www.postfun.com Open in urlscan Pro
104.111.244.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Effective URL:
https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Submission: On November 19 via manual (November 19th 2021, 4:44:21 am UTC) from US — Scanned from DE

Summary HTTP 353 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 53 domains to perform 353 HTTP transactions. The main IP is 104.111.244.200, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.postfun.com.
TLS certificate: Issued by R3 on November 10th 2021. Valid for: 3 months.

This is the only time www.postfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 89	104.111.244.200 104.111.244.200	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	13.225.78.42 13.225.78.42	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	13.224.198.4 13.224.198.4	16509 (AMAZON-02) (AMAZON-02)
2 11	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	34.197.208.127 34.197.208.127	14618 (AMAZON-AES) (AMAZON-AES)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	18.184.69.62 18.184.69.62	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	35.156.217.149 35.156.217.149	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	34.251.154.165 34.251.154.165	16509 (AMAZON-02) (AMAZON-02)
1	44.238.136.108 44.238.136.108	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
25	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	54.201.251.82 54.201.251.82	16509 (AMAZON-02) (AMAZON-02)
1	34.223.151.79 34.223.151.79	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2 9	52.35.10.191 52.35.10.191	16509 (AMAZON-02) (AMAZON-02)
6 7	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
11 29	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	199.187.193.185 199.187.193.185	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	54.195.238.9 54.195.238.9	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
3	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
2 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	35.82.147.164 35.82.147.164	16509 (AMAZON-02) (AMAZON-02)
2	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
1	13.225.78.56 13.225.78.56	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
6 6	18.184.28.154 18.184.28.154	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
4 16	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	54.77.236.168 54.77.236.168	16509 (AMAZON-02) (AMAZON-02)
2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2 2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	3.120.83.159 3.120.83.159	16509 (AMAZON-02) (AMAZON-02)
2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
353	65

89 104.111.244.200 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-200.deploy.static.akamaitechnologies.com

www.postfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

hive-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.208.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-208-127.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.69.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.217.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-217-149.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

s.update.hmstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.136.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-136-108.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.251.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-251-82.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.151.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-151-79.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.35.10.191 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 15.197.193.217 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.185.130 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.185 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.238.9 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.147.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-147-164.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.184.28.154 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.236.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.83.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	postfun.com 1 redirects www.postfun.com	821 KB
47	doubleclick.net 13 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net	227 KB
40	googlesyndication.com pagead2.googlesyndication.com 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com tpc.googlesyndication.com	324 KB
25	facebook.com www.facebook.com	2 KB
18	3lift.com 4 redirects tlx.3lift.com eb2.3lift.com	8 KB
15	hmstats.com s.update.hmstats.com	52 KB
13	redintelligence.net 1 redirects hal9000.redintelligence.net hal900015.redintelligence.net hal900021.redintelligence.net hal900028.redintelligence.net	25 KB
12	ad.gt 2 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	16 KB
11	openx.net 2 redirects hive-d.openx.net us-u.openx.net u.openx.net eu-u.openx.net	4 KB
10	google.com 1 redirects adservice.google.com www.google.com	2 KB
9	facebook.net connect.facebook.net	657 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	42 KB
8	yahoo.com 1 redirects ads.yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
7	adsrvr.org 6 redirects match.adsrvr.org	3 KB
7	casalemedia.com 3 redirects htlb.casalemedia.com dsum-sec.casalemedia.com	5 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	lijit.com 4 redirects ap.lijit.com	4 KB
6	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	yimg.com s.yimg.com	7 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	google-analytics.com www.google-analytics.com	23 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	p-n.io cdn.p-n.io k.p-n.io	56 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	11 KB
2	adform.net c1.adform.net	661 B
2	mathtag.com sync.mathtag.com	860 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	turn.com 2 redirects ad.turn.com	824 B
2	zemanta.com 2 redirects b1sync.zemanta.com	916 B
2	bing.com c.bing.com	852 B
2	avct.cloud 2 redirects ads.avct.cloud	898 B
2	linkedin.com px.ads.linkedin.com	881 B
2	de17a.com 2 redirects d5p.de17a.com	720 B
2	2mdn.net s0.2mdn.net	678 B
2	contentspread.net cdn.contentspread.net	88 KB
2	webgains.com track.webgains.com	56 KB
2	teads.tv sync.teads.tv	344 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	622 B
2	google.de adservice.google.de	957 B
2	sonobi.com apex.go.sonobi.com	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com	523 B
1	simpli.fi 1 redirects um.simpli.fi	708 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	aufp.io aufp.io	3 KB
1	postrelease.com exchange.postrelease.com	393 B
1	scorecardresearch.com sb.scorecardresearch.com	1 KB
1	taboola.com cdn.taboola.com	929 B
353	53

	Domain	Requested by
89	www.postfun.com	1 redirects www.postfun.com
29	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com eb2.3lift.com eu-u.openx.net
25	www.facebook.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com googleads.g.doubleclick.net
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.postfun.com 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com googleads.g.doubleclick.net
16	eb2.3lift.com	4 redirects www.postfun.com eb2.3lift.com
15	s.update.hmstats.com	www.postfun.com s.update.hmstats.com
9	ids.ad.gt	2 redirects
9	connect.facebook.net	www.postfun.com connect.facebook.net
7	match.adsrvr.org	6 redirects 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	www.postfun.com 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
6	x.bidswitch.net	6 redirects
6	us-u.openx.net	1 redirects googleads.g.doubleclick.net eu-u.openx.net
6	www.google.com	1 redirects tpc.googlesyndication.com www.postfun.com 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
6	ap.lijit.com	4 redirects www.postfun.com
6	securepubads.g.doubleclick.net	www.postfun.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	s.yimg.com	www.postfun.com s.yimg.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	c.amazon-adsystem.com	www.postfun.com c.amazon-adsystem.com
5	www.google-analytics.com	www.postfun.com www.google-analytics.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com
4	5994599.fls.doubleclick.net	2 redirects www.postfun.com
4	sp.analytics.yahoo.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	hal900015.redintelligence.net	1 redirects 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com hal900015.redintelligence.net
4	9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
4	ib.adnxs.com	1 redirects www.postfun.com googleads.g.doubleclick.net
3	hal900028.redintelligence.net	hal9000.redintelligence.net hal900028.redintelligence.net
3	hal900021.redintelligence.net	hal9000.redintelligence.net hal900021.redintelligence.net
3	hal9000.redintelligence.net	9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
3	www.googletagservices.com	9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
2	c1.adform.net	eu-u.openx.net
2	pixel.quantserve.com	eu-u.openx.net
2	sync.mathtag.com	eu-u.openx.net
2	ads.creative-serving.com	2 redirects
2	ad.turn.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	ads.avct.cloud	2 redirects
2	pr-bh.ybp.yahoo.com	eb2.3lift.com
2	px.ads.linkedin.com	eb2.3lift.com
2	eu-u.openx.net	www.postfun.com
2	api.webgains.io	analytics.webgains.io
2	d5p.de17a.com	2 redirects
2	s0.2mdn.net	9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	cdn.contentspread.net	hal900021.redintelligence.net hal900028.redintelligence.net
2	track.webgains.com	hal900015.redintelligence.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	dpm.demdex.net	2 redirects
2	sync.smartadserver.com	1 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	adservice.google.de	securepubads.g.doubleclick.net
2	k.p-n.io	cdn.p-n.io
2	apex.go.sonobi.com	www.postfun.com
2	tlx.3lift.com	www.postfun.com
2	htlb.casalemedia.com	www.postfun.com
2	hive-d.openx.net	www.postfun.com
2	cdn.p-n.io	www.postfun.com cdn.p-n.io
1	ups.analytics.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	um.simpli.fi	1 redirects
1	analytics.webgains.io	track.webgains.com
1	u.openx.net	1 redirects
1	pixels.ad.gt	p.ad.gt
1	ads.yahoo.com	googleads.g.doubleclick.net
1	token.rubiconproject.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	amplify.outbrain.com	www.postfun.com
1	a.ad.gt	www.postfun.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	exchange.postrelease.com	www.postfun.com
1	secure.quantserve.com	www.postfun.com
1	sb.scorecardresearch.com	www.postfun.com
1	cdn.taboola.com	www.postfun.com
353	81

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
www.trend-chaser.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.p-n.io Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-28` - `2021-11-26`	3 months	crt.sh
update.hmstats.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Frame ID: E7493C52EEB52709BF0E9E99AFBBF7AA
Requests: 201 HTTP requests in this frame

Frame: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E51D924B47340EBDF62AFC40B857A6B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EB537CCEE3CFB11FEC32F4B2E1A11ECF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1D167A342604483F4B0547AECAF3958
Requests: 2 HTTP requests in this frame

Frame: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BECD1C90F170FE65CA97E1E7700F1F5A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D857812F6DC53B2A8D5271218CE92CA7
Requests: 13 HTTP requests in this frame

Frame: blob://https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe
Frame ID: B73848455A8058DADC8AA8BCDA2BBF98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNUOhLGiJiFj_uHjGaa8IZfhZubCYY7JNVPRqNl7G5hE5hclF5Bf4XyD2cimMJVt8xgVZ9H2abuQJA3b_iSAdQqX3LevvTbz7unblQ3GPCl1BDt2PKBkwXDWRpGl2PKwpoUlG2Y0CcPndW8EZoI3K9hgC5AcDvzs_fhA-VCDtWqGKIzWzjU
Frame ID: 44D0BB4DD8994B64B50CD11274731D10
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27B7A01E1766EA18F6452DFE52BE1005
Requests: 3 HTTP requests in this frame

Frame: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F844FF2C35E7FCBC5307A628CA6DD0B0
Requests: 12 HTTP requests in this frame

Frame: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D67214875EA29B52ABD736CC66F0B4F
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1E6E66666D5CD49A0CD8C96501B52352
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg
Frame ID: 347D2F8C83E18AAFEC3685BED8B3E5B4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX3HP2-_uc0MoFQ4uDM562wiDqlwwx2U9poFMD8Q_hKEfVALLwzgNnbH625-WEQrDUKCkcv6p0eTHVT-ToldN8C35Gka1aGLrOqG17dK66ib1tpHII9Z-kSdcdxlldLIjuKtb3R6dve7ANqLkEvqwJ4zQmpLaq1zs2fXPgB56QkTygRkIU
Frame ID: F4DA740FC148592B8F3CEA7F64A831BB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0016BE0FFC2A35B8ADCDDCD956CE9229
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4F5062EB0A2AD8689AAD7B47224FF91
Requests: 3 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
Frame ID: 8FC1D12F38DB52E5CD039623C2800760
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A67B2CAC7BFCD3357E11FEDE0B8C0D30
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45
Frame ID: 8635ABC59FAD7D7C1129F4A2EE7CD876
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=45600500013214900710612011783021&a=909335eb
Frame ID: C75CB39C3A01B2F6044F6F8E77696E38
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33ECDEC44DAA0CD208A31CEEA1D6235E
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062
Frame ID: E79E213662AD4605345584EE933BE9DA
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=70395700012567000710612011783028&a=527fdb7a
Frame ID: A852EA6E48F818C22095032643A6887B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 633A69B4DB3A7E16918C268A50E39456
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5BFF994E3577EA499EC6F576D6665C96
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E6BE3A497B15698F3AA8DFF7332B1C12
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BD6A79FD7ECC77DD9924FD0F8ACE1E10
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 724F85C04FDC15474721CDC8775B5C95
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9A897F44111A9FFE91BDC7F0D45AB8DE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D443DAD4C55EC27DD5DFA26198ECA8AC
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Frame ID: 92F03D5899C769D19CD046EF1D5D8F50
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Frame ID: 7FA444A76395E8BFA00F42F5E3FC564D
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Frame ID: 8163FCA52861F742CE74C59B5FC4FE98
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Frame ID: 8EFCDB1B14D2847D3257EDF625DBC43E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Stars Of Eight Is Enough – Then And Now - Post Fun

Page URL History Show full URLs

http://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/ HTTP 301
https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/ Page URL

Page Statistics

353
Requests

85 %
HTTPS

28 %
IPv6

53
Domains

81
Subdomains

65
IPs

9
Countries

2702 kB
Transfer

7490 kB
Size

98
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Futm_source%3Dshare-facebook%26utm_content%3Dfacebook%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav&media=https://www.postfun.com/wp-content/uploads/2021/04/laurie-walters-1126355043-46487.jpg?b=0&c=0&width=800&height=533&top=400&left=1952&zoom=3.6461221895&description=The+Stars+Of+%3Ci%3EEight+Is+Enough%3C%2Fi%3E+-+Then+And+Now

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Futm_source%3Dshare-twitter%26utm_content%3Dtwitter%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dsidenav%26utm_campaign%3Dshare-sidenav&media=https://www.postfun.com/wp-content/uploads/2021/04/laurie-walters-1126355043-46487.jpg?b=0&c=0&width=800&height=533&top=400&left=1952&zoom=3.6461221895&description=The+Stars+Of+%3Ci%3EEight+Is+Enough%3C%2Fi%3E+-+Then+And+Now

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dfooter%26utm_campaign%3Dshare-footer&media=https://www.postfun.com/wp-content/uploads/2021/04/laurie-walters-1126355043-46487.jpg?b=0&c=0&width=800&height=533&top=400&left=1952&zoom=3.6461221895&description=The+Stars+Of+%3Ci%3EEight+Is+Enough%3C%2Fi%3E+-+Then+And+Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/ HTTP 301
https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=1055242745125871768

Request Chain 163

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

Request Chain 164

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=0F19AA5A-ED49-44AC-9CC3-5552D33B2E72&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&google_gid=CAESEOzLnCKi-cOcu1TRVUGRXnM&google_cver=1&google_ula=450542624,0

Request Chain 166

https://ids.ad.gt/api/v1/g_hosted?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YjkxYmMxNTMtMmIzMS00OWM4LWE5OWMtZjM4MDNiZjFhMmY2

Request Chain 167

https://ids.ad.gt/api/v1/rub?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&gdpr=0

Request Chain 168

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&sas_uid=[sas_uid]&cklb=1

Request Chain 169

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=85776120983510224494138976578972411684&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&C=1

Request Chain 188

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZcrn8FCv.KTfEfJXf4n9wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&google_hm=2

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVv-fjKQdf7dRnr8NIs83Y&google_cver=1

Request Chain 190

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NTI0Mjc0NTEyNTg3MTc2OA%3D%3D

Request Chain 208

https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=8961374121731&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=8961374121731&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1

Request Chain 227

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRhODY5YmEtYzJlMi0yZTQ4LWU5NTQtYjQ0MTQ2MTZhOTUx

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOCYNzQJ8MTObvQJrwAJ2Nk&google_cver=1

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1&__user_check__=1&sync_id=59418f0b-48f3-11ec-9099-14f0ef8b0106

Request Chain 235

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=5940997e-48f3-11ec-96c9-1e1d47870406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTk0MThlYmYtNDhmMy0xMWVjLTkwOTktMTRmMGVmOGIwMTA2

Request Chain 256

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45

Request Chain 259

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062

Request Chain 273

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=5187a315-8219-4f10-af4f-faa89b8ba835&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

Request Chain 285

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 286

https://um.simpli.fi/gp_match?google_gid=CAESEPRdggvDjGWZAsr4YKAuOHs&google_cver=1&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_lSSsEZkxEpAs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F602BB114BEB4468A9E26135972AA611&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_lSSsEZkxEpAs

Request Chain 287

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBDhffgql9S1cSPuAzKnI2g&google_cver=1&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBDhffgql9S1cSPuAzKnI2g&google_cver=1&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ&google_hm=ylm9iMpUS5WppCUNgwl2OA==

Request Chain 289

https://d5p.de17a.com/cookies/google?google_gid=CAESEPrWlvc4RGnNHVhfUUF3ZpY&google_cver=1&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPrWlvc4RGnNHVhfUUF3ZpY&google_cver=1&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1

Request Chain 291

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ&google_hm=6768f8c4a19365f6d2d3eac4

