%20by%20pro-Russian%20hackers%20%7C%20Cybernews&data=contentBucket%3Dcyber-war%3BcontentType%3DEditorial&fmt=3&is_vtc=1&cid=CAQSGwDICaaNikYXkBumF4cRi_MeX38n1RS3YDWOOA&random=3382242829&rmt_tld=0&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/589784210/ 42 B
455 B 245ms
82ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/589784210/?random=1699458962978&cv=11&fst=1699455600000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v813159125&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&frm=0&tiba=Polish%20stock%20exchange%2C%20banks%20knocked%20offline%20by%20pro-Russian%20hackers%20%7C%20Cybernews&data=contentBucket%3Dcyber-war%3BcontentType%3DEditorial&fmt=3&is_vtc=1&cid=CAQSGwDICaaNikYXkBumF4cRi_MeX38n1RS3YDWOOA&random=3382242829&rmt_tld=1&ipr=y

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 1 KB
932 B 125ms
67ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8808b6e76bb56371a61cec3a0b3277aa7904f47a732583c18a2887bd6e5b4aaf

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AhLoekbwZbY3nbFYR0U0CY43suiWyOyxiTyNSS5fINIJMlrzGOE61zVDLAkiyCz7PhRb9t5dwum1F4bgwek53uomLbVTkS9WiBVnG%2FjCkoWcDWqJ3flnIpyy0%2BbMC%2BoaEoxrFFEKYnQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 822f00f9ceeebb97-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 412 B
601 B 172ms
118ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b703a73ecdeff91a9fe745078653a356c0abc482e8c0fb635e8313ad1c8b97c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy6DnKqsHKQK8ovIS9JLVBezFrh%2BhZuhEPHoGurBsaWdHCI99F9irRINorVEkXk6NAUtLkFjppuSPR1DwUhed5ytstk97YhiPk7s4UA2qXHUgOKuX3%2F8%2FCAfMHwIUCVaZ%2F7VY0llc4tn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 822f00f9cef4bb97-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 203ms
95ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cybernews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 88ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cybernews.com
date: Wed, 08 Nov 2023 15:56:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
400 B 103ms
30ms XHR
application/json 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 5f834584739e793881b4602e93a4767707b9f62fd0ce77e2e0574d0fcf8b8889

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 08 Nov 2023 15:56:03 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://cybernews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 377ms
22ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=57569037205&lsavail=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cybernews.com
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 260ms
193ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cc7b7bb1-229f-4596-8cc6-0fc3a7155eab&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=edbcdff0-8ec0-436e-8da8-b5fb3f675a09&tw_document_href=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&tw_iframe_status=0&txn_id=o3auk&type=javascript&version=2.3.29

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 167
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 2a1be62a7475ce90
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b87b5be099d3a604482f09adc7e0d0c666c493258ad713011c7f5b34125b4b2d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
727 B 195ms
128ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cc7b7bb1-229f-4596-8cc6-0fc3a7155eab&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=edbcdff0-8ec0-436e-8da8-b5fb3f675a09&tw_document_href=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&tw_iframe_status=0&txn_id=o3auk&type=javascript&version=2.3.29

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: a9e6eb233a5fcf35
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 440e33ebc0db43ba8962eede2edba5182f98e239dae4e9c96beac283ef27531a
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 379ms
23ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31079473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

f249fcdf8f170916e9124b0076512a56d63df7a3d3278a2b9e833e8602ca1793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDC3 452 KB
81 KB 601ms
599ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1699446535&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963114&bpp=4&bdt=613&idt=356&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7106346698344&frm=20&pv=2&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

cafe /

Resource Hash

1227f148f18c1971e512715e61a3d33913adb3b16b2d8a540636815cc7924ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 82549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Wed, 08 Nov 2023 15:56:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 126ms
32ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cybernews.com
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FF5 123 KB
42 KB 723ms
722ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963119&bpp=2&bdt=618&idt=390&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=i2F6joEBwk&p=https%3A//cybernews.com&dtd=397

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740edbb92fc3d51979b7c586cd2fe3c8a4d6927570ce672d67a9d6731ff93492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Wed, 08 Nov 2023 15:56:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 590A 722 B
709 B 509ms
508ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963121&bpp=1&bdt=620&idt=411&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tDtBWFHsvG&p=https%3A//cybernews.com&dtd=415

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba27b65f7b29211342dc9dd092586e9d8e6500efa8b09cdd67896d4a5701ef0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Wed, 08 Nov 2023 15:56:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8015 89 KB
29 KB 559ms
558ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963122&bpp=1&bdt=622&idt=420&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=4177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QpHqSCHFjL&p=https%3A//cybernews.com&dtd=423

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

cafe /

Resource Hash

aab9f7ba0b70416796c699383e3c999ef27fdca195e9154e61b0ff9c1ec521e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Wed, 08 Nov 2023 15:56:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1031670724691978 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 46ms
45ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1031670724691978?v=2.9.138&r=stable&domain=cybernews.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ec169e17d05c2935b44d196fe74a35c7c1ea22182fb146394f12b30d4396891

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 15:56:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35312
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: jDFlK2X6FWwx7eKZyWXRAVCAP54QPvXHAnPWkCVD3l/bRXmJ5s15V4hQWfkPNGdUOrWj4sXKLFmS3Y3Lh5Lwdg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ 0
45 B 139ms
34ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:03 GMT
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 438ms
47ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1031670724691978&ev=PageView&dl=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&rl=&if=false&ts=1699458963631&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699458963630.82543226&ler=empty&it=1699458963562&coo=false&rqm=GET

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 15:56:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 250 B
529 B 63ms
22ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

14991dc2f1a8c329fcaa7518bafdc67f643cc51a55dd29f8c0f78cb8afd97483

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cybernews.com
date: Wed, 08 Nov 2023 15:56:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 204
No Content /
ap.lijit.com/beacon/prebid-server/ Frame 5B84 0
0 23ms
23ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Wed, 08 Nov 2023 15:56:03 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap6ams1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 358ms
357ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1112288247702857&correlator=3668547402771010&eid=31079469%2C31079377%2C31079511&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&iu_parts=21924397842%2Ccybernews.com_300x600_sidebar_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699458963825&lmt=1699446535&adxs=1023&adys=1417&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&vis=1&psz=350x20&msz=350x0&fws=516&ohw=350&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=true&dlt=1699458962501&idt=668&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=3686707683&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a45d376b5fe06f6fb3a8006e9c9251ccd4e8905a39f6830e5d5c67a27af82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14752
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cybernews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17D2 6 KB
3 KB 466ms
76ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Thu, 07 Nov 2024 15:56:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 535ms
113ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/5774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:56:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 8015 23 KB
9 KB 830ms
240ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963122&bpp=1&bdt=622&idt=420&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=4177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QpHqSCHFjL&p=https%3A//cybernews.com&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8015 8 KB
823 B 447ms
71ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:09:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 15:56:04 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame 8015 15 KB
3 KB 779ms
139ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 11:36:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:01:25 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame 8015 376 KB
131 KB 780ms
140ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133662
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 11:36:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:01:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 8015 20 KB
9 KB 619ms
37ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8015 0
0 32ms
31ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkvm2TBf-7rRfl2PcpgAJqVCOQts4DYdhy9QylygtHps6WEQrxAo4rrW3PVIXEbLrMi_m7JBoFgN8dBGqbNwMYGyL9gA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963122&bpp=1&bdt=622&idt=420&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=4177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QpHqSCHFjL&p=https%3A//cybernews.com&dtd=423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js?bust=31079473

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f4401010d787a1d8f02820d3446a979e8a122ab370a6fe72f91a06d5cc67516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55826
x-xss-protection: 0
server: cafe
etag: 5274042168539554114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:04 GMT

GET
H2 200 container.html Show response
a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B5D 6 KB
3 KB 102ms
80ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
expires: Thu, 07 Nov 2024 15:56:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4FF5 4 KB
728 B 319ms
72ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963119&bpp=2&bdt=618&idt=390&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=i2F6joEBwk&p=https%3A//cybernews.com&dtd=397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:35:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 15:56:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 4FF5 2 KB
856 B 614ms
153ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 4FF5 23 KB
9 KB 689ms
237ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 4FF5 3 KB
1 KB 687ms
236ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 4FF5 20 KB
8 KB 499ms
39ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4FF5 0
0 24ms
24ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJ57hIrYJeb7ZKvRmX_S86gCiOCT69fBcjk6fj7EaneinxaC-WVj6hin2clh-LU-WYR2ycfx6x_hv9EnBWb5M5ryAk9g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963119&bpp=2&bdt=618&idt=390&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=i2F6joEBwk&p=https%3A//cybernews.com&dtd=397
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FF5 190 KB
60 KB 1045ms
278ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:05 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 4FF5 36 KB
15 KB 948ms
189ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CEA8 1 KB
643 B 50ms
48ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5671503242137789011/ Frame 4FF5 7 KB
7 KB 492ms
60ms Image
image/jpeg 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5671503242137789011/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e39af4735ed1aa6313905b592a6e40c99512008ac7d72c3337606e3cf1a04d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:47:30 GMT
x-content-type-options: nosniff
age: 25714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6805
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:30:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Nov 2024 08:47:30 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11942014177746681343/ Frame 4FF5 2 KB
2 KB 505ms
73ms Image
image/jpeg 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11942014177746681343/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cb5b44e1dee02f390048d0cfef96c9caae722ec030a4f7ad1e787cdabacd573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:16:55 GMT
x-content-type-options: nosniff
age: 124749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:10:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Nov 2024 05:16:55 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame C0BC 10 KB
4 KB 37ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 11:13:02 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 11:13:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame F00B 10 KB
4 KB 25ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 11:13:02 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 11:13:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 08D5 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 11:13:02 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 11:13:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4B5D 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CO9hZk69LZaH7NNeAx_AP78KnMJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NDc4MTE4OTA1MDU5OTXIAQmpAjT2-VDP5LE-4AIAqAMByAMCqgT8Ak_QkmQ3vIDHeMczFkKNf34_XJweeN857N3BStaF3RognmA9xsCoeg8OaVTMN2fDslokUtNSCveuj62f04FRtCZVovUCXoVB94EBcIZ3NBoV0PdVUD5aFzMN7-6FDRwjYeavsfOMctXanTR3PMZpjVbTPWvxrjEpcBc8Uw7nlQ_qxYtlk9zDQM6qsqbCG0lENozkHEFGNd2P0f8QBOfiF47KuS6gxmUvWy_LHrZp7ZN8RTdir0KCL6r0KjPi14Nr_h1ZA80-mc_qLjYC6QZ3CKkWwx0F0dqRPJdX5pi2bXYt1LRi8xyMYOmv2HHTSIUp9R10-gMjXpVRwbiUSDHuRDBBDOd55pH3p9BoJnfBQsFqVrEvBQMIv00yipHffr16HSVD2ZvDrTo3PqqDdui7RInJ5PGwmTUKCZ0Kmce92DJE6aNl6bT_rMnzU03YtxWG-7nMfxxNUAB_1bikh-Rv5M5_R4Reza4axzatYiU9pw-UonWkqpq_BN7ZzudZ4AQBgAaMxaP3mfa5ub0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NDc4MTE4OTA1MDU5OTUY4JV1&sigh=u6lzQez4gF0&uach_m=[UACH]&cid=CAQSOwDICaaNrz6WRXoOtL-uj6TxfoY74YJ_V3d4Rvw59i-2bKd2wrTUD86lSmfz2JJnBjo5QWqDEvvnGk96GAE
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4B5D 0
0 773ms
118ms Fetch
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j8srpmqymdcczg1wtxzwm8a30eer2phaz388zb5wffgwh3excjn40gx2rc2kf6bd801yn1gpde0sd9j6w5qxzc2x15v56p1afp7a4xpv76qcken8jjfpxztg1jc96cwvqhhw56tsmhzn47x8fh5dsma7m668w2b1pry5b9enm0nry1yk9pshk5p9dkpdg3nh2qg4mg992c4venfts3qv1e5scj6zy0f3a9ydd1w1k9wca3mwm934nw7zr85ybn61qh9c606qyphyqfexg4rjv45ffs0h7rrfwc15axa58myg1rtd5zwvyb0sj1fae1n5973qvhp4r0rxbh8mz9tw8155fgja4pwk17by2zh7tafpywjpjy5ekef3gdkp1q0g9rrghdqyr&b=ZUuvkwANPaEIEcBXAAnhb57mbCj96CPkse5g2A
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6BBC 2 KB
2 KB 832ms
179ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kw5hdpxvfbvnmg1skz8qfkrxcmpar1dfax0a4we3wq580c289cyaqwxjh8maneqfdanygxddb042w6tv7r6wsn89nhrtf7tnhtfqcqrc0a6vtp15wpyzjq6b3ts934vgnmv6cqe0ffd4bf2jmeqmn8gmqc6a83mvky9q6ddayv8xytbfrrtxwy1y6jqc0g76dqygcfwsa196rmwma691b2xweq4ah7jbmcvgs39a2hrjb3vg9gfak7gxjzf7j58q21849sr04crncrdxgn6dc8ex9m8mssvng8jz1xs81ay8xqvx3rpwzyqs3r98scze7jr1ckq03p3m8ygthaz9h5t5g6rsnxb4zbfrmp9ydm29rr82ts013rss0dkk1501sw3h19s58cnsw8peakdhxkg13y7q4cfsntrccnhr7aek2j2e3k9m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVZWk69LZaH7NNeAx_AP78KnMJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NDc4MTE4OTA1MDU5OTXIAQmpAjT2-VDP5LE-4AIAqAMByAMCqgT_Ak_QkmQ3vIDHeMczFkKNf34_XJweeN857N3BStaF3RognmA9xsCoeg8OaVTMN2fDslokUtNSCveuj62f04FRtCZVovUCXoVB94EBcIZ3NBoV0PdVUD5aFzMN7-6FDRwjYeavsfOMctXanTR3PMZpjVbTPWvxrjEpcBc8Uw7nlQ_qxYtlk9zDQM6qsqbCG0lENozkHEFGNd2P0f8QBOfiF47KuS6gxmUvWy_LHrZp7ZN8RTdir0KCL6r0KjPi14Nr_h1ZA80-mc_qLjYC6QZ3CKkWwx0F0dqRPJdX5pi2bXYt1LRi8xyMYOmv2HHTSIUp9R10-gMjXpVRwbiUSDHuRDBBDOd55pH3p9BoJnfBQsFqVrEvBQMIv00yipHffr16HSVD2ZvDrTo3PqqDdui7RInJ5PGwmTUKCZ0Kmce92DJE6aNl6bT_rMnzU03YtxWG-7nMfxxNUEJ99CpzfmMvLEk30V4XX1wj0zwAaAsleo9W6-dcPoSTHAsFUaeRmv474AQBgAaMxaP3mfa5ub0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1SUInXoCQNTnmad31-2D1tHEZUDw%26client%3Dca-pub-4647811890505995%26adurl%3D

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9793c10daf713761fe7f8e10bceae8e785e5842d6f0995f306e5c80d6e08de

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 822f0103df6f693a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 4B5D 3 KB
1 KB 432ms
86ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7BB7 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 4B5D 20 KB
8 KB 394ms
49ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B5D 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRY6AfRNLs-m28H4wpuIHpPkGpXOvnNrvoYMvOFkN5XX57Z2zGB5A6tkmara-91Mk9GLFPEhqqNJV012pxJP2r1bgk3IQ
Requested by: Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4B5D 24 KB
7 KB 401ms
57ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Nov 2024 19:44:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B5D 190 KB
60 KB 768ms
116ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C0BC 4 KB
1 KB 157ms
71ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 14:17:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 15:56:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0BC 205 B
651 B 788ms
183ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 261583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0BC 604 B
696 B 791ms
186ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 445058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame C0BC 15 KB
7 KB 372ms
75ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
server: cafe
etag: 18125926408851158271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:51:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame C0BC 21 KB
9 KB 377ms
81ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:51:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_cver=1&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8Xl...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1df473cde89217bd&is_secure=true&networkId=14000&version=1&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_cver=1&google_push=AXcoOmQjw4LS...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHwf4tfJJ-5QNigmAFAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEESW8IKUFd-EFJRKlXNuN...

170 B
188 B

67ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHwf4tfJJ-5QNigmAFAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8XlvMM5DEp-4pktZxwEq9Jc-F1HnAd2et1WID4k4CaP80TjWBQ

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHwf4tfJJ-5QNigmAFAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEESW8IKUFd-EFJRKlXNuNIg&google_push=AXcoOmQjw4LSN3Rs1RR5C2afJ9V-wgHIW2zHl_AHBh-5Roi-AB-l8XlvMM5DEp-4pktZxwEq9Jc-F1HnAd2et1WID4k4CaP80TjWBQ
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3...

170 B
188 B

70ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3yxpEpUG9UqOAeBsXfNqSyBMcHWYMOg7y941AreiDd86p-ibIKQ3Tn7g

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2023 15:56:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0de411db0dbb18bd6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEPUJHwyoCaQEmXYxNtbfK2E&google_cver=1&google_push=AXcoOmTjq0Nl8ZwrLDjvYeMdw9b3qvrlXD-NmSMFsmmqro3yxpEpUG9UqOAeBsXfNqSyBMcHWYMOg7y941AreiDd86p-ibIKQ3Tn7g
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECt7wi4iZsNFPApYMF87HrQ&google_cver=1&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDb...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5NzM3MDI2OA%3D%3D&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDbGLbn...

170 B
329 B

179ms
177ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5NzM3MDI2OA%3D%3D&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDbGLbnQGjJ6Y3d4r

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5NzM3MDI2OA%3D%3D&google_push=AXcoOmS4hiz477dQfLOsBR-h5gOF4j8WN4cCAXISFFL0v-begmlGeEJwaO6FSh5IWnOkSDB9ww6OVR2a_5OHDbGLbnQGjJ6Y3d4r
Date: Wed, 08 Nov 2023 15:56:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECAhDbTPruMeUeqBr95uBRw&google_cver=1&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JC...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JCVo_txykFefr_Xw

170 B
232 B

217ms
202ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JCVo_txykFefr_Xw

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:04 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmTKyldsDuCws0Wiw_TebxbXNf7y3B7XyCnRg3h0ktXaECHDw7i3QYpLYjqW4kYAPSh_JpsSea8bBeLIv6JCVo_txykFefr_Xw
x-host: tde-deliveryengine-production-bb588bf9-zp7gw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB5svYSQr0-w78HPwT-pWdE&google_cver=1&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2i...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2ixY5bAgg&google_hm=eS13T2xneUFkRTJwSHl6...

170 B
188 B

70ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2ixY5bAgg&google_hm=eS13T2xneUFkRTJwSHl6dGR6aExlUzJyRWF4SUtJNUN3cX5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSiDk9xOMYEBk2x8UhCIemYDxbKbs4CNuFFhEt-UxNLukepQPMyv_vRAR8O0-OyBPIkEDu_gF46NKsvRsf0SASYS2ixY5bAgg&google_hm=eS13T2xneUFkRTJwSHl6dGR6aExlUzJyRWF4SUtJNUN3cX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFBjkIh_HpsM1XSVGyaQrPo&google_cver=1&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFBjkIh_HpsM1XSVGyaQrPo&google_cver=1&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q

170 B
232 B

127ms
119ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWiBDmfh0JpNFt0F2tG356d2PqeoJm1vHtIOIxf6JxOjvAgreIiwnc91ZWYXTxcuPQ7R8xvLxQ7X_LaOvuG2I20WZEKWi51Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVx0ZwlABL4WTT2RxiyS7w&google_cver=1&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVx0ZwlABL4WTT2RxiyS7w&google_cver=1&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMN...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxMDIwNDYxMjU2MTc1NTI4MA&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6r...

170 B
188 B

73ms
73ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxMDIwNDYxMjU2MTc1NTI4MA&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii3_HhHxxHEoHBWr8YY1Rzfw

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkxMDIwNDYxMjU2MTc1NTI4MA&google_push=AXcoOmTkOdtJ2JBD80mAIy7B1tNBUfxYLXUQqJNjBqs4aEJzP2VTyyi3Zs7LNZcWEz1hqwqUjMNK6rii3_HhHxxHEoHBWr8YY1Rzfw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CEA8 0
130 B 481ms
136ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5TRjLTzvae3DpwKvcTpYS3VNwg4R6uy4rA6tj64bjT4wwkxtukCfRy8v8Ari8LAq41go2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame FE8D 2 KB
3 KB 757ms
175ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kgtry4y4g7mkxr79v4yz4xnpyx9qyj271xst908k416ay2ha5zx86e1enyqnb0rx4cj4fz9n0ezr4xtcsnztmt5t96h3r235eenypp1db0qfr17wt1hp46mfrswkw4ggf86z2bcngsvmgzjxcq24fhjg8dhwg470aysjd05z07v5ypn7wp8qqf6gb8b3tk8kyhvg6shxh2f15hqh27jcr0qdr7kn6xjpdhkm0xbvd9tv1nxe58ywqymaz06x9q7kcxvwn1j6qwkegxtw3bk8v6dny0mfb8cwn44r8ws6j48rsf9s7jqhm6md4xffbzz0dbct2z16vqfw2h2bb09exemfy8kxzx33807qaqq73jtmaycra86wf22zd64qbx2zy96t9ag2v8eme0nxy6ze9dd3r0xv3kt48fn4t2y07k4emqtmthfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsPLdk69LZcnqILe01fAPzrq06A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAjT2-VDP5LE-qAMByAMCqgS7Ak_QYMJ2wHYO5clQWNUthlkjMRo0_gVix0ecWY1bAGSc9_hMmDjf9FH7eJQIUU1qzumnPbCOjcqfqdxYzOcnrQJCKrQ5Q0-Cg7Z_OWgSxC-kZL13FxNpnYdaasCd39dB9_GbgJUT9A3qfppUbxRuP2F9zlt7D1klsOdFuvcrRT9KWoh2YZ1b8stO5nihOw44r2owmrzWsLaKeSkzIe2Ci5diiNnu4o35dwJkZJGV9Rh1lUUUgj06kWf08xd10B3dK0vG8Hk2ONsi6TQjDf3kdpoWIV096D64NmxXlcWEzK2g60ZaiF7Su5ymP48i5Re5uRsXegHrEvOm4u21lgVhkP3R_TIbTTu-zEYESryqTn67EEIP0nQFAdQS_KX5w3rbpdKAiEWpZ3suEER558aP4oLN7Lf3Wmb7MjL-wIAGuJ761aXyxYPWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3c7kN1uLgANhueCOnbpSoLNjA_8g%26client%3Dca-pub-5928161074779380%26adurl%3D