Request Chain 293

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 295

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK9flv4AjeuHiLntSEW7ows&google_cver=1&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vMyT1nuQD9OHLo HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uab30GduR-yALZHPQwW2Dw2&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vMyT1nuQD9OHLo

Request Chain 296

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG&google_hm=6768f8c4a19365f6d2d3eac4

Request Chain 297

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPldcJk6ANLw_dTfhzluwpQ&google_cver=1&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki&google_gid=CAESEPldcJk6ANLw_dTfhzluwpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki

Request Chain 298

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL6tT5XSoxw-ZxyIWtl0PIQ&google_cver=1&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8Rc5GqeDUOszGLubuO3wGaCb3jkjlAV5-wyLQRI60F4QaNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VTWpnem5wRTJ1SEJYMXZEbHFOUXo5Z3FtOWF5WWN5WH5B&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8Rc5GqeDUOszGLubuO3wGaCb3jkjlAV5-wyLQRI60F4QaNA

Request Chain 323

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1

Request Chain 325

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

Request Chain 328

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3409472396413946947&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=6399ce8b-5afb-44c0-bd8c-b95aac37de45&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 330

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t

Request Chain 331

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Request Chain 332

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=8605249789374139112&dongle=d407

Request Chain 333

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1

Request Chain 335

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

Request Chain 338

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3409472396413946947&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ca59bd88-ca54-4b95-a9a4-250d83097638 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ca59bd88-ca54-4b95-a9a4-250d83097638 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=576e9250-27d9-4f9b-9d63-cca9f2b9e468&ssp=triplelift&expires=30&user_group=5&bsw_param=ca59bd88-ca54-4b95-a9a4-250d83097638 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 340

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t

Request Chain 341

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Request Chain 342

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3417103018643327720&dongle=d407

Request Chain 346

https://match.adsrvr.org/track/cmf/openx?oxid=78c7ba70-0b95-70ec-fcb4-eef88cf46731&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731

Request Chain 348

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Request Chain 352

https://match.adsrvr.org/track/cmf/openx?oxid=78c7ba70-0b95-70ec-fcb4-eef88cf46731&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731

Request Chain 354

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

353 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Redirect Chain

http://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

494 KB
71 KB

33ms
15ms

Document
text/html

104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: 4af4ee9f85e6d52bce2d968fe4f1aa46c0ee4c96f82392dd024bf331dc305f85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
link: <https://www.postfun.com/wp-json/>; rel="https://api.w.org/" <https://www.postfun.com/wp-json/wp/v2/posts/66863>; rel="alternate"; type="application/json" <https://www.postfun.com/?p=66863>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: bot
x-cache-group: bot
access-control-allow-origin: *
content-encoding: gzip
content-length: 72389
cache-control: must-revalidate, max-age=3600
expires: Fri, 19 Nov 2021 05:44:13 GMT
date: Fri, 19 Nov 2021 04:44:13 GMT
vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Cache-Control: max-age=3600
Expires: Fri, 19 Nov 2021 05:44:13 GMT
Date: Fri, 19 Nov 2021 04:44:13 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 42ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a7cee29393aa4024d5f5412cfa2cfbab6bf6abcf6dc062113eac7181b6d0ba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1048 / 517 of 1000 / last-modified: 1637276782"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26840
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Nov 2021 04:44:13 GMT

GET
H2 200 header.b.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/ 677 KB
210 KB 8ms
8ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 42985129d6dc0ac588c8b065d5ea472051c3734eabcba6ebb9129f931d4b96b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 20:02:45 GMT
server: nginx
etag: W/"6196b165-a9413"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 214622
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 style.css
www.postfun.com/wp-content/themes/hive-master/ 71 KB
12 KB 12ms
11ms Stylesheet
text/css 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 75ad566950298a23b6ce73ed61b4597ae66a72daf102daa806efd58c18fa7c3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:05:54 GMT
server: nginx
etag: W/"607720f2-11dba"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 12289
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 style.css
www.postfun.com/wp-content/themes/postfun/ 45 KB
9 KB 12ms
11ms Stylesheet
text/css 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637178635
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03ce3e84f58bbcbb24406b7a2574c441ebc869b4499af24af97bfc0bab66e2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 19:50:35 GMT
server: nginx
etag: W/"61955d0b-b58a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 8936
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 294 KB
53 KB 40ms
13ms Script
application/javascript 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-129.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 084f6476011a1c250d41279bc05a27a78c804a91bd11610eb2be4bb1b5a73c18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 04:50:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"b8d3311981745fbeb105aa6ddc40aa96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: zLH8grn_B8QTQ6M3-kJs2vab20ZxEqSdcDz1Lz2y-6cThC-GCg-vHA==

GET
H2 200 id.js Show response
cdn.taboola.com/webpush/ 1 KB
929 B 26ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/id.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b985af57dc59fdf0a9743d410836168fdbceaa641b51d4e427f9edff6cc62625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 5AeHNYhajGCudi_TrYZ80Y0gwu0a6ryl
content-encoding: gzip
etag: "94b1f08de63835708c45d9c61d268b29"
age: 13491
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 489
x-amz-id-2: lJo4GDPYwlMcr9GpQtHGKAdiLntbMMJ+YzkzKZhQ6b9F3KDlfzVIrIPdPx6WWcCyDZHN+ALHjGM=
x-served-by: cache-fra19134-FRA
last-modified: Thu, 03 Jun 2021 07:06:05 GMT
server: AmazonS3
x-timer: S1637297054.663865,VS0,VE0
date: Fri, 19 Nov 2021 04:44:13 GMT
vary: Accept-Encoding
x-amz-request-id: A1X4H6R76F7BZ3Q3
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 260

GET
H2 200 footer.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/ 222 KB
64 KB 8ms
7ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/footer.js?ver=1637178635
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fdedb81073048e6d4c3bf9fd35141ef6a8e5c965c29532f9ae2f5c09d82a83fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 19:50:35 GMT
server: nginx
etag: W/"61955d0b-378a0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 65010
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 footer.js Show response
www.postfun.com/wp-content/themes/hive-master/assets/js/ 6 KB
2 KB 9ms
9ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/js/footer.js?ver=1635964025
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8352a0484081022114518db98c4f7bd828fff01a3bba53b1e9fe55e31602413e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 18:27:05 GMT
server: nginx
etag: W/"6182d479-181a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 2085
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 wp-embed.min.js Show response
www.postfun.com/wp-includes/js/ 1 KB
964 B 8ms
8ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 765
expires: Sat, 19 Nov 2022 04:44:13 GMT

POST
H2 200 hive_hash Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
146ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_hash
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:13 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:13 GMT

POST
H2 200 hive_loaded Show response
www.postfun.com/events2/topic/ 0
177 B 149ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_loaded
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:13 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:13 GMT

POST
H2 200 hive_session Show response
www.postfun.com/events2/topic/ 0
177 B 148ms
148ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_session
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:13 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:13 GMT

POST
H2 200 hive_location Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_location
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:13 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:13 GMT

POST
H2 200 carb_init Show response
www.postfun.com/events2/topic/ 0
177 B 424ms
423ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_init
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 oil.1.2.4-RELEASE.min.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/ 73 KB
23 KB 8ms
7ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/oil.1.2.4-RELEASE.min.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 94995fcea46f2c65fa54a0ea1742cbc58f97493b9cf09eb481c1fbc358754a99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 21:19:12 GMT
server: nginx
etag: W/"5fb58fd0-12542"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 23642
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 spacer.gif
www.postfun.com/images/ 807 B
982 B 9ms
9ms Image
image/gif 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/images/spacer.gif?abk=1&adnet=1
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Tue, 17 Jul 2018 22:56:00 GMT
server: nginx
etag: "5b4e7400-327"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 807
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 36ms
8ms Script
application/javascript 13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 03:23:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 4841
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: KTKQE-dvdUCCVUmruQDEZHlCQzBXYUcvFRP5YakRDoFLRx_l4l5WNA==

GET
H2 200 offscreen-bg.jpg
www.postfun.com/wp-content/themes/postfun/assets/images/ 50 KB
50 KB 9ms
9ms Image
image/jpeg 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/themes/postfun/assets/images/offscreen-bg.jpg
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637178635
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 41e365250a82e0e0ee15c8661ca0efb65228a061f31c8ae3884127d0efa0d369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637178635
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Thu, 21 Feb 2019 19:26:16 GMT
server: nginx
etag: "5c6efb58-c667"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50791
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 icomoon.ttf
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 3 KB
3 KB 8ms
8ms Font
application/octet-stream 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/icomoon.ttf?fo61nq
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8ee0d666b3091eb93def38dd12b8f2a7009d640e6b0cf389cc35a2c4a425b09

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Tue, 29 Sep 2020 18:21:32 GMT
server: nginx
etag: "5f737b2c-c58"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3160
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 OpenSans-Regular.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 20 KB
20 KB 9ms
9ms Font
font/woff 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-Regular.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-50d8"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20696
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 OpenSans-ExtraBold.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 21 KB
21 KB 7ms
7ms Font
font/woff 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-ExtraBold.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bb6d1fca9040272fd9341da48df6827bbea229b08574eadc105dc55fb5c2fc9f

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-5420"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21536
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 OpenSans-SemiBold.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 20 KB
21 KB 7ms
7ms Font
font/woff 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c32b66dae6aaac220d224bd147ce2e70a205a34bc53b62ca4f9eb0d7754ccfa4

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-513c"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20796
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 postfun-logo-55299.svg
www.postfun.com/wp-content/uploads/sites/13/2019/02/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/sites/13/2019/02/postfun-logo-55299.svg
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7f59166cede1b29d613c38e7da6dcd9227fdb898893f6508356e2ca5ad7b7293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 07:21:58 GMT
server: nginx
etag: W/"f6c28497d484ff937b91169cc3600909"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1949
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 dick-van-patten-then-17629.jpg
www.postfun.com/wp-content/uploads/2021/03/ 58 KB
59 KB 9ms
9ms Image
image/jpeg 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/2021/03/dick-van-patten-then-17629.jpg?width=800&height=533
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: 963ad6c4331cb856f6b28c21aef39251cf60fe5b11b518fc70dad63d3f09ba97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cache-group: normal
etag: "f664774da90db58ccdefd09c8c0aefc3"
last-modified: Sun, 11 Apr 2021 07:17:22 GMT
orig-filename: 2021/03/dick-van-patten-then-17629.jpg
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
content-type: image/jpeg
access-control-allow-origin: *
orig-mkey: file=2021%2F03%2Fdick-van-patten-then-17629.jpg&mime=image%2Fjpeg&width=800&height=533
cache-control: must-revalidate, max-age=31536000
date: Fri, 19 Nov 2021 04:44:13 GMT
accept-ranges: bytes
content-length: 59515
server: nginx
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 15ms
14ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Nov 2021 04:44:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 152 B
127 B 29ms
15ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9537144bb39250368e21895ffb3a0e5c0f976a68b191729a73f247bb0608f2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Fri, 19 Nov 2021 04:44:13 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 32ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 26 Nov 2021 04:44:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6186
date: Fri, 19 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 05:01:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 145ms
145ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 26 KB
2 KB 7ms
7ms Stylesheet
text/css 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-129.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:53:11 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:59:32 GMT
server: AmazonS3
age: 83037
etag: W/"f78fe2b0b79df0619d393cfc42450ddf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VQlRPmDsEQSjb9rMuBqeFQ5SBZ9modfjVYMc44Q1aPSaZDwhNJ6hDg==

GET
H2 200 1.1.2.4-RELEASE.chunk.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/ 6 KB
3 KB 7ms
7ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/1.1.2.4-RELEASE.chunk.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/oil.1.2.4-RELEASE.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2cb0a17b56bb861fba9a7f5a641323dd8058907799f33f2c4c06dcc9b0ba772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 26 Sep 2018 22:51:05 GMT
server: nginx
etag: W/"5bac0d59-1618"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 2384
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 0.1.2.4-RELEASE.chunk.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/ 48 KB
12 KB 9ms
9ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/0.1.2.4-RELEASE.chunk.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/oil.1.2.4-RELEASE.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7743f7d6055e07f63440ca00b5a10f3c7a000f7644ffc75dceb2f2972a6a409f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Wed, 26 Sep 2018 22:51:05 GMT
server: nginx
etag: W/"5bac0d59-c15c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 11772
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
H2 200 bddc-min.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/legacy/misc/ 79 KB
29 KB 9ms
7ms Script
application/javascript 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/legacy/misc/bddc-min.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5d8d13c958e7f08ce7c2be4315fe352515b00c28047ff52c5205199a9a37581e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 22:48:42 GMT
server: nginx
etag: W/"5ed585ca-13dca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 29056
expires: Sat, 19 Nov 2022 04:44:13 GMT

POST
H2 200 hive_dfp Show response
www.postfun.com/events2/topic/ 0
177 B 149ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_dfp
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 36ms
13ms Script
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: 1P1NQ3GDD9DP9N4X229G
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 19 Nov 2021 04:44:13 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1gAd1Vc6Qi_nPmzTPgDchsOwJ_5IRWPIVnLXZY26cvoqqkTlrvCR7g==

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 149ms
148ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_singlepage_event Show response
www.postfun.com/events2/topic/ 0
177 B 435ms
435ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_singlepage_event
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 pbjs_auction_init Show response
www.postfun.com/events2/topic/ 0
177 B 427ms
427ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_init
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 433ms
433ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 arj Show response
hive-d.openx.net/w/1.0/ 328 B
705 B 67ms
36ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hive-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=550258af-3eee-494e-b528-6d1ec03b5f82%2Cd29d37a4-14da-465c-877a-338a415568d4&nocache=1637297053983&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&gdpr=1&pubcid=ab6b8529-a212-4f1b-a662-2610e8d354cc&aus=728x90%7C300x250%2C300x600%2C160x600&divIds=primary-over-next%2Csecondary-P1&auid=544031882%2C544031887
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 1a02ea9953641842f5c3cc8ba419a87418212286f77d00dd7901a3c78687bec5

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.postfun.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
393 B 344ms
114ms XHR
application/json 34.197.208.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&ntv_ptd=1127033,1127132&ntv_pb_rid=48a54d1ea3e663&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoicHJpbWFyeS1vdmVyLW5leHQiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s3MjgsOTBdXX19fSx7ImFkVW5pdENvZGUiOiJzZWNvbmRhcnktUDEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF0sWzE2MCw2MDBdXX19fV19&ntv_url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.208.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-208-127.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.postfun.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
331 B 31ms
14ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=643725&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22788a1b75fbe11d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22875e2ac4a2e5c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643725%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229b932bc88e3b24%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643730%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22104a09370db2831%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643730%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221197e24ec9b3798%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643730%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aec9c483cb02e3e6cddf26308cb045a248b55f469f6bc46213c4b6f2b5984f16

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.83], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.postfun.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
699 B 31ms
10ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9ef24b5b-6e56-48ce-bdaa-3ebbe05c3f82
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
647 B 74ms
27ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.27.0
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: fcf506c590f36c891765335fbacfedd56ce42559204d869441d0e8ab6ecf93aa

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 19 Nov 2021 04:44:14 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.postfun.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
296 B 31ms
9ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.27.0&referrer=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&tmax=3000&gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-auction-status: 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 197 B
1 KB 67ms
14ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F21287525%2Fpu_desktop_spl_primary-over-next%7C2443831d288e783%22%3A%22728x90%22%2C%22%2F21287525%2Fpu_desktop_spl_secondary-P1%7C25d4b84a51ab10c%22%3A%22300x250%2C300x600%2C160x600%22%7D&ref=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&s=192b7b46-2edb-4da2-9c42-e4d09f9640e7&pv=7ea4ca47-04ac-498b-ad8d-f9ce82fab28c&vp=desktop&lib_name=prebid&lib_v=4.27.0&us=0&ius=1&gdpr=true&consent_string=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