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1081f22c686747d1364f79586661f5944afba93bfedc36ff033dd3dc3e70c571

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 822f0103df70693a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C6A7 3 KB
1 KB 533ms
259ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21D3 1 KB
643 B 25ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C6A7 20 KB
8 KB 356ms
83ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6A7 0
0 64ms
63ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoyjbfXi1zKEcvlPpFb40lY6j8Zr1loalhUx2_55xrint85_PcSUVhnenLn0LRBns4jFFGIr1A4Q9pVBuCJ2jWwaIczA
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6A7 190 KB
60 KB 917ms
337ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:05 GMT

GET
H2 200 8a6c58a25e971cfbc194f00dd2aa8ad4.js Show response
www.gstatic.com/mysidia/ Frame 7930 9 KB
4 KB 770ms
226ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 14:31:25 GMT

GET
H2 200 2aad32affd975f654520284c5f3371dc.js Show response
www.gstatic.com/mysidia/ Frame 7930 41 KB
16 KB 768ms
224ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2aad32affd975f654520284c5f3371dc.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7092331fc692253229091474d0c1b1d3549b0db4a624fa8a3e72135101701102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16371
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 19:42:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 09:25:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7930 2 KB
903 B 323ms
88ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 436ceb4ab4043756559b2f6a211c1afd.js Show response
www.gstatic.com/mysidia/ Frame 7930 23 KB
10 KB 737ms
194ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/436ceb4ab4043756559b2f6a211c1afd.js?tag=exit_2019

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5a300e1bffda500ddb65f39dadae505b90cc72bda4e6ca088d686bbc18a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 23:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9691
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 23:16:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 7930 23 KB
9 KB 329ms
94ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7930 3 KB
1 KB 327ms
92ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 7930 20 KB
8 KB 313ms
78ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7930 0
0 66ms
65ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQq-gR4s-qG5H6B71bTFUlDZQObe3xC0xMIAZh8wI-JZ1a_yNnycMbXC2aa3znRrDF3fGk5zR4IlfufLn-0_3BzDE0W_A
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7930 190 KB
60 KB 847ms
305ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:05 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 7930 36 KB
15 KB 823ms
282ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 797ms
147ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 09 Nov 2023 15:56:05 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 7BB7 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7BB7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENIMGJ2zAGpdj_myrFT4r4k&google_cver=1&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx0bC4n97mv5s_YcDvF&google_hm=7TD-K5E-Q6S0sv1un1wbuOA

170 B
232 B

218ms
207ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx0bC4n97mv5s_YcDvF&google_hm=7TD-K5E-Q6S0sv1un1wbuOA

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSLhNpFNXMTW4EHLVwk3r4Nhn6V1Lhng3GsbnuaweenQzF9iV4YIKSIV1xyjVV-EfsYmvtUlaUyOBx0bC4n97mv5s_YcDvF&google_hm=7TD-K5E-Q6S0sv1un1wbuOA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7BB7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPhuX-oWq9RAuH3TIGvR7yY&google_cver=1&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRt...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRtzZ2V...

170 B
232 B

212ms
198ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRtzZ2VMDBYWdk7_C

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmTndGOi88LXblDfevmaTJfnM7KW6DZh-5-2W4M2m_geCY0E_kA-iQCbByuPtr_CaYLZSNS85jAH6hJgRtzZ2VMDBYWdk7_C
Date: Wed, 08 Nov 2023 15:56:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7BB7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDDnIzN1thL_-L-EV-03HPY&google_cver=1&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDDnIzN1thL_-L-EV-03HPY&google_cver=1&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ

170 B
232 B

128ms
120ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQdMuK23uUM6WNSpRH4MmEluZz5S6qC1yA1sYQj5sLCcBoVwRLr-xx60a5EMi7a1bSXvE5mvadz8TorKg_LHu4d2D7mwStJ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7BB7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

70ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTL6RvxKH4oxnR4jdGbJcr8wf1htiyj0DC_q5VHkL6NSOsxPpPeayEXZkc4B-iP5B1SG4j5IqgRVrKMrSJsjWMdDrGIui9k

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTL6RvxKH4oxnR4jdGbJcr8wf1htiyj0DC_q5VHkL6NSOsxPpPeayEXZkc4B-iP5B1SG4j5IqgRVrKMrSJsjWMdDrGIui9k
date: Wed, 08 Nov 2023 15:56:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 ebda
match.360yield.com/match/ Frame 7BB7 43 B
199 B 694ms
169ms Image
image/gif 52.48.216.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEHReuLtan38lI5DU2RCRrRM&google_cver=1&google_push=AXcoOmQZ3ONVr_hLjUCliPtcSrnFqN2K-XUKWY_s1u099f-16-GCMtSlBHmj-hrwMhfgmCnEBtJ8E3rsv9RCeDiLOIyQJHv-3Sy4
Requested by: Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.48.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-216-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 15:56:05 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 7BB7 0
44 B 138ms
118ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO4I5-QkQiyZPCgFh2VPrzM&google_cver=1&google_push=AXcoOmRxsGT-8lKXL6DIcD4eWjeRH_GC4OVk0N4lB4hngjw0CVgqYnMYdaUM1IPt3Jfc4EyxBWycrpY7cb2e36Q4J9EFiMCVEOfs
Requested by: Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7BB7 0
40 B 405ms
137ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iw2HoT02fiZ5gTOFIp6hZxr24Wsrr8YUDD0lKAisWqN5TQ_4Gdmc4eH42Xz90VSqpBI-xf

Requested by

Host: a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com
URL: https://a1e741e5b12f546ac6a7c2c1b9d01d24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21D3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y...

170 B
188 B

70ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y14suWoF58AMdNIp7dwpOZgOlLqShggadGQJCbP0hFfnj0iivw5Kd13Lc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2023 15:56:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmQLz1CXUCI-l4i2wb5zvN1EhvEgfhOoGLDicV_e_9Y14suWoF58AMdNIp7dwpOZgOlLqShggadGQJCbP0hFfnj0iivw5Kd13Lc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 21D3 70 B
149 B 587ms
181ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDnrUBxbo67W4a3Gxx6wXXo&google_cver=1&google_push=AXcoOmQZVgHgQrlLVAF_nnJUH_B1mejvHRzvMUt7fo8-EZhGf7QTKpxZScPsIlSrATqcu0Uc4CG3kORpx6ZjoG7B46Jrpf329j0DGC0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 21D3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELIrIM4bipf-Ibfo2JiL84o&google_cver=1&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aQ9FKCV2QG0NJmTW60ftGQ&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rGnEQLU6cxU5B0tNg

170 B
232 B

216ms
200ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aQ9FKCV2QG0NJmTW60ftGQ&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rGnEQLU6cxU5B0tNg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:04 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aQ9FKCV2QG0NJmTW60ftGQ&google_push=AXcoOmTHXUipx2rRGaXlD8PA_1vnte-j6MTX7_LZXV959jlAjpscKTViF3gq-eyrXn8XVzVBONsHd1jOGwJxu2rGnEQLU6cxU5B0tNg
x-host: tde-deliveryengine-production-bb588bf9-2pmkc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 21D3 43 B
145 B 739ms
127ms Image
image/gif 35.158.220.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN8DfRmzikz11s_18tL4qaM&google_cver=1&google_push=AXcoOmSsNjkyD3EqUwssSiejniNaviMl0P1N53tVbiLNSq_bum4mxw6Eo6-Eq0Ws1M6D0ew01gYfY7033qjhDI7xeKphHUS1vJ2la3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.220.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-220-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 21D3 43 B
362 B 581ms
175ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTvvaumcek3D-6T4mFaQbxs5Da9D7xkIt5QtIXlCp179FHlsuxEzfHF5cSO4sDCzs1PjExSKs6ObcWkicwiYshBPBG2aOl5WXI&google_gid=CAESEGLMtFU4Y63RKkHI4z8VuLI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:03 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 245590
expires: Wed, 08 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21D3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOGa0mThHKL_0Ij8XGlmsEI&google_cver=1&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOGa0mThHKL_0Ij8XGlmsEI&google_cver=1&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA3NTg4OTk2NDU5NjczMjQwNw&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtm...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA3NTg4OTk2NDU5NjczMjQwNw&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQF0ZBr7iDlNEUJJtCMCqgTwI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA3NTg4OTk2NDU5NjczMjQwNw&google_push=AXcoOmRVF_Myl1XJNZU1ErJdkJv7G-QWRNb1K8Be7HWLzGj5hCoHEm7hnx1lP2Aum_i307M70QGZtmZQF0ZBr7iDlNEUJJtCMCqgTwI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 21D3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyKvP_ZLFG8zuG-ieqsHX0

170 B
232 B

128ms
116ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyKvP_ZLFG8zuG-ieqsHX0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6Ycie6EBc2bSBjAL_ndLCymSR_9KvSY94JmwyDLFKTtfEOZV9EKeXO8sVLgP-CplP1tKn9gkd9oyKvP_ZLFG8zuG-ieqsHX0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 21D3 0
49 B 398ms
137ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZ27FDmgsoqP0m1dRMZbZ5q_l5RTOUB_e5OFyAvOdB8qxTknATm5iQSPYpLQUWQ54YUIv2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame DC2D 14 KB
1 KB 109ms
109ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 15:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:50:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 15:56:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DC2D 2 KB
856 B 354ms
234ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame DC2D 23 KB
9 KB 275ms
155ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F68 143 B
166 B 142ms
139ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DC2D 3 KB
1 KB 273ms
154ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 15:31:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B68D 1 KB
643 B 136ms
135ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame DC2D 20 KB
8 KB 171ms
54ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DC2D 0
0 131ms
130ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfAog8PVUnfs6Y_MbilLuvw0zg920WpUAhXOPLp2iIVhpJHe_BI-W9G2ia4RcdPy_ML-ek8Q_ngNHtgWJI93LuIFa83A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC2D 190 KB
60 KB 654ms
229ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 15:56:05 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame DC2D 36 KB
15 KB 704ms
280ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 37F2 15 KB
6 KB 792ms
177ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=138806
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: Fri, 10 Nov 2023 06:29:31 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B68D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFslV3Ax3YjN-1vd1cpb4vM&google_cver=1&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFBF5jPPBLFnCzcO7Gk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFB...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFBF5jPPBLFnCzcO7Gk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSiUW1F0stFWPyg_ydbPbZfvYvcKnuF9kC5kEXejTYAMvCyGXpf9-6HyhpGKDdFb9v7mEr6ZM8qL7WsTFBF5jPPBLFnCzcO7Gk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Nov 2023 15:56:05 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame B68D 0
98 B 577ms
88ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTcf1sqk5ko-WB7GVq1y7tYfy7Z-F8JId_y7hDArRTLQaKs6XmzDBrm0zN9UM2GwcmFiOyvw1-hhcC0pdlaQ21GY1i1DS90TxU&google_gid=CAESECXenK_VBSVT653kqZvQrqQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame B68D 43 B
146 B 461ms
126ms Image
image/gif 35.158.220.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN8DfRmzikz11s_18tL4qaM&google_cver=1&google_push=AXcoOmQnxGDFZ4DIXJSS9feN6q34FwLNCbzWiyIBEYMIWnVcEM7WLyz_d3WdkXCjCCcnPxytozrCZ_t1TC7I0fSdKkGxjXpaU8S66sE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.220.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-220-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B68D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQacm2Dk1JxybaS78vYtt8&google_cver=1&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58WgABb7bQ&google_hm=eS1LZGg2SjExRTJwRzU...

170 B
188 B

106ms
103ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58WgABb7bQ&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTcf9VVHufE2FsU51OTbsZbR6MJkv13wALSrtdQ2J_Q3erzUiKb0FTLJrxqUaKyR4UzbTdo_ueJmbdrambody2OO58WgABb7bQ&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B68D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo

170 B
188 B

69ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSOSgRDa59V-xPpG5d9XTfq9_B8kaTqwm02Gzbwar2abtDPqKTh_FaLTlgXcnj5S_FWlnshGllhIEriw-fS75QE_09O6_uTAjo
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B68D 43 B
363 B 299ms
173ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS9W6E3UlRXVHyH38K4JH2iEHktH9hODn-lIWwBH95yR5Y1skMAbFd9e7tOistcox1UoiHUNyNMecB6FjTkRG-LmpRtqQPs9lw&google_gid=CAESEGLMtFU4Y63RKkHI4z8VuLI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242867
expires: Wed, 08 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B68D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_s...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_sFEz_v8g1N3wBAuk7cx8

170 B
232 B

128ms
117ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_sFEz_v8g1N3wBAuk7cx8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSREhgWDAADQ0erhqHUAhSu8NNmPa-14NwqOGqAK48xBBQVAmvOeyD3T0iNZf91QjX4UR0TKRO5co_sFEz_v8g1N3wBAuk7cx8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B68D 0
40 B 195ms
170ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ko8YNZMGkEzzqhk-VglKw4Wl2keyKl4lUHqemLwrJML3fq7QGIFhuD5HoQlGEcjS4rZmae