07e8b527d838f03f5a56110cbbdace950c3ed3fa2705c229c7f972dcadc070b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 168
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 loader.gif
www.postfun.com/wp-content/themes/postfun/images/ 80 KB
81 KB 7ms
7ms Image
image/gif 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/themes/postfun/images/loader.gif
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f4d78eaddad6ec90355156468264d74aabc8949e2ec9f025bc3b81f569772de4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:13 GMT
last-modified: Tue, 17 Jul 2018 22:56:01 GMT
server: nginx
etag: "5b4e7401-14148"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82248
expires: Sat, 19 Nov 2022 04:44:13 GMT

GET
DATA 200
OK truncated
/ 23 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dick-van-patten-now-458524642-92735.jpg
www.postfun.com/wp-content/uploads/2021/03/ 46 KB
46 KB 10ms
9ms Image
image/jpeg 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/2021/03/dick-van-patten-now-458524642-92735.jpg?b=0&c=0&width=800&height=533&top=0&left=0&zoom=0.781524926686
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: 57eef13e61abf71758d257faf8de5a20d315723f4c11d86e07e35b44aa09af1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cache-group: normal
etag: "a9a32457148a748370272a7d69063309"
last-modified: Sun, 11 Apr 2021 07:12:27 GMT
orig-filename: 2021/03/dick-van-patten-now-458524642-92735.jpg
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
content-type: image/jpeg
access-control-allow-origin: *
orig-mkey: file=2021%2F03%2Fdick-van-patten-now-458524642-92735.jpg&mime=image%2Fjpeg&width=800&height=533&zoom=0.781524926686
cache-control: must-revalidate, max-age=31536000
date: Fri, 19 Nov 2021 04:44:14 GMT
accept-ranges: bytes
content-length: 46670
server: nginx
expires: Sat, 19 Nov 2022 04:44:14 GMT

GET
H2 200 diana-hyland-then-33570.jpg
www.postfun.com/wp-content/uploads/2021/03/ 31 KB
31 KB 11ms
11ms Image
image/jpeg 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/2021/03/diana-hyland-then-33570.jpg?width=800&height=533
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: 8d095e3911caba5e9479d91938bc8ed48d6918ade73e14101addaf599664c3e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cache-group: normal
last-modified: Sun, 11 Apr 2021 07:15:09 GMT
orig-filename: 2021/03/diana-hyland-then-33570.jpg
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: "2e0879dd3cdf1044c142144e6044503f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: must-revalidate, max-age=31536000
date: Fri, 19 Nov 2021 04:44:14 GMT
accept-ranges: bytes
content-length: 31863
server: nginx
expires: Sat, 19 Nov 2022 04:44:14 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 40ms
7ms Fetch 35.156.217.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.217.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Nov 2021 04:44:14 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Nov 2021 05:34:48 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 10ms
7ms Fetch 35.156.217.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.217.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Nov 2021 04:44:14 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 200 hive_reconciliation Show response
www.postfun.com/events2/topic/ 0
177 B 146ms
146ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_reconciliation
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 vendorlist.json Show response
www.postfun.com/ 98 KB
19 KB 15ms
15ms XHR
application/json 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/vendorlist.json
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/oil.1.2.4-RELEASE.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: b3ed9c9bc861fa868a53b26af8333f99a2e88080796109b11da39496c43d58bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cache-group: iphone
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 21:19:12 GMT
server: nginx
x-cacheable: SHORT
x-powered-by: WP Engine
etag: W/"1892f-5b46829a9d550"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate, max-age=3600
date: Fri, 19 Nov 2021 04:44:14 GMT
content-length: 18911
expires: Fri, 19 Nov 2021 05:44:14 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 8ms
8ms XHR
text/plain 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3475&u=https%3A%2F%2Fwww.postfun.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 23:07:54 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: Server
age: 20180
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: U6Dr1SWW8gH7Xl-W78os-Zm4U-nS5b_-fwCv5CkhXY4g4ZbbQJ3hHw==

GET
H2 200 vendorlist.json Show response
www.postfun.com/ 98 KB
19 KB 11ms
10ms XHR
application/json 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/vendorlist.json
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/oil/oil.1.2.4-RELEASE.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: b3ed9c9bc861fa868a53b26af8333f99a2e88080796109b11da39496c43d58bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cache-group: iphone
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 21:19:12 GMT
server: nginx
x-cacheable: SHORT
x-powered-by: WP Engine
etag: W/"1892f-5b46829a9d550"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate, max-age=3600
date: Fri, 19 Nov 2021 04:44:14 GMT
content-length: 18911
expires: Fri, 19 Nov 2021 05:44:14 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7475
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Fri, 19 Nov 2021 02:50:10 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 6nXEaCdVcovIUdEX-Yz6OY1mYF17rTKBlU41baTQTfoEzFohSp6c7g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=755964454&t=pageview&_s=1&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ul=en-us&de=UTF-8&dt=The%20Stars%20Of%20Eight%20Is%20Enough%20%E2%80%93%20Then%20And%20Now%20-%20Post%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAAC~&jid=950736562&gjid=241205314&cid=1727820622.1637297054&uid=f371dbff-eaf8-452f-933a-cd81a5502292&tid=UA-68286463-2&_gid=1486916002.1637297054&_r=1&_slc=1&cd1=_other_organic_d__526-000010&cd2=526-000010&cd3=&cd4=1&cd5=&cd6=66863&cd7=&cd8=lyj&cd9=52&cd10=jennagoldberg&cd11=&z=1699279485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 423ms
423ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 419ms
418ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 47ms
15ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68286463-2&cid=1727820622.1637297054&jid=950736562&uid=f371dbff-eaf8-452f-933a-cd81a5502292&gjid=241205314&_gid=1486916002.1637297054&_u=aGBAAEIgAAAAAC~&z=1426484935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 04:44:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 152ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 429ms
427ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 157ms
155ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 432ms
430ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 425ms
424ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 425ms
425ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 434ms
433ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_cmp_action Show response
www.postfun.com/events2/topic/ 0
177 B 429ms
429ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_cmp_action
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
532 B 40ms
40ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3475&u=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&pid=eLplzh3U2FD7I&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22primary-over-next%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop_spl_primary-over-next%22%7D%2C%7B%22sd%22%3A%22secondary-P1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop_spl_secondary-P1%22%7D%5D&gdpre=1&gdprc=BPP57QtPP57QtBQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&gdprl=%7B%22status%22%3A%22cmp-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: EHQC8ANW4QXXEHV7JP1C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: fA7v_RdsJVT0hFvqgaSvtxhwV499rGWSaMvRvXHXnw6QGk1CdtR4tg==

POST
H2 200 hive_ga_session Show response
www.postfun.com/events2/topic/ 0
177 B 419ms
418ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_ga_session
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_reconciliation Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_reconciliation
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 147ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 152ms
152ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 433ms
433ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 430ms
430ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/footer.js?ver=1637178635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 0WTH1TnmVYbG85It3I7A6Zg0oY46f/QZxhUPQ/KkHrtBcoUv6hur+sCQoahFdvPQdck3K07ymcmYa9H1k40PPg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 19 Nov 2021 04:44:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 432ms
432ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 418ms
418ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 426ms
425ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 451ms
451ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 429ms
429ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 431ms
431ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 432ms
432ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.hmstats.com/2/486951/ 6 KB
3 KB 186ms
30ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&ui=f371dbff-eaf8-452f-933a-cd81a5502292&di=www.postfun.com&c1=organic&c2=&c3=&de=2&gt=DE&dm=1600x1200

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bcc8d528699bc55e67d2175d9c589d74f268d97f27f6d0ee215513c91ce4e783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2778
Expires: 0

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 422ms
421ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 421ms
421ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 354 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 551ms
190ms Script
application/javascript 44.238.136.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ref=
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.136.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-136-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 140810da82657235666370c8221e22d87f07ca4d6c3f2eb3331aeb8f30847f83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
server: nginx/1.18.0
content-length: 3304
content-type: application/javascript

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 421ms
420ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 429ms
429ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 418ms
418ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 418ms
417ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 49ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
18 KB 308ms
308ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1313004673899883&correlator=1447559189165166&output=ldjh&impl=fifs&eid=31060978%2C31063712%2C31063799%2C31061029%2C31060032&vrg=2021111701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=21287525%2Cpu_desktop_spl_primary-over-next%2Cpu_desktop_spl_secondary-P1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250%7C300x600%7C160x600&fsbs=1%2C1&prev_scp=amznbid%3D2%26amznp%3D2%26floor_group%3DFL_001%26hbmax%3Dnobid%7Camznbid%3D2%26amznp%3D2%26floor_group%3DFL_001%26hbmax%3Dnobid&eri=1&cust_params=source%3Dorganic%26campaign%3Dorganic%26sourceDeviceBucket-1%3Dorganic_d_0%26sourceDeviceBucket-2%3Dorganic_d_0%26sourceDeviceBucket-3%3Dorganic_d_0%26sourceDeviceBucket-4%3Dorganic_d_0%26sourceDeviceBucket-5%3Dorganic_d_1%26sourceDeviceBucket-6%3Dorganic_d_0%26sourceDeviceBucket%3Dorganic_d_0%252Corganic_d_0%252Corganic_d_0%252Corganic_d_0%252Corganic_d_1%252Corganic_d_0&cookie_enabled=1&bc=31&abxe=1&lmt=1637297054&dt=1637297054377&dlt=1637297053621&idt=315&frm=20&biw=1600&bih=1200&oid=2&adxs=736%2C1272&adys=11015%2C113&adks=661139827%2C659501193&ucis=1%7C2&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=732x147%7C300x317&msz=0x8%7C0x250&ga_vid=1727820622.1637297054&ga_sid=1637297054&ga_hid=755964454&ga_fc=true&fws=4%2C4&ohw=0%2C0&btvi=1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2765298a0185a7c06cdbe23473c03404c0b2a04828234451d2118c1092924add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18777
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.postfun.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6deec3cd80a67fa1a6ae65c4eedd6ba9b7deb7e6b07c9f5200c031cb3b8d5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9111
x-xss-protection: 0

GET
H2 200 container.html Show response
9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E51 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 04:44:14 GMT
expires: Sat, 19 Nov 2022 04:44:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 308ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: bkDDjM9yBidpqcg1XlmlVz96Wf00HBDmEbxpzIK60W9JU1Zm0GVj7ZjfqwSjCkERI+pbAMwo5b7trEEDuDPIUA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 19 Nov 2021 04:44:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 353329068859326 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 356ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/353329068859326?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9bbac6ecbcbd46820ae9165f18bb5ad8e58a243850e838d0680bb50e0b7b229

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 1dIx0mKdACeVc7vLiS0HleBZXhWhQJ3nVYZ5h1+RH00pc0WjHPixRTVx/f+mVtobHYbBeLYsP8epo+MFEWWSvg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EB53 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 18 Nov 2021 16:35:30 GMT
expires: Fri, 18 Nov 2022 16:35:30 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C1D1 783 B
1 KB 37ms
15ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2f95c6a1faaed9c1a86fd709d76ae5b651cd4903f81f4141ae6c65f5891333f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+eJn6MqSM2LT7htZGHkjjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 19 Nov 2021 04:44:14 GMT
date: Fri, 19 Nov 2021 04:44:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+eJn6MqSM2LT7htZGHkjjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame EB53 35 KB
14 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 12:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 12:28:30 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C1D1 0
0 30ms
30ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=1313004673899883&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 124ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?oz_pl=1&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&_x=1
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&ui=f371dbff-eaf8-452f-933a-cd81a5502292&di=www.postfun.com&c1=organic&c2=&c3=&de=2&gt=DE&dm=1600x1200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.hmstats.com/2/2.40.0/ 153 KB
48 KB 30ms
30ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.hmstats.com/2/2.40.0/main.js

Requested by

Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&ui=f371dbff-eaf8-452f-933a-cd81a5502292&di=www.postfun.com&c1=organic&c2=&c3=&de=2&gt=DE&dm=1600x1200

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:14 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48186
Expires: Mon, 28 Jul 2053 05:20:40 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?oz_pl=1&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&_x=1
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=9a933e0c-b7b9-404c-b125-2eebb478c246&ui=f371dbff-eaf8-452f-933a-cd81a5502292&di=www.postfun.com&c1=organic&c2=&c3=&de=2&gt=DE&dm=1600x1200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 container.html Show response
9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BECD 6 KB
3 KB 308ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 04:44:14 GMT
expires: Sat, 19 Nov 2022 04:44:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame D857 189 KB
55 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 191620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D857 13 KB
5 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 289918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 15 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D857 89 KB
28 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 169467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 17 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D857 5 KB
2 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D857 40 KB
13 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 16 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Nov 2022 23:00:04 GMT

GET
DATA 200
OK truncated
/ Frame D857 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22ade17b678031d1dd0343b775c37d5d4ac8773c209732c8aed802e0656ecdd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14137529529162926546
tpc.googlesyndication.com/simgad/ Frame D857 110 KB
110 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14137529529162926546?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkAWhzLlxhN-SS5QXCXgJ6lIcBNg

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7d0ee409907357cd1e30296f611efd59f5336358bf6da8a05793503123d099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 11:17:08 GMT
x-content-type-options: nosniff
age: 322026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112529
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 10:17:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 11:17:08 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D857 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 68555
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Nov 2021 09:41:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D857 295 B
537 B 7ms
5ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 67869
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Nov 2021 09:53:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D857 0
0 16ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6xI4GlzoefHVGFd2Z0RAT-PfSHEoxUUW7pnNuVsbRs8aaEDskzjc-pCkiTGjz7dI4vTYkXFxMTuY8HKJ_WfH5u5JnNQ
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D857 0
0 38ms
37ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwUkFniuXYe2NGtjz3wO1oxznpdLKZqqI8rKAD7_hHhABIO3QkjRglZqggrAHoAGHg7_3A8gBAuACAKgDAcgDCKoEvgJP0FAVVunG2cxlB3M1qNvOXoM-syT7oU8tjSsEAgGUWePmAOX7lT_-riEoRq18GnfW4nvijxYvt2x94jczFaGfhfLfc_MS1K6iId3wmaklVzl_dkE9RiCeaV0P82GHyU-cCe6FwmhObUowWegAhUxe7mS24wRNf_nTFhf0Cg-yBkWwZgHakqjnyZ4g9nvGJEwXAWAt-b1yGZ5Gxe-IGioL89QRLCv_3E3iOC50UnWUG_I7RWe3doBV64edxoAOgke4BGZTRTxKVcu8-vZ1dSLBAenBqWAWuvDRKCshyXdAVn314R8ypNZ4vTJfEpkKlYSosR7V3eEcvew8ks5zrS77uMLn40nN4DGK8Hv7UuGiyRPNNQ7HCj-8fmPYwKpfQqCwJ7HtxrsMhHzBvKO5vOsP8GFpUFAXXYR_p1b7L9zABKzX6ffzA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAemu_6FAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELW7CdIICQiI4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04OTUwMDEyOTE3MjEzNTc0GM2pGQ&sigh=ccCWSVY0Vig&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 154ms
154ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 153ms
153ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_ratio Show response
www.postfun.com/events2/topic/ 0
177 B 148ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_ratio
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 pbjs_auction_result Show response
www.postfun.com/events2/topic/ 0
177 B 148ms
148ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_result
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 pbjs_auction_result Show response
www.postfun.com/events2/topic/ 0
177 B 150ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_result
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_pbjs_tracking Show response
www.postfun.com/events2/topic/ 0
177 B 146ms
146ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_pbjs_tracking
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 24ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 19 Nov 2021 04:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1661
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: 2z6HHzWHBWTeq1HfBlC0Uu92sbl7xkI7OXjYL3FBaAF7+CI6qq5+l+a6gxzw1uMEYrHDCA0yah4=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: NR7CKM3GX8V4QNX3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 36ms
6ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Fri, 19 Nov 2021 05:04:14 GMT

POST
H2 200 pbjs_auction_init Show response
www.postfun.com/events2/topic/ 0
177 B 148ms
147ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_init
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
647 B 39ms
39ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.27.0
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 36035b0d334c5daf4d6a3c95897e407764a025fb993085f8f305f497c7dafd9e