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

244ms
236ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: Wed, 08 Nov 2023 15:56:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4FF5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a672c0c584965c3935315b9660af6263740398cc9493516dda2a3d87f648fcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4B5D 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab3dd975c939635f2b87c4d692fc08bf2006f0e8614efeeac9e2ea3325bdbdcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame FE8D 115 KB
14 KB 97ms
89ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgtry4y4g7mkxr79v4yz4xnpyx9qyj271xst908k416ay2ha5zx86e1enyqnb0rx4cj4fz9n0ezr4xtcsnztmt5t96h3r235eenypp1db0qfr17wt1hp46mfrswkw4ggf86z2bcngsvmgzjxcq24fhjg8dhwg470aysjd05z07v5ypn7wp8qqf6gb8b3tk8kyhvg6shxh2f15hqh27jcr0qdr7kn6xjpdhkm0xbvd9tv1nxe58ywqymaz06x9q7kcxvwn1j6qwkegxtw3bk8v6dny0mfb8cwn44r8ws6j48rsf9s7jqhm6md4xffbzz0dbct2z16vqfw2h2bb09exemfy8kxzx33807qaqq73jtmaycra86wf22zd64qbx2zy96t9ag2v8eme0nxy6ze9dd3r0xv3kt48fn4t2y07k4emqtmthfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsPLdk69LZcnqILe01fAPzrq06A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAjT2-VDP5LE-qAMByAMCqgS7Ak_QYMJ2wHYO5clQWNUthlkjMRo0_gVix0ecWY1bAGSc9_hMmDjf9FH7eJQIUU1qzumnPbCOjcqfqdxYzOcnrQJCKrQ5Q0-Cg7Z_OWgSxC-kZL13FxNpnYdaasCd39dB9_GbgJUT9A3qfppUbxRuP2F9zlt7D1klsOdFuvcrRT9KWoh2YZ1b8stO5nihOw44r2owmrzWsLaKeSkzIe2Ci5diiNnu4o35dwJkZJGV9Rh1lUUUgj06kWf08xd10B3dK0vG8Hk2ONsi6TQjDf3kdpoWIV096D64NmxXlcWEzK2g60ZaiF7Su5ymP48i5Re5uRsXegHrEvOm4u21lgVhkP3R_TIbTTu-zEYESryqTn67EEIP0nQFAdQS_KX5w3rbpdKAiEWpZ3suEER558aP4oLN7Lf3Wmb7MjL-wIAGuJ761aXyxYPWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3c7kN1uLgANhueCOnbpSoLNjA_8g%26client%3Dca-pub-5928161074779380%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kgtry4y4g7mkxr79v4yz4xnpyx9qyj271xst908k416ay2ha5zx86e1enyqnb0rx4cj4fz9n0ezr4xtcsnztmt5t96h3r235eenypp1db0qfr17wt1hp46mfrswkw4ggf86z2bcngsvmgzjxcq24fhjg8dhwg470aysjd05z07v5ypn7wp8qqf6gb8b3tk8kyhvg6shxh2f15hqh27jcr0qdr7kn6xjpdhkm0xbvd9tv1nxe58ywqymaz06x9q7kcxvwn1j6qwkegxtw3bk8v6dny0mfb8cwn44r8ws6j48rsf9s7jqhm6md4xffbzz0dbct2z16vqfw2h2bb09exemfy8kxzx33807qaqq73jtmaycra86wf22zd64qbx2zy96t9ag2v8eme0nxy6ze9dd3r0xv3kt48fn4t2y07k4emqtmthfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsPLdk69LZcnqILe01fAPzrq06A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAjT2-VDP5LE-qAMByAMCqgS7Ak_QYMJ2wHYO5clQWNUthlkjMRo0_gVix0ecWY1bAGSc9_hMmDjf9FH7eJQIUU1qzumnPbCOjcqfqdxYzOcnrQJCKrQ5Q0-Cg7Z_OWgSxC-kZL13FxNpnYdaasCd39dB9_GbgJUT9A3qfppUbxRuP2F9zlt7D1klsOdFuvcrRT9KWoh2YZ1b8stO5nihOw44r2owmrzWsLaKeSkzIe2Ci5diiNnu4o35dwJkZJGV9Rh1lUUUgj06kWf08xd10B3dK0vG8Hk2ONsi6TQjDf3kdpoWIV096D64NmxXlcWEzK2g60ZaiF7Su5ymP48i5Re5uRsXegHrEvOm4u21lgVhkP3R_TIbTTu-zEYESryqTn67EEIP0nQFAdQS_KX5w3rbpdKAiEWpZ3suEER558aP4oLN7Lf3Wmb7MjL-wIAGuJ761aXyxYPWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3c7kN1uLgANhueCOnbpSoLNjA_8g%26client%3Dca-pub-5928161074779380%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206090
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngj8SBiNYbhXZdpk4hs3LOXRLBQzenP9EiA6v%2BXYpvreGoq2uYKeJo7xFOhhWQ6zgtzE3Cscu4R1GQKUvJ5GF1CD66nraSGVe38Vw%2Bp1ETnsW3FSYesq9IkoNDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 822f01053939693a-FRA
expires: Thu, 09 Nov 2023 15:56:05 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame FE8D 25 KB
10 KB 115ms
108ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgtry4y4g7mkxr79v4yz4xnpyx9qyj271xst908k416ay2ha5zx86e1enyqnb0rx4cj4fz9n0ezr4xtcsnztmt5t96h3r235eenypp1db0qfr17wt1hp46mfrswkw4ggf86z2bcngsvmgzjxcq24fhjg8dhwg470aysjd05z07v5ypn7wp8qqf6gb8b3tk8kyhvg6shxh2f15hqh27jcr0qdr7kn6xjpdhkm0xbvd9tv1nxe58ywqymaz06x9q7kcxvwn1j6qwkegxtw3bk8v6dny0mfb8cwn44r8ws6j48rsf9s7jqhm6md4xffbzz0dbct2z16vqfw2h2bb09exemfy8kxzx33807qaqq73jtmaycra86wf22zd64qbx2zy96t9ag2v8eme0nxy6ze9dd3r0xv3kt48fn4t2y07k4emqtmthfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsPLdk69LZcnqILe01fAPzrq06A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAjT2-VDP5LE-qAMByAMCqgS7Ak_QYMJ2wHYO5clQWNUthlkjMRo0_gVix0ecWY1bAGSc9_hMmDjf9FH7eJQIUU1qzumnPbCOjcqfqdxYzOcnrQJCKrQ5Q0-Cg7Z_OWgSxC-kZL13FxNpnYdaasCd39dB9_GbgJUT9A3qfppUbxRuP2F9zlt7D1klsOdFuvcrRT9KWoh2YZ1b8stO5nihOw44r2owmrzWsLaKeSkzIe2Ci5diiNnu4o35dwJkZJGV9Rh1lUUUgj06kWf08xd10B3dK0vG8Hk2ONsi6TQjDf3kdpoWIV096D64NmxXlcWEzK2g60ZaiF7Su5ymP48i5Re5uRsXegHrEvOm4u21lgVhkP3R_TIbTTu-zEYESryqTn67EEIP0nQFAdQS_KX5w3rbpdKAiEWpZ3suEER558aP4oLN7Lf3Wmb7MjL-wIAGuJ761aXyxYPWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3c7kN1uLgANhueCOnbpSoLNjA_8g%26client%3Dca-pub-5928161074779380%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 206089
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkoMsFTZMENHTGTJwJrH1CuROOrteNqh70jy8ehpUiALBfwjuKl9XV3E3uzF0yZKq9X81ATAfBBsVbg6AmEO%2BhcZwvjVqVqrLdDHG9Gm2sz9%2BKDiHzJWaks%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 822f01054951693a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 Nov 2023 06:41:16 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6BBC 115 KB
13 KB 119ms
118ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kw5hdpxvfbvnmg1skz8qfkrxcmpar1dfax0a4we3wq580c289cyaqwxjh8maneqfdanygxddb042w6tv7r6wsn89nhrtf7tnhtfqcqrc0a6vtp15wpyzjq6b3ts934vgnmv6cqe0ffd4bf2jmeqmn8gmqc6a83mvky9q6ddayv8xytbfrrtxwy1y6jqc0g76dqygcfwsa196rmwma691b2xweq4ah7jbmcvgs39a2hrjb3vg9gfak7gxjzf7j58q21849sr04crncrdxgn6dc8ex9m8mssvng8jz1xs81ay8xqvx3rpwzyqs3r98scze7jr1ckq03p3m8ygthaz9h5t5g6rsnxb4zbfrmp9ydm29rr82ts013rss0dkk1501sw3h19s58cnsw8peakdhxkg13y7q4cfsntrccnhr7aek2j2e3k9m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVZWk69LZaH7NNeAx_AP78KnMJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NDc4MTE4OTA1MDU5OTXIAQmpAjT2-VDP5LE-4AIAqAMByAMCqgT_Ak_QkmQ3vIDHeMczFkKNf34_XJweeN857N3BStaF3RognmA9xsCoeg8OaVTMN2fDslokUtNSCveuj62f04FRtCZVovUCXoVB94EBcIZ3NBoV0PdVUD5aFzMN7-6FDRwjYeavsfOMctXanTR3PMZpjVbTPWvxrjEpcBc8Uw7nlQ_qxYtlk9zDQM6qsqbCG0lENozkHEFGNd2P0f8QBOfiF47KuS6gxmUvWy_LHrZp7ZN8RTdir0KCL6r0KjPi14Nr_h1ZA80-mc_qLjYC6QZ3CKkWwx0F0dqRPJdX5pi2bXYt1LRi8xyMYOmv2HHTSIUp9R10-gMjXpVRwbiUSDHuRDBBDOd55pH3p9BoJnfBQsFqVrEvBQMIv00yipHffr16HSVD2ZvDrTo3PqqDdui7RInJ5PGwmTUKCZ0Kmce92DJE6aNl6bT_rMnzU03YtxWG-7nMfxxNUEJ99CpzfmMvLEk30V4XX1wj0zwAaAsleo9W6-dcPoSTHAsFUaeRmv474AQBgAaMxaP3mfa5ub0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1SUInXoCQNTnmad31-2D1tHEZUDw%26client%3Dca-pub-4647811890505995%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kw5hdpxvfbvnmg1skz8qfkrxcmpar1dfax0a4we3wq580c289cyaqwxjh8maneqfdanygxddb042w6tv7r6wsn89nhrtf7tnhtfqcqrc0a6vtp15wpyzjq6b3ts934vgnmv6cqe0ffd4bf2jmeqmn8gmqc6a83mvky9q6ddayv8xytbfrrtxwy1y6jqc0g76dqygcfwsa196rmwma691b2xweq4ah7jbmcvgs39a2hrjb3vg9gfak7gxjzf7j58q21849sr04crncrdxgn6dc8ex9m8mssvng8jz1xs81ay8xqvx3rpwzyqs3r98scze7jr1ckq03p3m8ygthaz9h5t5g6rsnxb4zbfrmp9ydm29rr82ts013rss0dkk1501sw3h19s58cnsw8peakdhxkg13y7q4cfsntrccnhr7aek2j2e3k9m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVZWk69LZaH7NNeAx_AP78KnMJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NDc4MTE4OTA1MDU5OTXIAQmpAjT2-VDP5LE-4AIAqAMByAMCqgT_Ak_QkmQ3vIDHeMczFkKNf34_XJweeN857N3BStaF3RognmA9xsCoeg8OaVTMN2fDslokUtNSCveuj62f04FRtCZVovUCXoVB94EBcIZ3NBoV0PdVUD5aFzMN7-6FDRwjYeavsfOMctXanTR3PMZpjVbTPWvxrjEpcBc8Uw7nlQ_qxYtlk9zDQM6qsqbCG0lENozkHEFGNd2P0f8QBOfiF47KuS6gxmUvWy_LHrZp7ZN8RTdir0KCL6r0KjPi14Nr_h1ZA80-mc_qLjYC6QZ3CKkWwx0F0dqRPJdX5pi2bXYt1LRi8xyMYOmv2HHTSIUp9R10-gMjXpVRwbiUSDHuRDBBDOd55pH3p9BoJnfBQsFqVrEvBQMIv00yipHffr16HSVD2ZvDrTo3PqqDdui7RInJ5PGwmTUKCZ0Kmce92DJE6aNl6bT_rMnzU03YtxWG-7nMfxxNUEJ99CpzfmMvLEk30V4XX1wj0zwAaAsleo9W6-dcPoSTHAsFUaeRmv474AQBgAaMxaP3mfa5ub0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1SUInXoCQNTnmad31-2D1tHEZUDw%26client%3Dca-pub-4647811890505995%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206090
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIPclFqBDiJP7OR6wXFwImOthkLjLLQ%2FK4%2Bw9Ll%2FXTXN5nLMPT22mFkM0fvKIaWtyeF1LhgliAN828SO1qY77CD9u4VxbaynsRhVg%2Bf4dSNjHp5MdukFR4zDM5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 822f01054953693a-FRA
expires: Thu, 09 Nov 2023 15:56:05 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6BBC 25 KB
10 KB 111ms
110ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kw5hdpxvfbvnmg1skz8qfkrxcmpar1dfax0a4we3wq580c289cyaqwxjh8maneqfdanygxddb042w6tv7r6wsn89nhrtf7tnhtfqcqrc0a6vtp15wpyzjq6b3ts934vgnmv6cqe0ffd4bf2jmeqmn8gmqc6a83mvky9q6ddayv8xytbfrrtxwy1y6jqc0g76dqygcfwsa196rmwma691b2xweq4ah7jbmcvgs39a2hrjb3vg9gfak7gxjzf7j58q21849sr04crncrdxgn6dc8ex9m8mssvng8jz1xs81ay8xqvx3rpwzyqs3r98scze7jr1ckq03p3m8ygthaz9h5t5g6rsnxb4zbfrmp9ydm29rr82ts013rss0dkk1501sw3h19s58cnsw8peakdhxkg13y7q4cfsntrccnhr7aek2j2e3k9m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyVZWk69LZaH7NNeAx_AP78KnMJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NDc4MTE4OTA1MDU5OTXIAQmpAjT2-VDP5LE-4AIAqAMByAMCqgT_Ak_QkmQ3vIDHeMczFkKNf34_XJweeN857N3BStaF3RognmA9xsCoeg8OaVTMN2fDslokUtNSCveuj62f04FRtCZVovUCXoVB94EBcIZ3NBoV0PdVUD5aFzMN7-6FDRwjYeavsfOMctXanTR3PMZpjVbTPWvxrjEpcBc8Uw7nlQ_qxYtlk9zDQM6qsqbCG0lENozkHEFGNd2P0f8QBOfiF47KuS6gxmUvWy_LHrZp7ZN8RTdir0KCL6r0KjPi14Nr_h1ZA80-mc_qLjYC6QZ3CKkWwx0F0dqRPJdX5pi2bXYt1LRi8xyMYOmv2HHTSIUp9R10-gMjXpVRwbiUSDHuRDBBDOd55pH3p9BoJnfBQsFqVrEvBQMIv00yipHffr16HSVD2ZvDrTo3PqqDdui7RInJ5PGwmTUKCZ0Kmce92DJE6aNl6bT_rMnzU03YtxWG-7nMfxxNUEJ99CpzfmMvLEk30V4XX1wj0zwAaAsleo9W6-dcPoSTHAsFUaeRmv474AQBgAaMxaP3mfa5ub0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1SUInXoCQNTnmad31-2D1tHEZUDw%26client%3Dca-pub-4647811890505995%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 206089
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Jegta3V9EW%2BAgtfc78R2VgK7Cns9IBiXrkVr%2Fd8hBsV71B24WNKZjiTY4C3sVtaC0FSP%2FFPQiaiXwnUwYBMtpjprZoP8sskXLvljM9EvfZ%2BHAPX5OoMQv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 822f01054954693a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 Nov 2023 06:41:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7995 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 8015 0
234 B 1463ms
389ms Ping
image/gif 74.125.26.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lopxzm2z&c=1738718233837&slotId=869359116918.5&qqid=CP7P2P7htIIDFepoFQgdx9gKsQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.26.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vh-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8015 15 KB
16 KB 1173ms
168ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 164243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8015 15 KB
15 KB 1246ms
242ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 19:40:17 GMT
x-content-type-options: nosniff
age: 159349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 19:40:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8015 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvDTvk69LZb66JerR1fAPx7GriAvB37iHdIGa6vuKEvAuEAEgttfpe2CVAsgBBakCNPb5UM_ksT6oAwHIA5sEqgSjAk_QOR0w9rM39oOP15W7I8Byzr1RUBr3fNnmz5Ff7kk_pTVgXtHZN1P9dWLaufa85-dlVQ0gpRf41MP7yhAVelKzoW06CtqEvGLtnitTllSGyr3iLzN2pDTgJTcPlVNc8s3T-cgmhExA5HJr8mQjlgVwvsv3UpHjOxP7K39_aiJbbAt2e6UW_EUYo4htvGh-zwzC7yg6oiEdEF-TSOXeJ8wBDB--wiBqnQhz17c9mywcFCdUwDmtdeztIg6QEXzRAVov1g-OjouotbhfOBl0JqmReFBBmygobBnZNcE1Mev96B8yp08xTI5kgbh-cVzhBsd0n0I2GJ08JbB2RatS9QT5g8hGYotSwpaWKjATny38Ak-2f6iKNIITMqK9GSpqsYM2ccAEp8exkMQE4AQDiAXd2MOoTZAGAaAGdoAHrdP9mgWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFsBPJqbQVyBPSue7jA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1699458965418&ai=CvDTvk69LZb66JerR1fAPx7GriAvB37iHdIGa6vuKEvAuEAEgttfpe2CVAsgBBakCNPb5UM_ksT6oAwHIA5sEqgSjAk_QOR0w9rM39oOP15W7I8Byzr1RUBr3fNnmz5Ff7kk_pTVgXtHZN1P9dWLaufa85-dlVQ0gpRf41MP7yhAVelKzoW06CtqEvGLtnitTllSGyr3iLzN2pDTgJTcPlVNc8s3T-cgmhExA5HJr8mQjlgVwvsv3UpHjOxP7K39_aiJbbAt2e6UW_EUYo4htvGh-zwzC7yg6oiEdEF-TSOXeJ8wBDB--wiBqnQhz17c9mywcFCdUwDmtdeztIg6QEXzRAVov1g-OjouotbhfOBl0JqmReFBBmygobBnZNcE1Mev96B8yp08xTI5kgbh-cVzhBsd0n0I2GJ08JbB2RatS9QT5g8hGYotSwpaWKjATny38Ak-2f6iKNIITMqK9GSpqsYM2ccAEp8exkMQE4AQDiAXd2MOoTZAGAaAGdoAHrdP9mgWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFsBPJqbQVyBPSue7jA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8015 0
54 B 1445ms
390ms Ping
image/gif 74.125.26.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lopxzm3w&c=1738718233837&slotId=869359116918.5&qqid=CP7P2P7htIIDFepoFQgdx9gKsQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1gi&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.26.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vh-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8015 32 KB
18 KB 403ms
174ms XHR
text/xml 64.233.184.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Awmpi99nwN_gomdMl0usvQbdc6S3Ge8mDTUfY0bRD_04IC5Up40NiqSQG5h9qB2IHkA0N9EmhmEJDU4rU9cJjLWKvqOw&cry=1&dbm_d=AKAmf-DAb6BsREghnIe8lOMJn8jvbYFgulo1uDavdzXXWxiv4CiYj3sQg91KT2R_kHzeZkzwx6kYIBX0ljSnmLfd9qWJfEggq4OXRwrnYSTwXOAs9KvA_Ogq4wh1tcMg_yd0IYvWh5Tkk4KaDWtbyXk82KMV1TBBRcEbPthvT9CWhWDF9nrm5JlwUuFA8WLS8PrrRbUW9DfJB0xTUeTlwoJQ-hE17i0i19gJeSvITcjkFBDApybbzuzywERCxV7eT9BieIPO46TlzxH-WJ2fLysmxOJR4I6OxGZePw0gJD1OzmOeJGN5JO-TkJWzPn9OXPs5hSvBGVzu6JTbzWRH2c7xC3r0-CsXpuAou-3hjWjN2TVBYMP0o3Oh3XNzZdR4cRlat_R32vLAMCqVHFElit2txqqavCH3ABTavXMDtzxaM-JqswGnn9Cwz0sn7jDtJPhlx0tFa7RW6RA9cz7g1_WoiDHAqEdmhOK7y6ZLkoFKtFXnpbiUO6pzWL51ER1YWdLTlWSlSVMaW2vdZiIu4TsVqA7s8bIhEvb1blEh_YAx5myqf8TgqZXwtOqXvCqHej2l_3FwCcSzL-0qQBhvxGbveJ2OjOE5WElSZxZOCaHfC-88iYlsANaqJQOw9foW-UBtExkk29PQFCdBlm3CQ1ZkO0opycXkjcmZAzP4xpVvO6-KO2TIaeRvcIBEh90GUZOrUWaHntrRDl80IeJQpF1bdVK0ccOIEO7zf0OhLp76kEnKoHJZIajlObYBrcRP1-Ode4txHH5dvVhlzCayF90E-j9oN0uuZG0ZGfTA5zO7rbxrk0rEWA0-Nnsd6QILnPe-_duXbsCJ-5p8zhbdI9uy_JlHb0WXjqklWbfxf5Fdh560WSu8CGIxW1bBft-VnqI2wkqxPX1TCXddi_fe_RDoJNhLPkTTTte3cjPs0sR-bIbfTQCFeD5bPdlWVCzKXFIqHRA-TggUVBfycxhmHYy5KjtR9mXAzyEE9snYY4F-1JveaX_oEYHBxtsAbXVZzDV2CN3fbFeoCQt-hilpde3Qr39_iP4DGErya0szkRK3xTXebSHlXzDIYAJPJo2KMEVnchkPyTFOBoVuXzBXUofzwHy-u2M6ozTpnqmS7ZZ4FUMBhTKg389pZoeQhY3YIJyG4yUy2CtvcBfw6tcOFxOStjBtdPRDOny3sUgmaM1GGzotfI1S-w__8u8pvLKgPUMZcApLTN6GPxHA6IG1G7zxlT0T-DEiY-gcmPBk_zKKKQavdAGi5nzcQ8tC4mNYCfS816LFqhTjwnhYJZWUvNINpwrj2sSlefjXh2uuaiWc242a_-tv89PtCKQ_l9dshyCYvMvPhf4trpRLqMSrdD2MXiPqawEwNCakky14j6fWe_R4cwQcCLL20ygIUvJsG6eaDvOQfUjzXZ9E9yjyynqsffena2ywk4wZmrbtM6xoYhdNbYem_fcwSNdRIC_0KFJ8mDDGho0Wx-wDLyQSr3zKnkYDlsRLHJRCcEjzj8xa-taIDsBD7urXp5yalrgRKi-P4iC7_VSfL2oxDwIkmnz6XjpQqfmpB3ae0FV7fGZ0JFOXyMCkSTa7mtEzUpYuTfsLbPAooMfTLSxgx6KqcF_7NscWENMQ0nFsxRFJvCj5azgnAerdurjNjllXcJpfWQZd2f6gtSY4_uw44C5THGES1nzGI5_qmW_pEfFZ4-jkGo-dAcYgUycLibL0uuzfWCTZ7-GHFidYgv1NoaeFcpSP46Mr_Gqp0XJYSKM3qMu3YwEG3HYmMUnpXgXF77PIym_FxQD3dUrN89CwK0KXaOWgyXGZLXeK_lCW8iZLSS6K4E_iv5Sv-woCf5FVNGjoWCefgfuZr4Ac68RG5w9FH-DK9HR8ZezBhXaYi1Y0bTUHbuHvfP6tJzVR0ajy1wNg9VHhye7iBN6YmWzFAsW8XExlyu8PA7j7Oquuc5Bh4FtpvpHlWK6f5YePbx5y8HWTc7htrqStiEs8rJZKRirs9BbqBNRiqVba6OHtB9wcnqAhwaaVgiljNIr_l-Wo9KaY4uE6LuZjWi0v5nRqbrtokWTpWhOKyAW3asUG6OfBDhtEw7uPkBLWIWiPuS_9A8EgG9vRaVat2x23A3wFExtYhBVsGNu3f7G1lhPk1vUT9htkt-yyU7UuNGYIzqHOuFVxRl-efFiUD5jyc12RcMEfh_pHenbiFVwKiA7TtbXdoRny3kdykSHK-9Rb5_X6XkvnhhFmiHv3HCQta0QbQDaD8lnKhGGDgOfAOx4KmQnwH4RP7vT2r7eeoFIIaPfHE_PDlHpFu9bVzvW5EgxDnOlYVCzGYnKBniCf3p1kgw5KngCfKKIcdrWk3WvZ_6-pLN4M0TE8XkPlcjkFL-gFVASR7d9m1XV_Dyrqp7EQvggtcT9_hUdeUrFC1Gc8VSF2yN924yfmqt2POh4h0YnMlvczyjQShIULKU-Y8dcQ8xwz1whF2_w65lu3KTj_oFJLcRf_LTMxw9Hxq4diOfnbzbK0ER0MRld9XKQ8GJ7kLToK6C3lr1w5csTc0rCd9l1CB6aXh4598TaAelCu4uj0ONXbdau1YaQsrbibVEN1I_2Wp5DkUkeeYZV4F11tkW3dfl3QMYCvHsZB-MI4mlhKUKcRhRfA5tgZqen8rnP6EGLWnmj3yq5_0Pqh8IoVq9TJisjZzZb10aOA-AWqXxe5uBKc9w6VBlu_fLyGnZHWsMxSqpHt-bYu1Ab5ylTLCutVDQ37V-0DQUT2fQqR-EuYWCR8ZU1H-l0-rfZ0cTYuP5tSe0k412_LYv7tXxeqDEb66_3t1Kttsb7WoDUmjvJMnO7pynr78a1_Jd1WcVu5vmojqJbCA6TQoATblWOR0-WKaODVr0OeRC9sYxrn9At5kReErUoze0HIeghYdXNdbst60YrXTKGY8jo8WoKlUQH8CEEpGVrryjtJwhh0xwvFw2tJUThSiu2HkWSM_ojV5Mu3wMvScTKfebnRCbqLdaMdDS5ghksfd9HV2SSuD-tgEq4NWSlMBUmUElS3v0l96XCHQOdvxRveoBAAc-9qS_5aTAswrhvn6QFcJ4piYGTbTjTxAOOhvrzCrcsuxTaYRojV14ebpMNyN_mc81y1bMTX99kLeoxAltOQtW4waVDkWHvN-ThJwTClSVk1L3bCupBHWkAe3JqUhLcsu57T-w-ZMt5nZkvPSP_gOgDycobVI_m-DVvFrlHcl-Ijy-rdjIiWHn0YM6mYv5eQsTuEWlEYbbxeEScTWxW2xTaFmc-h6FUZkVfQZ8_sIl8I1WamXYD3GjYLCfCEtG1UDKPUhK81BFYeKD_l0J0JK945QAnK06vQevxml64HHwx9eEnQOVBCy8KESIsZcTfN6avnYvyyz0NOnl1KUIOoYCa7Xfm5VQhW-zh6dVXAVEOkTk8bHHuBd9kqSu4g7wyGbsyqhIEPoErDVNE6fAzZQQFC50WV-gk1QJR7ASFLg6E2md3qzR2EmSrVSvku6vyeotLS2VAGxTrnlCL7F7uv2_fqJ7FuQCUQQIt5wyKuUf64C6kttQdk14-9sJv6l1QoUamsxGfBxL3ks6Fb-d_BjXcYWjoJq3KZnCH-VfvKyqrUTOIaLU6c5sEEZNSj-jAdxwfvzhzWUpYpWr8OpR8-iDVM3REUnQirL4wEYjk5K4nGaYJ59Wl6EaJiaFMlcKkk71pvt4aNSSdIGvlGDPDxrW5vHksauMHpqnEfieQCqqN0kIGOuG4h4l5OG-76qqtwnO4zqKxAhyeGqI73QNV8bQlpctVi_S1APQl-bOsM6jbxbI4gzmtcMaQQ4EtTS-vsmiMXvPy1qTMgt2uvLsrxlaFeS1gdHKttdMVHFsgpPs0z6m3Ox-GGZisvvgEP_JV6wFo&cid=CAQSPADICaaN5mqcVqWu5L3Kz8q5Yrk2g8JAQq070SbUEf-PFcXS0MdHt_TjGKRqi2Cppn7SVjYTZ7nC33i-fRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f154.1e100.net

Software

cafe /

Resource Hash

e5ef5bbfd4accbcae1802afe4f870f6d03a74f8b79ac620aab42020366b3d3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17362
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 346C 1 KB
643 B 135ms
134ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 06:27:05 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 06:27:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8015 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da4a9eaaceeff6824fa8cf8a110dbb12795e344279451e3325af8014b6accc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FF5 16 KB
16 KB 1296ms
471ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 80992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Nov 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FF5 15 KB
15 KB 993ms
169ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 19:40:17 GMT
x-content-type-options: nosniff
age: 159349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 19:40:17 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6BBC 3 KB
3 KB 1510ms
55ms Image
image/png 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2732
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzxX22Qrz546HICBUEC145zNsNFZVsjzEFov32ahtBBerNoKSqEN9F1kK%2FtO%2BL8v014feD96wtoXVj%2FZxhFZl4wwsPTwIQE6rX1IHkgDjo600Ye%2FYkSP8gyUhFGf5tRbFuMOwE%2BF"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 822f01104e3c35e7-FRA
expires: Wed, 08 Nov 2023 16:05:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmTu4c3kUqifFW1p14h9V9t7Jwmct94KVAyaIfTy25M...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmTu4c3kUqifFW1p14h9V9t7Jwmct94KVAyaIfTy25M6MxZvpU_ljb2KMrnDxrMB8KNhxdGECk__QXf6e4Kx_Ty5NkOx57V7Xl4

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2023 15:56:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0de411db0dbb18bd6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SUJNMTFDVEMxUjBLVXM1&google_gid=CAESEFigAQDLy4t5V6cdOctZ40Y&google_cver=1&google_push=AXcoOmTu4c3kUqifFW1p14h9V9t7Jwmct94KVAyaIfTy25M6MxZvpU_ljb2KMrnDxrMB8KNhxdGECk__QXf6e4Kx_Ty5NkOx57V7Xl4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFslV3Ax3YjN-1vd1cpb4vM&google_cver=1&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLyddvax_Pn1qPNLOw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLy...