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 19 Nov 2021 04:44:14 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.postfun.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
332 B 11ms
11ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=643720&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230b382b2d6644d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22315f5655adae186%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643720%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232a17df09b52c33%22%2C%22ext%22%3A%7B%22siteID%22%3A%22643721%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d4f8eab17b6146313f119019ab9abbb92035774d9580bea8615288eebf61acc1

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.83], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.postfun.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
699 B 9ms
9ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c01b242f-38ab-4849-adb5-8a2af9efecf1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
hive-d.openx.net/w/1.0/ 329 B
301 B 50ms
42ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hive-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=21c91b2e-520f-469a-9578-774fbdfeefad%2C9dbe0ea6-a71a-45c4-899d-7caa601afb8b&nocache=1637297054743&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&gdpr=1&pubcid=ab6b8529-a212-4f1b-a662-2610e8d354cc&aus=728x90%7C728x90&divIds=primary-over-header-1%2Cprimary-over-header-2&auid=544031873%2C544031874
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: bd8e84c3b38f7911a6baf46e67659b5e59883028d7bba2ab35a13efd28ea218c

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.postfun.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
295 B 8ms
8ms XHR
application/json 18.184.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.69.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-69-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-auction-status: 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 210 B
835 B 15ms
15ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F21287525%2Fpu_desktop_spl_primary-over-header-1%7C43e8976f396a3cd%22%3A%22728x90%22%2C%22%2F21287525%2Fpu_desktop_spl_primary-over-header-2%7C446ca680171a76c%22%3A%22728x90%22%7D&ref=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&s=54008219-cc44-46c1-b097-ebaa4524bd4b&pv=7ea4ca47-04ac-498b-ad8d-f9ce82fab28c&vp=desktop&lib_name=prebid&lib_v=4.27.0&us=0&ius=1&gdpr=true&consent_string=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

05f4371705a7e002bdcecdef61f65b6fc02b57e61cd22a9313e25d9e834d728e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 160
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 39ms
39ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3475&u=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&pid=eLplzh3U2FD7I&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22primary-over-header-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop_spl_primary-over-header-1%22%7D%2C%7B%22sd%22%3A%22primary-over-header-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop_spl_primary-over-header-2%22%7D%5D&cfgv=1&gdpre=1&gdprc=BPP57QzPP57QzBQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&gdprl=%7B%22status%22%3A%22cmp-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: 5ETC0KD1N55TSHHYRXEZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vweJ4i0J7IeurhYh4daNYciuA3rtevDHNWnsqAj1hWEVkLDND2ALEw==

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 32ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297054694&oz_l=191&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 hive_reconciliation Show response
www.postfun.com/events2/topic/ 0
177 B 149ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_reconciliation
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 756416304915569 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/756416304915569?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89082227eb43e2295815f3f62d29cdc5f806cfef98416d0b88539131f79b5af5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: SJWqm2ibjqtB/8Eh/liFtzpeoUMNLH7kfJ2BhChG/3tp7oI/DbbbPZm/EWTRfEvET4efOhVALnFRvQ0OmTMDbQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054824&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=f06d0615-38be-4b56-a02d-e9fe0945cee2_1637297054344&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054827&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=2b2747d2-b359-4b0e-9bcb-77c43b5413af_1637297054346&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054829&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=e0502d79-f80d-4e42-9ad7-26e84805bfd5_1637297054348&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_reconciliation Show response
www.postfun.com/events2/topic/ 0
177 B 156ms
156ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_reconciliation
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 319ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 317ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 259ms
258ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1313004673899883&correlator=4437552990412192&output=ldjh&impl=fifs&eid=31060978%2C31063712%2C31063799%2C31061029%2C31060032&vrg=2021111701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=21287525%2Cpu_desktop_spl_primary-over-header-1%2Cpu_desktop_spl_primary-over-header-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C728x90&fsbs=1%2C1&prev_scp=amznbid%3D2%26amznp%3D2%26floor_group%3DFL_001%26hbmax%3Dnobid%7Camznbid%3D2%26amznp%3D2%26floor_group%3DFL_001%26hbmax%3Dnobid&eri=1&cust_params=source%3Dorganic%26campaign%3Dorganic%26sourceDeviceBucket-1%3Dorganic_d_0%26sourceDeviceBucket-2%3Dorganic_d_0%26sourceDeviceBucket-3%3Dorganic_d_0%26sourceDeviceBucket-4%3Dorganic_d_0%26sourceDeviceBucket-5%3Dorganic_d_1%26sourceDeviceBucket-6%3Dorganic_d_0%26sourceDeviceBucket%3Dorganic_d_0%252Corganic_d_0%252Corganic_d_0%252Corganic_d_0%252Corganic_d_1%252Corganic_d_0&cookie=ID%3D0fa0b5bc501d19bb-2299a10adccb00f3%3AT%3D1637297054%3AS%3DALNI_MZApXZTOJkaV4zgr8kTj8268N-Llw&bc=31&abxe=1&lmt=1637297054&dt=1637297054846&dlt=1637297053621&idt=315&frm=20&biw=1600&bih=1200&oid=2&adxs=736%2C736&adys=1309%2C2313&adks=2986903331%2C3006553674&ucis=3%7C4&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=732x147%7C732x147&msz=0x106%7C0x106&ga_vid=1727820622.1637297054&ga_sid=1637297054&ga_hid=755964454&ga_fc=true&fws=4%2C4&ohw=0%2C0&btvi=3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6f71cd1f5ea28a2df59457535f645bad132abfb3d6d08b5286a2da6323f05734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15601
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 379ms
88ms Script
application/javascript 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00bb0f4ff872b1845e574a7d16a0c6b6c4,004c9e634f2e7295aac2aa9331bb4f5243,00f68671f62c3e5f49da4fa496c37c8322,0036c96db58162161f176a4cbb926f420a,0075496a87e8c6a722145cf0ab07bd0b16,001f12d5e2acc100a52ea366a010f3f885,007791f06c2b4180eb37994fc377b01bba,0005b022fdc541b2ce19b4d18214fb4edd,007b49039a693bfa55bb9018c4d863ec34,0049a23f1e61443d66ebaf84f0a35a773c,009806a40172f37650fa58a95fe85f2aba,0033d55509d40fd1e47623b586736c3437,00cdd89705c25b0a665ad210b08a2bae33,007a999f4dad37ecb06006cf5bc343ade5,006e1e91a3961079508dc05534cae38c99,007ccfe4edacfafffe9a974fa320bf6174,003d2821858ffb336eebe0fd6747dd4a4e,0000f8a31852f93d778adea837b72b6efe,00cbcbae10d541bb0b79c19a76895a4920,002cc3bbb72bfb9c33123f44e3b1237d6b,00240d48b6c8759527c4739531f0335728,003599b6380f420786d5e689187691fcfb,00f84fedd5faf1da1cd2b17a31859691ee,00e68d462576b625e76956ba0fad07f98c,0036e0563c6d673bd2897959ebca5be17c,00c8207890c0218fb573bf26599ab23b84,003b1ac7362cced51bc541a7c0f51d35f0,008db98daee983819135e4e5bdf3c24531,00e483510f0c67d9ce65721be279c23445,0074a285b7acaa585d1cccce53211f6f1f,0036da36e450529e157e3c17c5b1832bd5,0036da36e450529e157e3c17c5b1832bd5,00e9d7e89143aef8f25d791b1fb9794d49,0066e24f356dfa6efe0b87992ec3e7f955,005d9fd08b6cd682ce844fd15045c3d369,009c20b7f9d3313357250148042f5dd78a,0076e64a52a6836f0da52382510d343393,00d913450f03a0b3c263ccf101fb90e358
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
X-TraceId: 4179c35ec5a20b21f420259809d386a8
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 371ms
85ms Image
image/gif 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?orderId=7ef8febc-a2e4-4b83-b181-9aedb1bc922f&currency=USD&orderalue=0.00&marketerId=00bb0f4ff872b1845e574a7d16a0c6b6c4,004c9e634f2e7295aac2aa9331bb4f5243,00f68671f62c3e5f49da4fa496c37c8322,0036c96db58162161f176a4cbb926f420a,0075496a87e8c6a722145cf0ab07bd0b16,001f12d5e2acc100a52ea366a010f3f885,007791f06c2b4180eb37994fc377b01bba,0005b022fdc541b2ce19b4d18214fb4edd,007b49039a693bfa55bb9018c4d863ec34,0049a23f1e61443d66ebaf84f0a35a773c,009806a40172f37650fa58a95fe85f2aba,0033d55509d40fd1e47623b586736c3437,00cdd89705c25b0a665ad210b08a2bae33,007a999f4dad37ecb06006cf5bc343ade5,006e1e91a3961079508dc05534cae38c99,007ccfe4edacfafffe9a974fa320bf6174,003d2821858ffb336eebe0fd6747dd4a4e,0000f8a31852f93d778adea837b72b6efe,00cbcbae10d541bb0b79c19a76895a4920,002cc3bbb72bfb9c33123f44e3b1237d6b,00240d48b6c8759527c4739531f0335728,003599b6380f420786d5e689187691fcfb,00f84fedd5faf1da1cd2b17a31859691ee,00e68d462576b625e76956ba0fad07f98c,0036e0563c6d673bd2897959ebca5be17c,00c8207890c0218fb573bf26599ab23b84,003b1ac7362cced51bc541a7c0f51d35f0,008db98daee983819135e4e5bdf3c24531,00e483510f0c67d9ce65721be279c23445,0074a285b7acaa585d1cccce53211f6f1f,0036da36e450529e157e3c17c5b1832bd5,00e9d7e89143aef8f25d791b1fb9794d49,0066e24f356dfa6efe0b87992ec3e7f955,005d9fd08b6cd682ce844fd15045c3d369,009c20b7f9d3313357250148042f5dd78a,0076e64a52a6836f0da52382510d343393,00d913450f03a0b3c263ccf101fb90e358&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&optOut=false&bust=06293124482137407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Cache-Control: no-cache
X-TraceId: b58e3c90c3d2bdaee76db17b1f7e51f0
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D857
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

45ms
23ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Protocol: H2
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Nov 2021 04:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 436263.json Show response
s.yimg.com/wi/config/ 2 B
448 B 23ms
10ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/436263.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:43:54 GMT
x-content-type-options: nosniff
age: 20
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 94334ZWXPMKRJGKS
x-amz-id-2: gL5cTty3a//cBwpl9RwcEX3EwhCKI47namnHXwprmI0VrXBaERspmnSX6ia9MXv3OpxUlAL3XJ0=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 10005184.json Show response
s.yimg.com/wi/config/ 2 B
160 B 409ms
397ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10005184.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: XQ9H1Q3H6ZTQ04JB
x-amz-id-2: avaMtxQmWHXSnPLQIkrog6j1UBtAkflUR64eVzBNrjPZNxtpQU3b84CUqkZ6/opHiQ2ZpWFL8BA=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 10029575.json Show response
s.yimg.com/wi/config/ 2 B
252 B 123ms
110ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10029575.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: E872MHWAEGNQERQ4
x-amz-id-2: cA13RQmi8TNlU9CLGg+9k4SpWU/t4VGtsCf7mHw967aNoMEWobI2gKANO40Yikyi+9tabdWW1mM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 10086309.json Show response
s.yimg.com/wi/config/ 2 B
138 B 23ms
11ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10086309.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:43:54 GMT
x-content-type-options: nosniff
age: 20
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 943CX22K077AS7M2
x-amz-id-2: uCBvENzyNULKoKV74ha7qxFSToBxmXkOHpOryuj9RMm9Xa+QUKviLftyr9HQBH+I9Ey2hqeSFT4=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
BLOB 200
OK fd219772-b148-42ac-ba4a-fbbfb7bfdfbe
https://www.postfun.com/ Frame B738 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 35ms
34ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297054874&oz_l=4446&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=1313004673899883&bg=!TU6lTgrNAAZQLpa_UC47ACkAdvg8WjAjD_hieZn9Y1Bj_qfuxHyg0nIAhegtJEW0NzuXNjCCFY4qIQIAAADOUgAAAF1oAQeZArbf-2MOLcOg-U4-HQ680q9_aYT3EDgMskcx69gUz0_ezbT4S27yWD0NXGPtRlV4fnFuVG9LnAPyB6lyqGA4ilti-gSXnF6iLHVyO4tgcAaj6eehk7Bhv9-zTXgJ2cbXkqguH_3D_N1izRVB7v7HuOixIPaV6NybhqH8-12m5edXzug3WNg0rrIq2WnCYveQqrjtLFxrzjCx1GWNtDsi-feU-tSrNs9pLfOu6a_Qb9klzfhvWxXryC4W_Se8UrDoanD2-sdZumLI5tz15_wgD3hiXB5eg8cKBal538VFNoQHTA9Wb7uu7M9m6LJN-oBw7DRaOaJeF0sc2bVBLDyjXFI-06wDaU7qY1cjsTM-sGqILNEp1RTLmUssfzNXvYdUUme_7bPCRpjhi6u6WG_Bnbh6CGBxafguEWLHf0tXJ-wD-DxjXCc3HNcXW8CzE0JzEA4oFGt5PDx3xN8sgzpku8YaFHta82iEPhZRIUNsHGOe3wimrp30RZ5Xpk-bl2ZdoBE1UDtjdRHqdzziHkV7TPtpkTuHAeedYjbPIEjLGuKbvhpC12T2XeR-ha46Ch5-QZG6-XsMRvYYl2H-6j1fTKCSUEAAh9kWHvOPabkanVez6bSE0MNS7XX77Si6HiUhoeOHEgqUAzVS4bqfnJNtdtfhdrtfwzvciA177LnANo2GQhAW45s19Hm7_wJKeSD9JaY5ofwSBBUB-mMM-IzqZCDdCKwE-GiIoTv9d33RKMH3H-kKWLIN23UAqFJYgJja0v8nPVU1232t5lg9DbX5YB99TIXdfBT8TgbP6bo9VWJiRuF-D7-fOBuqze0heJ3GWo-6UqUhN2K1Ktl4rjR0DJdhZA7tok7cEDrfeYB2uZvQg1AgecCk5MhxVV5Hzm4Ba_XpJqCrY5VXlDTVj3k6jeK6eukg5bxK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 543ms
179ms Script
application/javascript 54.201.251.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.251.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-251-82.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 22:16:16 GMT
server: nginx/1.18.0
etag: W/"1637273776.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 19 Nov 2021 16:44:15 GMT

GET
H2 200 354 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 532ms
178ms Script
text/html 34.223.151.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/354
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.151.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-151-79.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: bbf748d46da3706e8135544fa8c79ac18c3fcbef17563ec3c0329af90c5d57b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=1055242745125871768

43 B
566 B

523ms
189ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=1055242745125871768
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:14 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 22f6e3dd-2c23-4923-8995-ef3f5c8d81b9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&adnxs_id=1055242745125871768
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://ids.ad.gt/api/v1/t_match?tdid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

43 B
570 B

576ms
348ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://ids.ad.gt/api/v1/pbm_match?pbm=0F19AA5A-ED49-44AC-9CC3-5552D33B2E72&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

43 B
573 B

651ms
347ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=0F19AA5A-ED49-44AC-9CC3-5552D33B2E72&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=0F19AA5A-ED49-44AC-9CC3-5552D33B2E72&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
date: Fri, 19 Nov 2021 04:44:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://ids.ad.gt/api/v1/g_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&google_gid=CAESEOzLnCKi-cOcu1TRVUGRXnM&google_cver=1&google_ula=450542624,0

43 B
572 B

495ms
190ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&google_gid=CAESEOzLnCKi-cOcu1TRVUGRXnM&google_cver=1&google_ula=450542624,0
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&google_gid=CAESEOzLnCKi-cOcu1TRVUGRXnM&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YjkxYmMxNTMtMmIzMS00OWM4LWE5OWMtZjM4MDNiZjFhMmY2

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YjkxYmMxNTMtMmIzMS00OWM4LWE5OWMtZjM4MDNiZjFhMmY2

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YjkxYmMxNTMtMmIzMS00OWM4LWE5OWMtZjM4MDNiZjFhMmY2
date: Fri, 19 Nov 2021 04:44:15 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
https://token.rubiconproject.com/token?pid=50242&puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&gdpr=0

0
214 B

55ms
9ms

Image
text/plain

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&gdpr=0
date: Fri, 19 Nov 2021 04:44:15 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Db91bc153-2b31-49c8-a99c-f3803bf1a2f6%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&sas_uid=[sas_uid]&cklb=1

0
436 B

113ms
113ms

Image
text/plain

199.187.193.185
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&sas_uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 19 Nov 2021 04:44:14 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Db91bc153-2b31-49c8-a99c-f3803...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3Db91bc15...
https://ids.ad.gt/api/v1/adb_match?adb=85776120983510224494138976578972411684&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6

43 B
480 B

195ms
195ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=85776120983510224494138976578972411684&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v019-02486b1d5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3VSOzNGxRrY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=85776120983510224494138976578972411684&id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 142192547407081 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 53ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/142192547407081?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

879fb23aea1cddd0f42db4b0314c031ecc7bfaa3c8781c2a9834ab32cb33055f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eG49yKr53zxc+C5zABOiz+BbnXEolMNCB8/UPFhwtr8oi6MJJbFe24I/UZNqlvWpnSdy+Q7KpO2ifO5We/0JIQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054941&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=e8879d70-48aa-44b8-b1bb-a8a43d9e56ca_1637297054350&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054943&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=c5560be4-96d3-460f-b1bc-bb52e5dd3eed_1637297054351&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297054944&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=c5560be4-96d3-460f-b1bc-bb52e5dd3eed_1637297054351&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:14 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 151ms
150ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 507904799972713 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 51ms
49ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/507904799972713?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2234e62f9f4f714bd6e6fc3e8b65aaeac70fa57b670274528e472c3f2dd35dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ZgfuBlWjVq1ajWyIe4Dq0O4B1cFDFLhpTJbDuF8XinYOZAHMvktHHjnwJTISFq+6YZJ6UvVqlXBjlMBV+FkKCg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 9ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055014&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=7d2bdeef-eab4-49e8-af62-99cd4d2f9736_1637297054354&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055015&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=6eb4a75e-2d66-4fb8-aa16-4681e495ea98_1637297054355&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055016&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=6eb4a75e-2d66-4fb8-aa16-4681e495ea98_1637297054355&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055017&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=6eb4a75e-2d66-4fb8-aa16-4681e495ea98_1637297054355&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 44D0 624 B
396 B 18ms
16ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNUOhLGiJiFj_uHjGaa8IZfhZubCYY7JNVPRqNl7G5hE5hclF5Bf4XyD2cimMJVt8xgVZ9H2abuQJA3b_iSAdQqX3LevvTbz7unblQ3GPCl1BDt2PKBkwXDWRpGl2PKwpoUlG2Y0CcPndW8EZoI3K9hgC5AcDvzs_fhA-VCDtWqGKIzWzjU

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Nov 2021 04:44:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BECD 25 KB
15 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUMvoiOsbS-lOdrTPjMmVd1WJsPiMM8sgkvlmYGmzYi1F6q0z8hsjXnOUt0vxkxU2u5dmglfUd4gzlAqe_aD97cpniQA4S7m_yIce9WngIXQ3LTLS5BsJYMOje0f2JlO_jDeAtIMZtQjXnSHNu1zApDgP0aQ&cry=1&dbm_d=AKAmf-Cxb_7C6QmiGDVZS_dGSEQDy_x_SBy_KdFjtqWvNBREXRU9JZ3TDpiHRurfxJ6qgM1Y2Ta0zkSkYVeAoc9NK0i9T6PBkT_KCFdkjZIg7xsYNPijJc1rG_zTatoDs64xhGLDvTRCQpQPLf_5i5eAka0qNf9NDOinNc8P6qugCqqswMqi2jQu9RWIJRrjBflxLG_tuuedsKC4SVs8YDYiOZ_L6smxxSio2mwAjlXVO7SntKCv2GPSDnU2n5SxpbfXWnwwuon9WLE0gPfopdyCz2WonjAlthPotAho9-_v_T-sqbGC60r6r7A1vNPlqX7kOK0oPZfE6xf0lNyDQ0kTlrzNPKjAJdc_fAWGd_aZ6Is60RppXjmBvw2NLTunReekUyqDfvmmOh-zMmHI6q1cbMmyPegGV6x3EcN5pVQ4if6DfRIN-sILMTh5IyCKTwbIZHg6T5g1F5LRTgD-7R-O19ChjBp8fVztLlv3qz4JM4giRk434KTZaqJI5R9qi1EptmQHmH_wsju4-jdcj-A1PKO2C-UZ35fB2bAIZxsx_FSPIg43gW-ap7hjXEqE8m_Jhj8yMruEs1HEs3_448FwVM41fna8KmgLLXsz7jXw8LVAg1i3RDMq8-K46keRjijxnfO0LrcvK-N18RK8MUgjJi6R7_AMGC_l6RTyg5dv-PA64JRbqUCYToWd3YKuX7rj9QLW7215PuRur8Q3K0Oajuo5QjGB9YjUD5tjpuD2b1sa3B2eDjSyC-7sTJFiMiP92z4PyE71A1UrK0tvn4z3U0BKHLXw__0NeEpMF8FMxqfcPIQeNQOD1i9qW18g_wMqzN-NUGvdB2GLF6J9KMq3LVCENh5e_uESCewFoqzZ5cgIfZM_R7PF04YUIGEI7sM-wc6uzQVKJ9-dncuK0KtPRLdGo3cP18QuAgXmyKXty1ZoJq93IrU2XcnXa8j9YTLHQDl7HLwtpvNPkR7VbJ6QM8pcGYMDOxsjaJiyGR6YRBukDDxm8WPk0kQscLi-G3d4skzcSIYCQZQFLNRzj8QoK_p2r6ViSfwOuDDdxo1y_4y8VvFg1ed0xotarw70oE6ohPNOBfKud1N8wid_wEOmkw4KdnnWV2lcM-8gLqcAFNMIgBgtvaNpk5Fm5uLjuCIWoCYYehDZ0T2oN5Zvhlbu73FM9ZpP-7vboy1NZiHT-ylydW1IzFWfct1ofsbYVzqAid_-GNsxRfYfKgOInqGZNAv8nUhGP2MUOEsdAXvqeuN0n3E0mPy4NEFAq9uRoEcZH3eMB1I269RL2SQ0aUstuUCRyQiGgqKTcMsmMPO0KOyryRem0SjhCMH2886G3Ri02o7jFTZ2WyOL9Q8lnRNLumTMoo7C9NSmnfq_Sv7-QdGm_GS_j5RHFJ6WTHKcnu6ZWAxTv3A4AzNIwZ3GMkTlVYysEpseHT_EDps9ZvfbFvESX8zx5_4NtFol_SecE6lfKWovenaCoxSRg26tYzAwTqMX2S_hVjGjVO0TsiQlyhOu4KsZOgPYPXCIwScjbuwEw7EOdlBPYR904V4zl0TBmMW44yuLxdgc1Df2t_KlIXV8DunBuR4UpBbnz812RxGnnPKQWkvq8-KlvnpxHNEX8h3MFNdbdfSa9umQp-rradIWEjoMPWs_tj4z8--iTACAxlV8Y65wMv2KWcRMF8vnPseL4-AaxRgwz1oxQLpGdIL5_wrZYPw9jF2uYK9Ms6xvihLYsib3Q52PUoCatAdoMFWDGaA2gMemKWD7KTVX69JkRUy34W29ewio_hc7dxLt5AwDO151SqwuntjvHoMc5Ae2TdRmc8c8xtUgQu1Npb_50PtVSnuANvU0hjJMYkU2yqHI_uisvtp1h5Yf-ZwXNFIh_wgiTR9_1DosrlVr0EQEg98EjiYDAdZSn8g_fHaUiupIVm2JkaovCd431vCPdR2HHUwnGJRhiZCKmWlCpsIMDsm4chuMlDEh0nTyreqr6WnnL4J-zJ_CHzAHhOvNiyyFTl-TZqktla1OEbpUFnKVmUFVVF9TVCVFtT8qvsPm7B-Scv1RoYUzj6jOFjDLAOxvDr3gs3Dm45X6oafj7cZKW3MW3fINcAFs_-gvVgK4xA1y42GCkoGWF2o3gVVrG23b0-fp87GajRQXL9c81VwIcoNkF7KG4mFdWe-4HVlSCnwxSfml_WS7tXEhzcm5G2B-ghxuxF8UNz7Vq-Y-BEtWyLOTV7y1FZW2V7r0BvQpGxmdgks9fPSjuNHAa31Pz7EH41tgMillGgLlkTtYIFnOeZkgbf_VqrdfxRZ9JaT1Q2eKAXCtYEwir8lYTcT6r_SWPKHx-p1i5a8oKWduF-CMY8QwhkUjeM_X1QF6SYXHjFPqUReonLHbqqV5vNsLGFdl-yqTrTelP5masi2ypIvq5PzklHe63MscTHVvd1EjkZo6-FZOyI-uZIKMqHZH5LqqQ3IDb1WswgARzTgLpWMo4c6DfNOuEU4dNJ3XlicgHiguPLuj1q19HV-kUeBwubV4BZUVbW-JmTGEcWeaCpk_xkucbN2o-Hckx98dfSA5lX6ptHTyZUrBYk2fM3MaHesBo3Y7sepaKYM_WYxGwzV1AhBJHtzlarwEr05cQMjZM1CgfiI2yZtEQ9nFs3MHzOMEozmYKsZtiHbjjRC0LSVl1wv8tLJUkf9uujqbqNllBPDhR6kFofdG-ssgACPdnreZmC_6Ehme7FpQkYZmo81AgSFS2fnwfpvIa8KkkD7VBlFCu-aUpe7PQ7RpXYI955VIPjMXfwAG3Fm0aVXLQ8PCUyi7Ys5Tiexncy7LbRb4nk3CIGZs_HLaH7B58bN_hurTqXF6aLk5tvJuvzVn_sxTNa7oD2Q_uIGa9zuNIbZ4O1LRgGnUfg3XVbLbLjxH3k9XZ0CLBMDtVs_blCwAo6AU7A-qjhW5SYTWTwIOonu83xiA_oeJYgwVHlsdTb7jX8K87EuM4POwpORe6L16TJg4J_8cDz01yrvzULUWCbDxeKvCgRFga_CasvxuIRp2vpxxSL44GSqRtJ_QJeADTHImLGY1QebIGZi8QtXrZac0m5IPhyjD2n9JIgvGOB5uaWBcHItUIIFFsdfwkGv-on-8b-IskMt3399BbiwOP4RtpmL7voownX5vDebXHs9rK4DFU0Zinif4QvgUN2R0UkaaG0CCptR-FHuG_VdlBB-7FNTOzl0DFlzkNNd90ZzTxqInPMAm55vXOgg75DWpfdHEb7MXQJWUaZbVR7X1rOSxiD83eTNQrdKsMMNdwvkdhUtNrco1hg&cid=CAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cdc0c925eff3ae4dc79f0754869dcba8a4028456d941b7d265e8e0bab410c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BECD 42 B
110 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPQ23rPqfjbDaQH1gT91HYxZsCthe5sCaMPWv03lCp-9dZ2uD7HQ79FdHqPDhil7bQ1IrJFS2VYWdAqpHtnWNNarBmD3mBtXEdJXWLvvwqbayjHp4

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BECD 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:28:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BECD 119 KB
37 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BECD 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:40:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BECD 0
0 14ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdsKkWRBoQ0QNF63ICFAdZlel29KVeAhfppi2OfBwfelhrGg_Jlkj6YOP65qd9hQ-1lE1tdAGeg9ry6gJ32qtUabO18Q
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&C=1

43 B
894 B

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNUOhLGiJiFj_uHjGaa8IZfhZubCYY7JNVPRqNl7G5hE5hclF5Bf4XyD2cimMJVt8xgVZ9H2abuQJA3b_iSAdQqX3LevvTbz7unblQ3GPCl1BDt2PKBkwXDWRpGl2PKwpoUlG2Y0CcPndW8EZoI3K9hgC5AcDvzs_fhA-VCDtWqGKIzWzjU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 04:44:15 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44D0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZcrn8FCv.KTfEfJXf4n9wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&google_hm=2

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNUOhLGiJiFj_uHjGaa8IZfhZubCYY7JNVPRqNl7G5hE5hclF5Bf4XyD2cimMJVt8xgVZ9H2abuQJA3b_iSAdQqX3LevvTbz7unblQ3GPCl1BDt2PKBkwXDWRpGl2PKwpoUlG2Y0CcPndW8EZoI3K9hgC5AcDvzs_fhA-VCDtWqGKIzWzjU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 04:44:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMW0fHb4Ibp5LJ1ydABSCeM&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 44D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVv-fjKQdf7dRnr8NIs83Y&google_cver=1

43 B
1006 B

9ms
9ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOVv-fjKQdf7dRnr8NIs83Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNUOhLGiJiFj_uHjGaa8IZfhZubCYY7JNVPRqNl7G5hE5hclF5Bf4XyD2cimMJVt8xgVZ9H2abuQJA3b_iSAdQqX3LevvTbz7unblQ3GPCl1BDt2PKBkwXDWRpGl2PKwpoUlG2Y0CcPndW8EZoI3K9hgC5AcDvzs_fhA-VCDtWqGKIzWzjU

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c2ed7edf-b19a-41c1-85dd-05b41ed51a73
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOVv-fjKQdf7dRnr8NIs83Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NTI0Mjc0NTEyNTg3MTc2OA%3D%3D

170 B
188 B

24ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NTI0Mjc0NTEyNTg3MTc2OA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9102d343-631c-4898-88ef-36bd8323edef
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NTI0Mjc0NTEyNTg3MTc2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 32ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297055054&oz_l=1447&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame BECD 24 KB
9 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUMvoiOsbS-lOdrTPjMmVd1WJsPiMM8sgkvlmYGmzYi1F6q0z8hsjXnOUt0vxkxU2u5dmglfUd4gzlAqe_aD97cpniQA4S7m_yIce9WngIXQ3LTLS5BsJYMOje0f2JlO_jDeAtIMZtQjXnSHNu1zApDgP0aQ&cry=1&dbm_d=AKAmf-Cxb_7C6QmiGDVZS_dGSEQDy_x_SBy_KdFjtqWvNBREXRU9JZ3TDpiHRurfxJ6qgM1Y2Ta0zkSkYVeAoc9NK0i9T6PBkT_KCFdkjZIg7xsYNPijJc1rG_zTatoDs64xhGLDvTRCQpQPLf_5i5eAka0qNf9NDOinNc8P6qugCqqswMqi2jQu9RWIJRrjBflxLG_tuuedsKC4SVs8YDYiOZ_L6smxxSio2mwAjlXVO7SntKCv2GPSDnU2n5SxpbfXWnwwuon9WLE0gPfopdyCz2WonjAlthPotAho9-_v_T-sqbGC60r6r7A1vNPlqX7kOK0oPZfE6xf0lNyDQ0kTlrzNPKjAJdc_fAWGd_aZ6Is60RppXjmBvw2NLTunReekUyqDfvmmOh-zMmHI6q1cbMmyPegGV6x3EcN5pVQ4if6DfRIN-sILMTh5IyCKTwbIZHg6T5g1F5LRTgD-7R-O19ChjBp8fVztLlv3qz4JM4giRk434KTZaqJI5R9qi1EptmQHmH_wsju4-jdcj-A1PKO2C-UZ35fB2bAIZxsx_FSPIg43gW-ap7hjXEqE8m_Jhj8yMruEs1HEs3_448FwVM41fna8KmgLLXsz7jXw8LVAg1i3RDMq8-K46keRjijxnfO0LrcvK-N18RK8MUgjJi6R7_AMGC_l6RTyg5dv-PA64JRbqUCYToWd3YKuX7rj9QLW7215PuRur8Q3K0Oajuo5QjGB9YjUD5tjpuD2b1sa3B2eDjSyC-7sTJFiMiP92z4PyE71A1UrK0tvn4z3U0BKHLXw__0NeEpMF8FMxqfcPIQeNQOD1i9qW18g_wMqzN-NUGvdB2GLF6J9KMq3LVCENh5e_uESCewFoqzZ5cgIfZM_R7PF04YUIGEI7sM-wc6uzQVKJ9-dncuK0KtPRLdGo3cP18QuAgXmyKXty1ZoJq93IrU2XcnXa8j9YTLHQDl7HLwtpvNPkR7VbJ6QM8pcGYMDOxsjaJiyGR6YRBukDDxm8WPk0kQscLi-G3d4skzcSIYCQZQFLNRzj8QoK_p2r6ViSfwOuDDdxo1y_4y8VvFg1ed0xotarw70oE6ohPNOBfKud1N8wid_wEOmkw4KdnnWV2lcM-8gLqcAFNMIgBgtvaNpk5Fm5uLjuCIWoCYYehDZ0T2oN5Zvhlbu73FM9ZpP-7vboy1NZiHT-ylydW1IzFWfct1ofsbYVzqAid_-GNsxRfYfKgOInqGZNAv8nUhGP2MUOEsdAXvqeuN0n3E0mPy4NEFAq9uRoEcZH3eMB1I269RL2SQ0aUstuUCRyQiGgqKTcMsmMPO0KOyryRem0SjhCMH2886G3Ri02o7jFTZ2WyOL9Q8lnRNLumTMoo7C9NSmnfq_Sv7-QdGm_GS_j5RHFJ6WTHKcnu6ZWAxTv3A4AzNIwZ3GMkTlVYysEpseHT_EDps9ZvfbFvESX8zx5_4NtFol_SecE6lfKWovenaCoxSRg26tYzAwTqMX2S_hVjGjVO0TsiQlyhOu4KsZOgPYPXCIwScjbuwEw7EOdlBPYR904V4zl0TBmMW44yuLxdgc1Df2t_KlIXV8DunBuR4UpBbnz812RxGnnPKQWkvq8-KlvnpxHNEX8h3MFNdbdfSa9umQp-rradIWEjoMPWs_tj4z8--iTACAxlV8Y65wMv2KWcRMF8vnPseL4-AaxRgwz1oxQLpGdIL5_wrZYPw9jF2uYK9Ms6xvihLYsib3Q52PUoCatAdoMFWDGaA2gMemKWD7KTVX69JkRUy34W29ewio_hc7dxLt5AwDO151SqwuntjvHoMc5Ae2TdRmc8c8xtUgQu1Npb_50PtVSnuANvU0hjJMYkU2yqHI_uisvtp1h5Yf-ZwXNFIh_wgiTR9_1DosrlVr0EQEg98EjiYDAdZSn8g_fHaUiupIVm2JkaovCd431vCPdR2HHUwnGJRhiZCKmWlCpsIMDsm4chuMlDEh0nTyreqr6WnnL4J-zJ_CHzAHhOvNiyyFTl-TZqktla1OEbpUFnKVmUFVVF9TVCVFtT8qvsPm7B-Scv1RoYUzj6jOFjDLAOxvDr3gs3Dm45X6oafj7cZKW3MW3fINcAFs_-gvVgK4xA1y42GCkoGWF2o3gVVrG23b0-fp87GajRQXL9c81VwIcoNkF7KG4mFdWe-4HVlSCnwxSfml_WS7tXEhzcm5G2B-ghxuxF8UNz7Vq-Y-BEtWyLOTV7y1FZW2V7r0BvQpGxmdgks9fPSjuNHAa31Pz7EH41tgMillGgLlkTtYIFnOeZkgbf_VqrdfxRZ9JaT1Q2eKAXCtYEwir8lYTcT6r_SWPKHx-p1i5a8oKWduF-CMY8QwhkUjeM_X1QF6SYXHjFPqUReonLHbqqV5vNsLGFdl-yqTrTelP5masi2ypIvq5PzklHe63MscTHVvd1EjkZo6-FZOyI-uZIKMqHZH5LqqQ3IDb1WswgARzTgLpWMo4c6DfNOuEU4dNJ3XlicgHiguPLuj1q19HV-kUeBwubV4BZUVbW-JmTGEcWeaCpk_xkucbN2o-Hckx98dfSA5lX6ptHTyZUrBYk2fM3MaHesBo3Y7sepaKYM_WYxGwzV1AhBJHtzlarwEr05cQMjZM1CgfiI2yZtEQ9nFs3MHzOMEozmYKsZtiHbjjRC0LSVl1wv8tLJUkf9uujqbqNllBPDhR6kFofdG-ssgACPdnreZmC_6Ehme7FpQkYZmo81AgSFS2fnwfpvIa8KkkD7VBlFCu-aUpe7PQ7RpXYI955VIPjMXfwAG3Fm0aVXLQ8PCUyi7Ys5Tiexncy7LbRb4nk3CIGZs_HLaH7B58bN_hurTqXF6aLk5tvJuvzVn_sxTNa7oD2Q_uIGa9zuNIbZ4O1LRgGnUfg3XVbLbLjxH3k9XZ0CLBMDtVs_blCwAo6AU7A-qjhW5SYTWTwIOonu83xiA_oeJYgwVHlsdTb7jX8K87EuM4POwpORe6L16TJg4J_8cDz01yrvzULUWCbDxeKvCgRFga_CasvxuIRp2vpxxSL44GSqRtJ_QJeADTHImLGY1QebIGZi8QtXrZac0m5IPhyjD2n9JIgvGOB5uaWBcHItUIIFFsdfwkGv-on-8b-IskMt3399BbiwOP4RtpmL7voownX5vDebXHs9rK4DFU0Zinif4QvgUN2R0UkaaG0CCptR-FHuG_VdlBB-7FNTOzl0DFlzkNNd90ZzTxqInPMAm55vXOgg75DWpfdHEb7MXQJWUaZbVR7X1rOSxiD83eTNQrdKsMMNdwvkdhUtNrco1hg&cid=CAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:35:22 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BECD 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H2 200 252336382657754 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 72ms
70ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/252336382657754?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

869234019eb34d15b2dbb218719491fefae65f17cf1103eb6355da24783f6dc7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: y8YTBghqGp3aebPSx7mFas6M68Qpi29SB3RbMZhvG2DFvT4SrXH4y5oj0rkMoaUNKvHXv53VK7Vfeg8bz8eewA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 10ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507904799972713&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055089&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=4286f84e-ec8f-43b0-8646-8af5253ffd5b_1637297054356&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055090&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=5&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=2d658e1b-c171-4acd-b5ca-0f572aa9e6c4_1637297054358&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055091&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=2d658e1b-c171-4acd-b5ca-0f572aa9e6c4_1637297054358&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055092&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=2d658e1b-c171-4acd-b5ca-0f572aa9e6c4_1637297054358&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507904799972713&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055092&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=2d658e1b-c171-4acd-b5ca-0f572aa9e6c4_1637297054358&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 27B7 22 KB
8 KB 9ms
5ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 17:49:55 GMT
expires: Thu, 17 Nov 2022 17:49:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 125660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK t43ocmuaiycq Show response
hal9000.redintelligence.net/zone/ Frame BECD 11 KB
4 KB 15ms
3ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/t43ocmuaiycq?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 23a624358b3b67586dc0d1db7c833d6165f11c375364ae9269c9878caac553a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3998
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 container.html Show response
9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F844 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 04:44:14 GMT
expires: Sat, 19 Nov 2022 04:44:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D67 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 04:44:14 GMT
expires: Sat, 19 Nov 2022 04:44:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 pbjs_auction_result Show response
www.postfun.com/events2/topic/ 0
177 B 156ms
155ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_result
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:15 GMT

POST
H2 200 pbjs_auction_result Show response
www.postfun.com/events2/topic/ 0
177 B 158ms
157ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_result
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:15 GMT

POST
H2 200 hive_pbjs_tracking Show response
www.postfun.com/events2/topic/ 0
177 B 150ms
150ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_pbjs_tracking
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
DATA 200
OK truncated Show response
/ Frame 1E6E 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame BECD
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
937 B

62ms
60ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=8961374121731&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 53aeeda58535862cc388c417d279dd056d8d2fb121cd4a7fc0ca2da0f5a805ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 98271100014332300757585011783015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Fri, 19 Nov 2021 04:44:15 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=8961374121731&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 19 Nov 2021 04:44:15 +0100

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 347D 640 B
363 B 19ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Nov 2021 04:44:15 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F844 25 KB
15 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDLGzTmSENelCNUK5va2o3Rhm-Wx6lloF0X2k03WctB6aSWImTtNeGcKrqd4RN7l6jIa44cCpwT9Cf84DFG2oDXY7qTpkHN6vR3QdW1XTjl4VSNXS1ZSI4_uNzB0DW_v_jl7lROOZQ20SDgdtXEwyOTiWyGg&cry=1&dbm_d=AKAmf-BklEvHWnfsg91YhLTDIdTBIxgMO9-WJSJxfKH8QtupRBa9tr1TlQg5rnLzVmAugvIUBknaI-LO_L8_fQARFgbJjU6Uzs4krGTcImyn1awPS3i1ov7AHFoBEORz5BZkM32mOdL0Twi3pnM0IktRU4RW62fpNMkYkO1A24FNtJRKThVO_NzsfrrOIJ77KMOKDa_xZK2wI7kNDRJX8SSaNOc6jjX3uT7PVDzCwQXWUxhTkA_9XpUZPzmZEAJh1XELQPh8IWr9SJ46R7nDAgcbHNC8vb7QWHMMtBbJ-gMkSspDBVyPsdynSoDKjkZTbj3JgJXyYJqGaaThTKMa8bmI-RXgXCjwOfVQRfpR9rqwXoHB7TnXk9my9OhnH2ywIvLr6bXBZsGnWeYFWboky22DI8yLBu2VP4LX18VoIXjPdNyvuR8veGZX-I1oTPsJSHnZfBzsFGVbrzyAg6-gKHTRJ63hVGd-CNr3Uu6lLL5crw2o_hL7CNFLj5i2JpsWAg39yLqxoZU6jSFLgpeSTS95B1rl5frvP7ayi4lctn97WpMwUH1kR87087Uhqkj8fOJDnuJbelOGWjDobIoGqP7B_iG6-lxSRmGvmrgQo9kGbhvN6PvVhJHOZW3fIhRivq4653-Mc8_IRL7Oy-c8UIDsq4h9swnNzh5iBf1yP5SZdWBEo3AYIXm8VGjUqqHu6Smfi4XfSNKKRLp3zcHJNN0jb2K6f8VT24SnAkLUJd3X_yY5saahxi76E9BknuE6Pydq4QzxYcLnSsMQddmGTEYgf1tr9jXOoUMYMCmoAaY6i3G9cbLxYlGl7EPAOCI-pafYqnsN_eSUdzJx5p2sEqhuH79G0GIvplHsmNmJ8GOUv-29s8uE1nYhL9AA3RcovRmp99KtnMYDYDyEGrkXHeVj3aBAmwa0d6L4s66QrkIuIkRpkMsuMEUIMa6Id9SjkRSwL7vt2V5VAffoYOSksaH3dj7j2O77tACML6kbsaFInrjCGEBS1h5ilRmI0Z3mg7is-FvcAvRPwWdWWcdsuK4r2yf7v0EsROu1wTMnIy7zJ2QzaOuDg5mw3DeeEOuNENhef_VBsYgCAMn9RNPNZ6gQWNn6oM3oNCIcI3DHsSWnN_LOzbUQ_h36yloUhmDhY6DQgm2n08T7r0AqbRu7ByNQo915w1B8cF1JA1VhvHGLj1utv8EHq7uhJUg4gJ4tlNAuq069T-n1stzpxhGyaelAYM-w68tRM2BvOZ4q1Fseq3OHwfjN1OZ6xhUg1NK9O6W98MinTe_1C-Wi34eJ5jRYbyyc2MrhgxtoQf4MC90LLTvHj8UODJnZdPtG7gMTZYqAzb2zqdfy4sAdb5VEhsG1vT0IJneT_PiJyYC2Z1EXbMqjOehPB5IyXs36UanSh1oZ3W2kOx22EX-D_n21b9hsOWs-5PS_jNItn_4BOrZUO8ZkbyARwRDF0xCUPiiTrQHEs8qm943ua_hW-5xvl88rMLp1DmSturawPdms-GzZt5kkNVeQvWn5Kj6K7wesgVS77cmaITFfcG2KEXybADCC2C_056VslI5EjHhoM5x0froeW-gEn-d4hHlnHuC6rk88vBRM3jDE8INlXmaeYQexuMlxw-vZBKZWLnVxgsakjl6fF1aDIfUs7kBhbbJY9kvgbhEpX6jC_Xj27giBTw9sfYtpmJ7YBFrACZqSfmMucQWF1uA5WerYUUW3MLCuvudJspLB1eMcJbApF2skfRfeh2YXNmJXWVt5kQJUixAKA_5QhQhItwQYoU_A6sySmddh_pp41iY0F_pSlmpfZjzbs69ctWe4_Dlh9Db-lj4AFQmrNPpnFoqprmOFEhymbaQtO9bW7S0U9-ojb_ROhrPheSwdH_1kSLt3ej2R-QqInPe8-g1nE70e1ooQK3A4xHfNjWS4jNeGWNhcLGQtBhLpqIzLvEIYPj68ZeXdL6hsuu9OakiuEp4pd8mwtE074XSwqVgPI1o7w15DEE7fvyWooBDCCimZrvQS-CKsuKR51ECUMid87KSs560JcUY2Yy26suqxigoL8VTXtwqkSIkoz7XXn3I12ZWuTEHBmKqwHLQluLmH5n1USehG1YR4X78noHamxdE8K4URjDEk8sTa1PoTaZs3Q8iW3CiLmn1aRrG0PE6WjAs_5gqaO0dQ-fQJ2H17mvuffKgiuuU3lkoONmvgn2LK1r0oB-qLzTsP7GFUl9TMNsYkwVnV0KBNi0uRVHVU5XQNGRVyyi3pvcHd2ZAUeGg8Cg80v3DGMDjqwditVkTPzVISuYUvBv1kM400tAP6y_NWuccAL_QVpkgDYFUPXqNNKl-cCpFaBy_N8im0XVQFgaAR8LxEYvM3Axcxg06zIvuhqysKfKUYg-PL5itkmWF-IPtOxxrtMC3e55umtlGjkqSv-kvYs6nwusurPV4PL3H034ciMY1PSqo1SRU0-CAVVl7JA9g8pcK_YcElU5RhCLXMvVrIRfSZm9K4aKPEEhKnyeCqh3pXAIlKvOCtYZwWE7zdniqSmGCslt2fHLIwE37hRkTzShwY7BKqJrTmkx6Nd7OxcBT765qfseB_5Bw_RoyXaFqi6szixUdqggEmhPVzq0am9y1XidehX-LN8zcJQG9QUOBMdvVUbfF5xkRIYDq0ZyoBwSxH0hwosLk7Hd1a__PcDYzCJVW86XBqaeOSuZ0XPxjPCosWuOTr6Yebzu7cUIDxWRon-98WHmqpFOYcOHFw5Pd6mnwp44tJGHKOG2vj7-nBBlm_5xpqtk8GYfj1TeQNvqhzUplB4b4BgdIFKbLa7JKunQ8wdzDMK2HPqV2kAosFBg6hnbz_1a4zAekgh6dsZR64CaKXCmDvYmAuFuQNbKwL46F5_-zCoXDyfEscbN0twK8q5JOcIWNAlOQuWK-WJT4jnhtygdNkRPlfiOtkwybWx6zNwfqKLCzfw6Zct8Tka27_rTWCYEPa71c9FK4TQd9OUon4rAayaoi5kbqi1rF8voPoTwTsGR3c4bp9he4ouR9RMk_AuKUyPBD5jYS02Hra_CLhM2RSt-_7a7gPYO_e3AzC9YmUAH_P_0Wrjp9YveBOQ1pwpcwUc12OXnq_FSYpvPVDAbLzsH1aiSi03vPgVtm99XEUQQ3A_x-thMTJFuEXmU0zCn541Ab_eQxaRdwYhMSJtgBksKqGFqaA0wpsb1CJx--oMWxqjt75j96GOhtOoc8hMQeh5wnu8YQDKlzA8I2cSZfS01ATfaau5XjzydIdo6-0W4cXmdxedZ2LKwO7yfp8keF5d9wMhPIb88RqleYksTxgRFCEx7wG7IDFVKf8xGkQXxNQ&cid=CAASEuRo9L6fGRDZL6w7s2Qfp7poRw&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

612e0335f89be39f8de262510c628bf80ff424f679be8838caa3e3291e4573c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14875
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F844 42 B
107 B 43ms
37ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AR1I3tYRsXAlReQUnKQbjGSyLhJoIcROLju10NxflTVnZVjMiBV_XB-p5_DBSwUjs7h3j4lNVhJa7KcRoy7M_-OlGcR4P5dqKDh4bAhEIO9OdbpT0

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F844 2 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:28:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F844 119 KB
36 KB 319ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F844 15 KB
6 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:40:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F844 0
0 18ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnv6WHVn1o9FINToZog_CzjMwYjlEfxRc5mDRX1qwaIGgzSNggKeEdXa7WQtDZaATTL5-FWfGRxb9fN1MJ1SOf7Hf5Hw
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F4DA 499 B
381 B 22ms
19ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX3HP2-_uc0MoFQ4uDM562wiDqlwwx2U9poFMD8Q_hKEfVALLwzgNnbH625-WEQrDUKCkcv6p0eTHVT-ToldN8C35Gka1aGLrOqG17dK66ib1tpHII9Z-kSdcdxlldLIjuKtb3R6dve7ANqLkEvqwJ4zQmpLaq1zs2fXPgB56QkTygRkIU

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Nov 2021 04:44:15 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D67 25 KB
15 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiQaAapVqMhrcFfR-Fd5s76IIzizRraTDYPtVvYiJRwN-O_8n1phOUnwQjKW-gr1Tybn66hRqWYJdUjQsyUlf7lPFywQlc0t_xJD6rWhUIZX7ju5se6v2AfWkG9WSXBzfV5VuhSUd8fEyce6G8sn1tgmKnnw&cry=1&dbm_d=AKAmf-D0Q0dkq8loeeximucsjQEG0WbigmyOJdUDFaILKNISe0Zss3HV1YEu0fL25YAVah6tg0tD3xfJA3rKYkF-9TH1LuHXW5oHTwYiD5tNqQmNFPt7DeY6OAVzR9xwrElj-YxvWuvY6U-rFtYHfdXn9BppJWLCHvkFcXYWxmpSKBlwO7X4LHwbJUhRYJI2RH2JvawtBzeWFL8pOEGgkNkq3gTr7mBUYdekj0iIeesFirOlkULLhlO2zBJ8BOja2i6V_S7gCTE7TdjTHVOXRM9NkQAU5zInPt4TCQkJyyrstJ7Zupu2fy77opHJjdpaL2OgQwHgYvpu-MDJXQaWZaEVIjVnTHDWCprJvsYm-7I3yROM_BUc21ZXeMnyDvnFltF50AHf9Z_VhNbfbz5aOOCohykdJtV0xVXpHn6zjY2D_Gi7RfKtkPjalAJEPdTvDu_LRzfHgosSqcziHEp8rBHTyW3lRog46dFXeyOHO60kOOmZj_TIO0YzJhtetZelG2UY6BbQZEomQlpj_oCIZpZcG0uHz7bJ47wphWU9mP3bh2cZr95VvORPRbIY98IZJNVHA7SvS6ukLxth2dpD7oUclQYvH6ZysBQ8g6SuQ_n5UdzXqkwP6T2wcMCR3WxodRGDqDUSgDnmTBRQarjfF1ATwAUKLuolalBHV_HoO682bZsh9fwtCc50IF3uLPHdablbOU75a73r_l9Z67SWCbA_IKSrANQY3qsEf2E5CvXpoUWCWW3cBMkjxTds4owPQ4jcXrlktbAdnwtyBUgxpsvdmkHf_MiTbgL7RvC5_eT-5ZtQQtW5m16sQqpncNfQ1OhuNvlfWusfgFLzTT5yMidMVtTTLTC_RIX-S0afFYoPFYTWLVOlm529by4UvxIeBNjhRS9uyogjZLvWL8ZirKAuAQ2GPqUjPxZSFtZbVKGP_s0J8YsssBgH-yjaAfxtb-D8Zg_4_NS59cmNMvi2I-aOW8czGU0IVRx6cMOZdO6VyH5wIj039xeLELeF0LPxZoCzNYv_KO8m9SOp4d89gbQfBD7gdBQV0lVAl5ySW87n3P0AamSDhMuXLp81WrkikE5XEOVxiis0NjV0-Xn-DGQg0v5xm68kbaST315ZTFGhlgldEMY9jVB_4ZT3AtnGXY-i7WWKGSD9Ip9CnIYIlMovJ3QEnhqwjDSo5r-ImLWdra4uCiKNgg3J28iEg6Mbr0BjsIAkD-wLDE_zaCM8HZzoUu5ESrEbvVl254uUQThdi8GBS5rKc0E9IqFL4C-9H2j6OuULE1_pBWf5zykYxFGI8URaaPKKW9fW2TB318F_vybOAQQN8Z7MBAQZ-CByb8hwhwYp010KmExgv1vejdjj_iO2zubCh3uR8MUs_V0WKEhZu7vn6XTOmCLeVNNI2WN4JNYCCozmowagr1YMSjI-FcFy6kv4lwAoBJ8KVyjnubO4W2TjSgQumqZ0ErKlPRulVVwcxaYmQR8zIe3q2XijCXeqZedMHhTajUyrlbd1rkOkxqbgxZGiaBY_wvSeOLPEsF8HWe9_bMfd7FCdnibjNYSPitk5x6TZOjMytu3eg3LshyW0RM6ph6bDeWsUvHvKd4lq74GCyyX0Q0CPLf15JSw9fMcBIJ_azlckQQzQQBDRiT877d1Yd-OgFWAW_z3UqZtY_uSKD2NbhsLFuuB1WAUJYABKPDpoqKV6kkxcq9FBTqM5Cc2034y_aS3tYShONkCSZ0adA-jKIotBypl5XjQY8HZilLiSL8q8-2Fmk6y3zxaqgrpZsHjHKKiC8gNhDXxSGFynaZyoDb5Ejo09SiONyxrWWN4rOZgfZ7XTOKT4vscapGQ24bOA9r0HbUEQPBK15T1rvYixHI6Hwpu0pNSdJpDobIwffE3AAOOprLznB6QzmxvxjjwTWmDdyW6c7loC63ZUK03068ySFLm3Gk8FpTrgEO4C4rijislVrvZr5taAoQhC1CvDj8IGB0AN05O_L8qqkn-UKaxKeHR6A3CpCJpDteLi24RovZ-NFAQCEzN_40rdmoPleRbxMrj4MNM7M3HhJr55v3aswkNarcIdJ_-JYFjIaZiHAtifjJoqaXtNFXKNDju57a4igXxxihHq4O_lXUDY-Z9_DFhL_2MOKF6BFDlbqpM53d_DCbz9sJjvyNpmJWruWk7HGvD-vlMOyB0cG176xaHVK3LzeUDhwhELMai8hOQP41Rgj6qOChJ-JDwr8RoLOI0gS60SM8kmd3egbeMDbSEH3eExUQWqUXaJLNLpuZtHHD09r_D1N8XGKZvpJEwe0J2G5pQvGZoMDIeiqqUIhlrXeiWIjWBY2AvDh5VEA1TR1TXNGB04dEr9YYPJKgBOOsfaQBNVWZ6VmZAQ6w1IzAaogwJ0zH8oUZfiZlSYdiSgshttZ9UFtF4nAjQBc4krnplTPg_pS5Dgt2elA9HQ03WcTkI9bXhMO1OREhKMpjet091w1LvWddFrbeVr_x9kAVcpAIo8_OmxAYykMvLq7uPY5_8Q1Tqr9cb384OCKWryeuK2FX__ETyC-hQbtDAV0JqZx_kfc3p2IAhF52sPBtS_0o_H_mdP1Jx-lWfwBDzJYgowxc-X-wl7R4Z4EWmejQ2arTdosmzNzBDRvobcTzLPz6PzqrnPiOkJUzO3tIPvh0dKnztBQWOkXvmWDXGtR1gTMG9OV4WNylDj4P5jciogXnI9BPd5w2Xl-zXptP1EsnIMkj9DEDS1HIjhYyoIXUNS0AgwPcMG76MP7JFkn8TYjaYrG4Iz2I3VuliMXutI9AEi5aFZeW15ifqCTJ74bvfXjb7yIO7FfuYC1EvpwTEYGbIjJG4lUqpyng0USNyegyhtRLS8RUtNyFVgzrWrVULQ8i3u24Pd6xHoZmh3Dontu7W8YasFsk1P9AlcK9MiVoSTx_t4Ohrk2A2RTQU11EAg-2eoq-NkO9LHdq-D7mJsKqav8clKPXRxIVqWygZngad92yZlGy9gJZ3F2szfBOWnGpFh5fou5GbniRBGhXtHJSfrsM6xqeR_EGFm-1aXsgx7JLUWVPUfD7du3kc11LGpLbQFG_mVYrYsoLQ1YcSSCJWvDotbG4hkO9WQ-pnV93bF_Wnz5xXuwIBsEx7ofO3gQx5OXNr9iZVEI5cZTIk-PfHxMtTt9ATW0u7lfLGXx3-OEWuNlKuD05YNctHSOq1WJJxttCi6H16v1emmpn0W9tbX22ZKjh7lycrn_kkyAqy0iqnAIIxQTfyRqufjKhjqB6MntqoheUmsxTx236bgBWvUFJkUwDuChdA-GCnQRo3Kj-7YIumYhwYAlUGRKTKkNCvrn3396_yMDOOobay07guelTuayqVTZg&cid=CAASEuRo0SfLK_rXMFgw5bqbcI3D1A&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ac4f93796434d67b6d3ba26ece7a57044825e4aa12808e9949820399a62e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14810
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D67 42 B
107 B 44ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8YOIFfnhfQ8Q5nqKqY01gcLf2czHKa8ryzUkErtJ_iNIjFbm1sb_H45DI248Ys1cDyKhZx3_BWbUhCQ5jIGMstEmD9ye_-PNfRJXdEqvRBCH7m1k

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D67 2 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:28:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D67 119 KB
36 KB 322ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D67 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:40:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0D67 0
0 18ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQX-lyzcWQRwAAC05tEDmIMzGxauTR3sUOReE04Mmdtnlu3qZAcyWbojbEYQa_4nnHgq1psk8c4UGGtla8wuIGxOrSPoA
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 27B7 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 12:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 12:28:30 GMT

GET
H2 200 2861483040748117 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 52ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2861483040748117?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0924e6ae85bbf093056ea4960d428569c4228385e29cb0bbda7028439050561e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ASMJLGNBWpDuP3poMdGaV8tZuBBUhwjxxJf83xEtb7J/MrKYp2KNsB6pYieN5DFwBUOsXkPIEN4/GMi1lhVKiQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 04:44:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252336382657754&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055187&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=9bbc031f-abe3-4f2f-be94-ca1abd07426d_1637297054360&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 347D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1

43 B
114 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 347D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRhODY5YmEtYzJlMi0yZTQ4LWU5NTQtYjQ0MTQ2MTZhOTUx

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRhODY5YmEtYzJlMi0yZTQ4LWU5NTQtYjQ0MTQ2MTZhOTUx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRhODY5YmEtYzJlMi0yZTQ4LWU5NTQtYjQ0MTQ2MTZhOTUx
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 347D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOCYNzQJ8MTObvQJrwAJ2Nk&google_cver=1

23 B
172 B

51ms
34ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOCYNzQJ8MTObvQJrwAJ2Nk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOCYNzQJ8MTObvQJrwAJ2Nk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 347D 23 B
172 B 74ms
31ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUJrDNl3uxs7R4wTXztMSVuDJDtgqLVYw0JApRN3qdDcoHBdP3TPQX_hSA4HtNcL4eNoHdLOzH4YAq8Tfi5tgw7TfX2819J_CxZB5a4vAW4-wV7mGGII6EwcJ9o9GLaYzkZA-6IqOdJwv54GNSxixqb62dG5w1JAwAyABxEh22j7C1XxSg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 19 Nov 2021 04:44:15 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F844 24 KB
9 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDLGzTmSENelCNUK5va2o3Rhm-Wx6lloF0X2k03WctB6aSWImTtNeGcKrqd4RN7l6jIa44cCpwT9Cf84DFG2oDXY7qTpkHN6vR3QdW1XTjl4VSNXS1ZSI4_uNzB0DW_v_jl7lROOZQ20SDgdtXEwyOTiWyGg&cry=1&dbm_d=AKAmf-BklEvHWnfsg91YhLTDIdTBIxgMO9-WJSJxfKH8QtupRBa9tr1TlQg5rnLzVmAugvIUBknaI-LO_L8_fQARFgbJjU6Uzs4krGTcImyn1awPS3i1ov7AHFoBEORz5BZkM32mOdL0Twi3pnM0IktRU4RW62fpNMkYkO1A24FNtJRKThVO_NzsfrrOIJ77KMOKDa_xZK2wI7kNDRJX8SSaNOc6jjX3uT7PVDzCwQXWUxhTkA_9XpUZPzmZEAJh1XELQPh8IWr9SJ46R7nDAgcbHNC8vb7QWHMMtBbJ-gMkSspDBVyPsdynSoDKjkZTbj3JgJXyYJqGaaThTKMa8bmI-RXgXCjwOfVQRfpR9rqwXoHB7TnXk9my9OhnH2ywIvLr6bXBZsGnWeYFWboky22DI8yLBu2VP4LX18VoIXjPdNyvuR8veGZX-I1oTPsJSHnZfBzsFGVbrzyAg6-gKHTRJ63hVGd-CNr3Uu6lLL5crw2o_hL7CNFLj5i2JpsWAg39yLqxoZU6jSFLgpeSTS95B1rl5frvP7ayi4lctn97WpMwUH1kR87087Uhqkj8fOJDnuJbelOGWjDobIoGqP7B_iG6-lxSRmGvmrgQo9kGbhvN6PvVhJHOZW3fIhRivq4653-Mc8_IRL7Oy-c8UIDsq4h9swnNzh5iBf1yP5SZdWBEo3AYIXm8VGjUqqHu6Smfi4XfSNKKRLp3zcHJNN0jb2K6f8VT24SnAkLUJd3X_yY5saahxi76E9BknuE6Pydq4QzxYcLnSsMQddmGTEYgf1tr9jXOoUMYMCmoAaY6i3G9cbLxYlGl7EPAOCI-pafYqnsN_eSUdzJx5p2sEqhuH79G0GIvplHsmNmJ8GOUv-29s8uE1nYhL9AA3RcovRmp99KtnMYDYDyEGrkXHeVj3aBAmwa0d6L4s66QrkIuIkRpkMsuMEUIMa6Id9SjkRSwL7vt2V5VAffoYOSksaH3dj7j2O77tACML6kbsaFInrjCGEBS1h5ilRmI0Z3mg7is-FvcAvRPwWdWWcdsuK4r2yf7v0EsROu1wTMnIy7zJ2QzaOuDg5mw3DeeEOuNENhef_VBsYgCAMn9RNPNZ6gQWNn6oM3oNCIcI3DHsSWnN_LOzbUQ_h36yloUhmDhY6DQgm2n08T7r0AqbRu7ByNQo915w1B8cF1JA1VhvHGLj1utv8EHq7uhJUg4gJ4tlNAuq069T-n1stzpxhGyaelAYM-w68tRM2BvOZ4q1Fseq3OHwfjN1OZ6xhUg1NK9O6W98MinTe_1C-Wi34eJ5jRYbyyc2MrhgxtoQf4MC90LLTvHj8UODJnZdPtG7gMTZYqAzb2zqdfy4sAdb5VEhsG1vT0IJneT_PiJyYC2Z1EXbMqjOehPB5IyXs36UanSh1oZ3W2kOx22EX-D_n21b9hsOWs-5PS_jNItn_4BOrZUO8ZkbyARwRDF0xCUPiiTrQHEs8qm943ua_hW-5xvl88rMLp1DmSturawPdms-GzZt5kkNVeQvWn5Kj6K7wesgVS77cmaITFfcG2KEXybADCC2C_056VslI5EjHhoM5x0froeW-gEn-d4hHlnHuC6rk88vBRM3jDE8INlXmaeYQexuMlxw-vZBKZWLnVxgsakjl6fF1aDIfUs7kBhbbJY9kvgbhEpX6jC_Xj27giBTw9sfYtpmJ7YBFrACZqSfmMucQWF1uA5WerYUUW3MLCuvudJspLB1eMcJbApF2skfRfeh2YXNmJXWVt5kQJUixAKA_5QhQhItwQYoU_A6sySmddh_pp41iY0F_pSlmpfZjzbs69ctWe4_Dlh9Db-lj4AFQmrNPpnFoqprmOFEhymbaQtO9bW7S0U9-ojb_ROhrPheSwdH_1kSLt3ej2R-QqInPe8-g1nE70e1ooQK3A4xHfNjWS4jNeGWNhcLGQtBhLpqIzLvEIYPj68ZeXdL6hsuu9OakiuEp4pd8mwtE074XSwqVgPI1o7w15DEE7fvyWooBDCCimZrvQS-CKsuKR51ECUMid87KSs560JcUY2Yy26suqxigoL8VTXtwqkSIkoz7XXn3I12ZWuTEHBmKqwHLQluLmH5n1USehG1YR4X78noHamxdE8K4URjDEk8sTa1PoTaZs3Q8iW3CiLmn1aRrG0PE6WjAs_5gqaO0dQ-fQJ2H17mvuffKgiuuU3lkoONmvgn2LK1r0oB-qLzTsP7GFUl9TMNsYkwVnV0KBNi0uRVHVU5XQNGRVyyi3pvcHd2ZAUeGg8Cg80v3DGMDjqwditVkTPzVISuYUvBv1kM400tAP6y_NWuccAL_QVpkgDYFUPXqNNKl-cCpFaBy_N8im0XVQFgaAR8LxEYvM3Axcxg06zIvuhqysKfKUYg-PL5itkmWF-IPtOxxrtMC3e55umtlGjkqSv-kvYs6nwusurPV4PL3H034ciMY1PSqo1SRU0-CAVVl7JA9g8pcK_YcElU5RhCLXMvVrIRfSZm9K4aKPEEhKnyeCqh3pXAIlKvOCtYZwWE7zdniqSmGCslt2fHLIwE37hRkTzShwY7BKqJrTmkx6Nd7OxcBT765qfseB_5Bw_RoyXaFqi6szixUdqggEmhPVzq0am9y1XidehX-LN8zcJQG9QUOBMdvVUbfF5xkRIYDq0ZyoBwSxH0hwosLk7Hd1a__PcDYzCJVW86XBqaeOSuZ0XPxjPCosWuOTr6Yebzu7cUIDxWRon-98WHmqpFOYcOHFw5Pd6mnwp44tJGHKOG2vj7-nBBlm_5xpqtk8GYfj1TeQNvqhzUplB4b4BgdIFKbLa7JKunQ8wdzDMK2HPqV2kAosFBg6hnbz_1a4zAekgh6dsZR64CaKXCmDvYmAuFuQNbKwL46F5_-zCoXDyfEscbN0twK8q5JOcIWNAlOQuWK-WJT4jnhtygdNkRPlfiOtkwybWx6zNwfqKLCzfw6Zct8Tka27_rTWCYEPa71c9FK4TQd9OUon4rAayaoi5kbqi1rF8voPoTwTsGR3c4bp9he4ouR9RMk_AuKUyPBD5jYS02Hra_CLhM2RSt-_7a7gPYO_e3AzC9YmUAH_P_0Wrjp9YveBOQ1pwpcwUc12OXnq_FSYpvPVDAbLzsH1aiSi03vPgVtm99XEUQQ3A_x-thMTJFuEXmU0zCn541Ab_eQxaRdwYhMSJtgBksKqGFqaA0wpsb1CJx--oMWxqjt75j96GOhtOoc8hMQeh5wnu8YQDKlzA8I2cSZfS01ATfaau5XjzydIdo6-0W4cXmdxedZ2LKwO7yfp8keF5d9wMhPIb88RqleYksTxgRFCEx7wG7IDFVKf8xGkQXxNQ&cid=CAASEuRo9L6fGRDZL6w7s2Qfp7poRw&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:35:22 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F844 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0D67 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiQaAapVqMhrcFfR-Fd5s76IIzizRraTDYPtVvYiJRwN-O_8n1phOUnwQjKW-gr1Tybn66hRqWYJdUjQsyUlf7lPFywQlc0t_xJD6rWhUIZX7ju5se6v2AfWkG9WSXBzfV5VuhSUd8fEyce6G8sn1tgmKnnw&cry=1&dbm_d=AKAmf-D0Q0dkq8loeeximucsjQEG0WbigmyOJdUDFaILKNISe0Zss3HV1YEu0fL25YAVah6tg0tD3xfJA3rKYkF-9TH1LuHXW5oHTwYiD5tNqQmNFPt7DeY6OAVzR9xwrElj-YxvWuvY6U-rFtYHfdXn9BppJWLCHvkFcXYWxmpSKBlwO7X4LHwbJUhRYJI2RH2JvawtBzeWFL8pOEGgkNkq3gTr7mBUYdekj0iIeesFirOlkULLhlO2zBJ8BOja2i6V_S7gCTE7TdjTHVOXRM9NkQAU5zInPt4TCQkJyyrstJ7Zupu2fy77opHJjdpaL2OgQwHgYvpu-MDJXQaWZaEVIjVnTHDWCprJvsYm-7I3yROM_BUc21ZXeMnyDvnFltF50AHf9Z_VhNbfbz5aOOCohykdJtV0xVXpHn6zjY2D_Gi7RfKtkPjalAJEPdTvDu_LRzfHgosSqcziHEp8rBHTyW3lRog46dFXeyOHO60kOOmZj_TIO0YzJhtetZelG2UY6BbQZEomQlpj_oCIZpZcG0uHz7bJ47wphWU9mP3bh2cZr95VvORPRbIY98IZJNVHA7SvS6ukLxth2dpD7oUclQYvH6ZysBQ8g6SuQ_n5UdzXqkwP6T2wcMCR3WxodRGDqDUSgDnmTBRQarjfF1ATwAUKLuolalBHV_HoO682bZsh9fwtCc50IF3uLPHdablbOU75a73r_l9Z67SWCbA_IKSrANQY3qsEf2E5CvXpoUWCWW3cBMkjxTds4owPQ4jcXrlktbAdnwtyBUgxpsvdmkHf_MiTbgL7RvC5_eT-5ZtQQtW5m16sQqpncNfQ1OhuNvlfWusfgFLzTT5yMidMVtTTLTC_RIX-S0afFYoPFYTWLVOlm529by4UvxIeBNjhRS9uyogjZLvWL8ZirKAuAQ2GPqUjPxZSFtZbVKGP_s0J8YsssBgH-yjaAfxtb-D8Zg_4_NS59cmNMvi2I-aOW8czGU0IVRx6cMOZdO6VyH5wIj039xeLELeF0LPxZoCzNYv_KO8m9SOp4d89gbQfBD7gdBQV0lVAl5ySW87n3P0AamSDhMuXLp81WrkikE5XEOVxiis0NjV0-Xn-DGQg0v5xm68kbaST315ZTFGhlgldEMY9jVB_4ZT3AtnGXY-i7WWKGSD9Ip9CnIYIlMovJ3QEnhqwjDSo5r-ImLWdra4uCiKNgg3J28iEg6Mbr0BjsIAkD-wLDE_zaCM8HZzoUu5ESrEbvVl254uUQThdi8GBS5rKc0E9IqFL4C-9H2j6OuULE1_pBWf5zykYxFGI8URaaPKKW9fW2TB318F_vybOAQQN8Z7MBAQZ-CByb8hwhwYp010KmExgv1vejdjj_iO2zubCh3uR8MUs_V0WKEhZu7vn6XTOmCLeVNNI2WN4JNYCCozmowagr1YMSjI-FcFy6kv4lwAoBJ8KVyjnubO4W2TjSgQumqZ0ErKlPRulVVwcxaYmQR8zIe3q2XijCXeqZedMHhTajUyrlbd1rkOkxqbgxZGiaBY_wvSeOLPEsF8HWe9_bMfd7FCdnibjNYSPitk5x6TZOjMytu3eg3LshyW0RM6ph6bDeWsUvHvKd4lq74GCyyX0Q0CPLf15JSw9fMcBIJ_azlckQQzQQBDRiT877d1Yd-OgFWAW_z3UqZtY_uSKD2NbhsLFuuB1WAUJYABKPDpoqKV6kkxcq9FBTqM5Cc2034y_aS3tYShONkCSZ0adA-jKIotBypl5XjQY8HZilLiSL8q8-2Fmk6y3zxaqgrpZsHjHKKiC8gNhDXxSGFynaZyoDb5Ejo09SiONyxrWWN4rOZgfZ7XTOKT4vscapGQ24bOA9r0HbUEQPBK15T1rvYixHI6Hwpu0pNSdJpDobIwffE3AAOOprLznB6QzmxvxjjwTWmDdyW6c7loC63ZUK03068ySFLm3Gk8FpTrgEO4C4rijislVrvZr5taAoQhC1CvDj8IGB0AN05O_L8qqkn-UKaxKeHR6A3CpCJpDteLi24RovZ-NFAQCEzN_40rdmoPleRbxMrj4MNM7M3HhJr55v3aswkNarcIdJ_-JYFjIaZiHAtifjJoqaXtNFXKNDju57a4igXxxihHq4O_lXUDY-Z9_DFhL_2MOKF6BFDlbqpM53d_DCbz9sJjvyNpmJWruWk7HGvD-vlMOyB0cG176xaHVK3LzeUDhwhELMai8hOQP41Rgj6qOChJ-JDwr8RoLOI0gS60SM8kmd3egbeMDbSEH3eExUQWqUXaJLNLpuZtHHD09r_D1N8XGKZvpJEwe0J2G5pQvGZoMDIeiqqUIhlrXeiWIjWBY2AvDh5VEA1TR1TXNGB04dEr9YYPJKgBOOsfaQBNVWZ6VmZAQ6w1IzAaogwJ0zH8oUZfiZlSYdiSgshttZ9UFtF4nAjQBc4krnplTPg_pS5Dgt2elA9HQ03WcTkI9bXhMO1OREhKMpjet091w1LvWddFrbeVr_x9kAVcpAIo8_OmxAYykMvLq7uPY5_8Q1Tqr9cb384OCKWryeuK2FX__ETyC-hQbtDAV0JqZx_kfc3p2IAhF52sPBtS_0o_H_mdP1Jx-lWfwBDzJYgowxc-X-wl7R4Z4EWmejQ2arTdosmzNzBDRvobcTzLPz6PzqrnPiOkJUzO3tIPvh0dKnztBQWOkXvmWDXGtR1gTMG9OV4WNylDj4P5jciogXnI9BPd5w2Xl-zXptP1EsnIMkj9DEDS1HIjhYyoIXUNS0AgwPcMG76MP7JFkn8TYjaYrG4Iz2I3VuliMXutI9AEi5aFZeW15ifqCTJ74bvfXjb7yIO7FfuYC1EvpwTEYGbIjJG4lUqpyng0USNyegyhtRLS8RUtNyFVgzrWrVULQ8i3u24Pd6xHoZmh3Dontu7W8YasFsk1P9AlcK9MiVoSTx_t4Ohrk2A2RTQU11EAg-2eoq-NkO9LHdq-D7mJsKqav8clKPXRxIVqWygZngad92yZlGy9gJZ3F2szfBOWnGpFh5fou5GbniRBGhXtHJSfrsM6xqeR_EGFm-1aXsgx7JLUWVPUfD7du3kc11LGpLbQFG_mVYrYsoLQ1YcSSCJWvDotbG4hkO9WQ-pnV93bF_Wnz5xXuwIBsEx7ofO3gQx5OXNr9iZVEI5cZTIk-PfHxMtTt9ATW0u7lfLGXx3-OEWuNlKuD05YNctHSOq1WJJxttCi6H16v1emmpn0W9tbX22ZKjh7lycrn_kkyAqy0iqnAIIxQTfyRqufjKhjqB6MntqoheUmsxTx236bgBWvUFJkUwDuChdA-GCnQRo3Kj-7YIumYhwYAlUGRKTKkNCvrn3396_yMDOOobay07guelTuayqVTZg&cid=CAASEuRo0SfLK_rXMFgw5bqbcI3D1A&rfl=1%2Chttps%253A%252F%252Fwww.postfun.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 04:35:22 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D67 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F4DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1&__user_check__=1&sync_id=59418f0b-48f3-11ec-9099-14f0ef8b0106

43 B
548 B

22ms
22ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1&__user_check__=1&sync_id=59418f0b-48f3-11ec-9099-14f0ef8b0106
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX3HP2-_uc0MoFQ4uDM562wiDqlwwx2U9poFMD8Q_hKEfVALLwzgNnbH625-WEQrDUKCkcv6p0eTHVT-ToldN8C35Gka1aGLrOqG17dK66ib1tpHII9Z-kSdcdxlldLIjuKtb3R6dve7ANqLkEvqwJ4zQmpLaq1zs2fXPgB56QkTygRkIU
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 16
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESELeF3ILA_3Vm_Y_NpJqE16o&google_cver=1&__user_check__=1&sync_id=59418f0b-48f3-11ec-9099-14f0ef8b0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 101
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4DA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTk0MThlYmYtNDhmMy0xMWVjLTkwOTktMTRmMGVmOGIwMTA2

170 B
188 B

15ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTk0MThlYmYtNDhmMy0xMWVjLTkwOTktMTRmMGVmOGIwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX3HP2-_uc0MoFQ4uDM562wiDqlwwx2U9poFMD8Q_hKEfVALLwzgNnbH625-WEQrDUKCkcv6p0eTHVT-ToldN8C35Gka1aGLrOqG17dK66ib1tpHII9Z-kSdcdxlldLIjuKtb3R6dve7ANqLkEvqwJ4zQmpLaq1zs2fXPgB56QkTygRkIU

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTk0MThlYmYtNDhmMy0xMWVjLTkwOTktMTRmMGVmOGIwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame F4DA 0
298 B 13ms
7ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame F844 11 KB
4 KB 5ms
2ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j2mniuXYey9NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIMCT9BX2oQBVHPn6_s6AXb6kthAJ6rq6aPe0DNsrk4r28kmdb5Lbt0UUaRqvUcEzhN2PFjaPvHY21WttI39iIZKCeJ1zRpiO4Yc4PC8qqomVY1HHDYr0dTQTTEdfQ_pHcdmAjMNmEorli-1iZ_bVKZzvgrP5GPZD2vIULF-OHOHet68pDYKKN9B5D-r8ekj86YRMg2Xoab2DxJbN9ifPxXGfX0lAXKYxprk72s1jIXyngaZEhiqLCK4RaTJOecMOeTPG8WmRyTfApoCM2ZBWSCZMFq7s6vOJ0HGt98jcxRre6f-jLJUX44E8yl_Xi717LzJnAt4M8yo1G4yjjeQN5lQoodk1MAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo9L6fGRDZL6w7s2Qfp7poRw%26