170 B
188 B

123ms
123ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLyddvax_Pn1qPNLOw

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82F98182CEA54BD085B44DA49626C408&google_push=AXcoOmSBT0Lw990JwMJ9DAj5k02-tLod0Y2OLcRiGKfEfKtUkFvXMRWlHZ_J7X6lGSFI-7vfmGt58gkHRgnjiLyddvax_Pn1qPNLOw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Nov 2023 15:56:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELyThSscAsQ0Oeck49fdUwU&google_cver=1&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQjUo7...

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQjUo73HkJbjBTXh72U

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5OTEyMDY3MTI5OTQ2NzQxOQ%3D%3D&google_push=AXcoOmSzg3SyKdFGTi49QYfeh8iOn7oPDUp2qzCAyQ1RooSNqYkY_W3GwcLew-J4f5I8QaILI_DCIRCfe4najQjUo73HkJbjBTXh72U
Date: Wed, 08 Nov 2023 15:56:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQacm2Dk1JxybaS78vYtt8&google_cver=1&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYzkbBNlrg&google_hm=eS1LZGg2SjExRTJwRzUy...

170 B
188 B

108ms
106ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYzkbBNlrg&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk7cMbg8zdNUU5m3DSZIak6q5YhjRv4ZnSTVbrRcpQ5kdHo32ElI1KAC5zNZnmIbpm3sGI947uvHrkSwUics3dyYzkbBNlrg&google_hm=eS1LZGg2SjExRTJwRzUyQjBtOGlucXlRTkZrNmpkaTl5S35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDx3dx0KucwB5fTx-J_u-yI&google_cver=1&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHh...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHhdjqqdfXI

170 B
188 B

109ms
107ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHhdjqqdfXI

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3YzSCgJ3za6PrEm6cKOfxch05v_yeS4cjYe0gvMVGxnAko0V2-bGen6sAO3Z421Gd0cHiG2eVjl0IUhGV0fOJqHhdjqqdfXI
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7995
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoomk5VBK07ya4mzg7V1i4&google_cver=1&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7k...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7kAEIyWBAWRRWrqo2uBQ

170 B
188 B

57ms
57ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7kAEIyWBAWRRWrqo2uBQ

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRN_KkybEZwArfEA_jdKHi77w4nQwXjv-SYQ7VWmyAcMf0K0Lcw3lwi9oHioLunSCsySld1UQ_ymV7kAEIyWBAWRRWrqo2uBQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 7995
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKAc6hqhOg0K...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjQxNWM4OGYtN2U4Zi00MzJmLTk1ZTAtZDVlZWI5ZTYzYjY1&google_push=AXcoOmS6RQ37_4FQATtQTtPaPaeGfXex6dIq6W7ixrMaHDUhnBZVMKUeojmEOxu4Ad-Jq...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

126ms
120ms

Image
image/gif

23.35.233.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Server: 23.35.233.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-233-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 15:56:07 GMT
pragma: no-cache
date: Wed, 08 Nov 2023 15:56:07 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7995 0
12 B 85ms
85ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4EpO-oRnDZzaR1M0-UAYLtWCKTtSzuPdib1k8JA0zLev_NpT6MtL3ejJSyZiilg4zCP84XQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 37F2 2 KB
3 KB 122ms
122ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1271372&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fbde7cf29d6147310ac82b6002794f634b626f0a797703191f01113eedd3e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 15:56:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame B59D 50 KB
19 KB 143ms
143ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 06:26:12 GMT

GET
DATA 200
OK truncated
/ Frame C6A7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0887b32f16a0117d95e957de429752d5864318f5997e67bd19081b78c5bc724

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FE8D 3 KB
4 KB 1479ms
54ms Image
image/png 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2732
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd8cENKq4ZFus9lJIrovnLfFRKpgcNk89n4%2FyC%2BwiF%2FuKiuMRnpPI7GwAM2RsfYvPvcWOAndvjex690r1ZdGeWSGHAbapheMInWiwrC44MEPC5hRamu%2Fg2qG3M7zuAXSys9ip0ae"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 822f01104e3e35e7-FRA
expires: Wed, 08 Nov 2023 16:05:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C659 2 KB
2 KB 795ms
794ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 206090
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 822f01076a1c1905-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: Mon, 06 Nov 2023 07:23:58 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDlmzGz3I8%2ByEENhreMBCfpPRK8ud2DZME8%2FoBG5aFR7oM1xZAfbXCQB7%2F1wd0ogeVGi2Gb5%2F6Gt4UCc%2Bl%2Bpv3509oZCXrqlT%2F5kaTjK8Upas0VyTr1YhWejpG3HRcFCpPU6vPk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame A18A 2 KB
2 KB 794ms
794ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 206090
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 822f01078a571905-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: Mon, 06 Nov 2023 07:23:58 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbmmbtuIEikpET9eFG95l5lmamE8zorQD86jh4ohpdA45EI4WvkaQo1Uctq%2BWLHpUCXz5Tis6VbKLSzuUizjRWgsvsrI5esEakWvlOUygqHWkvsT8mrXIYd28taNZgi4NtoSlHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 46B2 50 KB
19 KB 786ms
785ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 06:26:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6A7 0
19 B 788ms
787ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9-3tk69LZcnqILe01fAPzrq06A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAjT2-VDP5LE-qAMByAMCqgS4Ak_QYMJ2wHYO5clQWNUthlkjMRo0_gVix0ecWY1bAGSc9_hMmDjf9FH7eJQIUU1qzumnPbCOjcqfqdxYzOcnrQJCKrQ5Q0-Cg7Z_OWgSxC-kZL13FxNpnYdaasCd39dB9_GbgJUT9A3qfppUbxRuP2F9zlt7D1klsOdFuvcrRT9KWoh2YZ1b8stO5nihOw44r2owmrzWsLaKeSkzIe2Ci5diiNnu4o35dwJkZJGV9Rh1lUUUgj06kWf08xd10B3dK0vG8Hk2ONsi6TQjDf3kdpoWIV096D64NmxXlcWEzK2g60ZaiF7Su5ymP48i5Re5uRsXegHrEvOm4u21lgVhkP3R_TIbTTu-zEYESryqTn67EEJN0FWX1i2VvG1-i-wB7EBysVGjynEACJn5JY8dGhbTwK8ihvm7-oAGuJ761aXyxYPWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=TDWQ7j51Vxc&uach_m=[UACH]&cid=CAQSOwDICaaN5nCFc_RCK4m1M2N6PyLNsfkKC74p6tDKdztjTEEJCz9GLXUGaKBPqmDoBD7LMkH_AmKRXZioGAE&cbvp=2&vis=1

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Nov 2023 15:56:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C6A7 0
39 B 128ms
127ms Image
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jwknqd82m588fvfqja4dhx9cm02scc7fypfj728zkqkk95wec3d6f1dp7j7ndvec6v4nrzefnkwgbr0c7x62pq0gy8wpqrc8wvgpyqmfwkgd7rz9scksvdqhgasa5tsjz4379tvaqghj4qb6jyryt103b3dkh7yk5gp5bnwsv64xhfy04tgazr137tp4zevk2s7jbngmhrsw3trcrcnh19hjh6ct1vp8d74j57pp8jkw15b4qaqsvdmmfjbc45yz45ggxymrd4r1an81gjdzv0c2nzsx6n1cp04c62bb84tjk04tzkdy799c9s4gacekmg8vc9e8ymk5p0vs3vsdqtreg34gaatq0am49cv66w643mqj5mwyswe7j29gvfxdmcr5yy628&b=ZUuvkwAINUkIFVo3AA0dTm_TI5BJtKCh7xaFZw&cbvp=2
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_cver=1&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4e850391643c16ac&is_secure=true&networkId=14000&version=1&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_cver=1&google_push=AXcoOmR611el...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAID8wcle0RpwMlHtvaAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEPILDmigrs66leIW3OnIg...

170 B
188 B

165ms
164ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAID8wcle0RpwMlHtvaAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4wawrf3ygwl34IYNq9S3cd2Yxj-ovM_lGzXykZXJdHRkZKBQ

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAID8wcle0RpwMlHtvaAAAAAAA&expiration=1699545365&google_cver=1&is_secure=true&google_gid=CAESEPILDmigrs66leIW3OnIgqY&google_push=AXcoOmR611elGVwM_XVfS4nVL0kul0V8515C63aaKbzgQVy3e2RFoV4wawrf3ygwl34IYNq9S3cd2Yxj-ovM_lGzXykZXJdHRkZKBQ
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 346C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZY...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeB...

43 B
422 B

303ms
290ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 822f0112ab423a66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:07 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 11
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgoxYqf432yQ7K3mUrh3c0&google_cver=1&google_push=AXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTx5bOyQC3EIBPJ013gf-ICtG4LxrrucLhgqwfq8norXDmnkPDTk43iX-nDlOxB9wREcZxJC_kwrjsl4yzASP9hiZjTeeBZYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 822f0110d8513a66-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRU3cbiIqyJLVSOW1H67ME&google_push=AXcoOmTKBC4QGSAWM-hXzJhlsoIFKjHdIMIgHJrj5YcKjUFpOIlF5WCMeN...

170 B
188 B

165ms
165ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRU3cbiIqyJLVSOW1H67ME&google_push=AXcoOmTKBC4QGSAWM-hXzJhlsoIFKjHdIMIgHJrj5YcKjUFpOIlF5WCMeNlGlQH948ZIiJyzHOXi_uT1HM_s-0JnbgNMjX_lscwMwmY

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230064-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699458966.777880,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRU3cbiIqyJLVSOW1H67ME&google_push=AXcoOmTKBC4QGSAWM-hXzJhlsoIFKjHdIMIgHJrj5YcKjUFpOIlF5WCMeNlGlQH948ZIiJyzHOXi_uT1HM_s-0JnbgNMjX_lscwMwmY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 346C 0
174 B 941ms
202ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOwuJSw_LxM4R0DyPotFzgo&google_cver=1&google_push=AXcoOmQ1GgPBPHU4gS-0fyqpy2g1qoW8eBbQksC-WkBAWwQFvBt3p6UkzPDRNaGiMBFvb6EUQztqaYqRiZpuwaAVx_NCMvT-pTWBzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963122&bpp=1&bdt=622&idt=420&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=4177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QpHqSCHFjL&p=https%3A//cybernews.com&dtd=423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 346C 0
42 B 682ms
679ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTdJGA67-eJeTM1h6P2H65CDTD6Zqnxm1iyv_wWqQx9N_bjDXnNb_Rhv6DTO4lSFdJBuWcw5ApItiCbrsTqjFPnwCPLNNyRhw&google_gid=CAESEGNv8afR-3_QH5GsdCxb2nw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1699446535&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fcyber-war%2Fpolish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699458963122&bpp=1&bdt=622&idt=420&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=7106346698344&frm=20&pv=1&ga_vid=252605014.1699458962&ga_sid=1699458963&ga_hid=1460259174&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=4177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079346%2C44801484%2C44807454%2C44807464%2C31078297%2C31079473%2C44808148&oid=2&pvsid=1112288247702857&tmod=1747271372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QpHqSCHFjL&p=https%3A//cybernews.com&dtd=423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF0Y_Hkic0VsaU_OzrbTmos&google_cver=1&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jPrk3UrjhhUGFQ-A

170 B
188 B

203ms
202ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jPrk3UrjhhUGFQ-A

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:05 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AA49zeGjSmQXTrqZL4Cj1Q&google_push=AXcoOmQoUba8HZSd9j_AqRsVeDBF2x5Kc8pb6C0wQ97BZ_ncv0hBsBL-nS_XEwOPpsIIqqsw0qnLHVgsnP4gB3jPrk3UrjhhUGFQ-A
x-host: tde-deliveryengine-production-bb588bf9-l6sdz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 346C 43 B
362 B 121ms
120ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT8q33ueXkze8Pxp1MjY4q11K-uz2WYE_ft0ekn2tr-R6C6edljBp6aVVyh8byyEZ22vuw4YceMprXCj3zL-Aw698aZ6KOnM1c&google_gid=CAESEE3sV_ft52BQFNziJfdKpqg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 232117
expires: Wed, 08 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 346C 0
12 B 104ms
104ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_7ElkVuJGdAIj8XAKFUo22GRmKc75sI7-S9fnWrJZY7nvMzYKlnNk9tr1cSDDG9xcNVSX

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

setuid
prebid-stag.setupad.net/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&f=i&uid=7075889964596732407

86 B
684 B

86ms
85ms

Image
image/png

104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&f=i&uid=7075889964596732407
Requested by: Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/
Protocol: H2
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KVbGjvRYP9MndppLRSuwJv2TtOrA0lkG9JRQai0e0pGJS5y1U9qiReZCeUAT5XQ7VIvkonfvBD3oONLWipIo3sFkGLpwDLOFbFezdhE5EegWpvRU2jm7MtwTvh4X4kE5XlOMCilweq5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
cf-ray: 822f010f3f0cbb97-FRA
content-length: 86
expires: 0

Redirect headers

location: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&f=i&uid=7075889964596732407
date: Wed, 08 Nov 2023 15:56:06 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame 2483 43 B
443 B 1113ms
389ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 08 Nov 2023 15:56:06 GMT
Expires: Wed, 08 Nov 2023 15:56:05 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D03C 43 B
362 B 72ms
71ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:56:05 GMT
expires: Wed, 08 Nov 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 196839
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 04F3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

216ms
215ms

Document
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 08 Nov 2023 15:56:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5G413QXA6DABNB3P1EWJ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 08 Nov 2023 15:56:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B2MRCCNBQT4H155N48PJ

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FD74
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UDn9cgdq8CdLOat2Am_kJgI0qiVLNfonBDn2mi3l

42 B
414 B

86ms
85ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UDn9cgdq8CdLOat2Am_kJgI0qiVLNfonBDn2mi3l
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 08 Nov 2023 15:56:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 08 Nov 2023 15:56:07 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UDn9cgdq8CdLOat2Am_kJgI0qiVLNfonBDn2mi3l
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2 200 setuid Show response
prebid-stag.setupad.net/ Frame A5F7 0
534 B 694ms
693ms Document
text/html 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 822f0109de71bb97-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 Nov 2023 15:56:06 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PLeM4%2B003ZWsl5p6fWCNjaosYaRstiAl%2B9jPuodHDJ5TWc%2BHDYI1RKYbnLnwhg9rNZdXrL7eu8igLH1JAbCWkHUu4rqQWWm2oYWcgYFQ%2FOOVKH%2Be2cteXW3WmnMVEgDb6F08vUjUXNL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DhfnsWMjQdyNag8vLlFbaw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

616ms
615ms

Image
text/html

23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:06 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=138805
accept-ranges: bytes
content-length: 5606
expires: Fri, 10 Nov 2023 06:29:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 37F2 49 B
265 B 1107ms
409ms Image
image/gif 52.48.43.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.11.77
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 37F2
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1228720579
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B

0
284 B

222ms
83ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:07 GMT
via: 1.1 google
last-modified: Wed, 08 Nov 2023 15:56:07 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B
date: Wed, 08 Nov 2023 15:56:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 37F2
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDAzUUxpT1BZMU5SMy1CQWRHSTBjSW9iUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=7075889964596732407&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

113ms
113ms

Image
image/png

54.74.78.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: HTTP/1.1
Server: 54.74.78.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-78-236.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 15:56:07 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 08 Nov 2023 15:56:07 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 37F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEUxN0U3QjEtNjMyMy00MURDLThENkEtMEYyRjJFNTE1QjZC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

1066ms
233ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 08 Nov 2023 15:56:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 37F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-hMCLyCXL0StdeR8J_IjQ&google_cver=1

42 B
498 B

1048ms
229ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-hMCLyCXL0StdeR8J_IjQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 08 Nov 2023 15:56:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-hMCLyCXL0StdeR8J_IjQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 37F2 43 B
409 B 629ms
627ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 07 Nov 2023 15:56:05 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 37F2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7075889964596732407

42 B
474 B

551ms
85ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7075889964596732407
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 08 Nov 2023 15:56:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7075889964596732407
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 37F2 70 B
148 B 626ms
625ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 37F2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0E17E7B1-6323-41DC-8D6A-0F2F2E515B6B&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NPCYh1hE2uXpTEI6MydnTK2boLUllyA-~A&gdpr=0

0
260 B

480ms
76ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NPCYh1hE2uXpTEI6MydnTK2boLUllyA-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:56:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NPCYh1hE2uXpTEI6MydnTK2boLUllyA-~A&gdpr=0
date: Wed, 08 Nov 2023 15:56:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 204 csi
csi.gstatic.com/ Frame 8015 0
54 B 947ms
391ms Ping
image/gif 74.125.26.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lopxzm4f&c=1738718233837&slotId=869359116918.5&qqid=CP7P2P7htIIDFepoFQgdx9gKsQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.26.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vh-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:56:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8015 41 KB
15 KB 634ms
631ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8015
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

568ms
64ms

Fetch
video/mp4

74.125.173.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/681A7354BDAC8A2D9CF06D2F576ECB87B1BC622E.5F58491C4E2A879DDA89D4BC2AFBD54CA0BE0A32/key/cms1/cms_redirect/yes/mh/98/mip/176.115.237.224/mm/42/mn/sn-4g5ednsy/ms/onc/mt/1699457892/mv/u/mvi/1/pl/24/file/file.mp4

Requested by

Host: cybernews.com
URL: https://cybernews.com/cyber-war/polish-stock-exchange-banks-knocked-offline-by-pro-russian-hackers/

Protocol

HTTP/1.1

Server

74.125.173.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s39-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 15:56:07 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4188249
Last-Modified: Wed, 08 Nov 2023 09:11:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 08 Nov 2023 15:56:07 GMT

Redirect headers

date: Wed, 08 Nov 2023 15:56:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5ednsy.c.2mdn.net/videoplayback/id/07d835a0a2fbaefc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730994965/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/681A7354BDAC8A2D9CF06D2F576ECB87B1BC622E.5F58491C4E2A879DDA89D4BC2AFBD54CA0BE0A32/key/cms1/cms_redirect/yes/mh/98/mip/176.115.237.224/mm/42/mn/sn-4g5ednsy/ms/onc/mt/1699457892/mv/u/mvi/1/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame FE8D 2 KB
2 KB 224ms
223ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae9437d172e787f4d0120caf30c46671eb63bced270daa49fe9687ea4c25c96

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Nov 2023 15:56:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNac1M0jp2czW1ZW%2FmxRuCMAYWSZMNNoQtFi56TI0EGoKhRKdIIDK3SiyqC6s3ohevXdlVkYIV%2BOAqkxwlJx6znNBWhyd51BWU3I178DPI1K6f9a0k74YZlelH%2FRbEeEdXujdTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 822f0111ab013a5a-FRA
x-backend-server: aa-reachservice-group-europe-west1-n12f
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 706ms
392ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 822f010f6fb73a5a-FRA
content-length: 24
content-type: text/plain
date: Wed, 08 Nov 2023 15:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGZgvFCCi3avo0CFOQXDS19hFF%2ByYr9Nft62Ql6noN8zqWxVGDlr42F%2BmWyXSA6GXhRt3qCUMQUEwY1cE1f5SuYdw3YaJb9Sbha2IJE3oWepqxRPvsrqTLS6Bz%2BSZA8qUiTz2J4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n12f

POST
H3 200 rs Show response
ad4m.at/ Frame 6BBC 2 KB
2 KB 224ms
223ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76bf9d4f8742c7d10c8ac52305b3626422b93f6ddbcef82688bc7b2caaed5896

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Nov 2023 15:56:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hiv6uMXC50ZXSO36BdrYZjjExt37K%2F%2FihskDO4%2FUGL0fCm%2FhMrH055F5Jg3ijPr4tK7eafSBusMtKe4eOw4G5g5xJaCYxc9tUD8V%2F%2FhZ0%2F6gSjrMGmt4gDqvn5xdsDiyzKIT8c0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 822f0111aafd3a5a-FRA
x-backend-server: aa-reachservice-group-europe-west1-n12f
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 704ms
391ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 822f010f6fb33a5a-FRA
content-length: 24
content-type: text/plain
date: Wed, 08 Nov 2023 15:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjN%2FPpDMOt%2BIVv6K43mkHveVnL6kTBeuWpkxV3sCCX8ORVzY3noH8ayzg7d%2BMf2VPyWYSPOouMwy5ezq%2BRKLgtnhpgdEALuclshTMYaWAnkpM9k%2BYZi45HVLOEAmUxCBK6XEYFo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n12f

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D21 23 KB
8 KB 270ms
267ms Document
text/html 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS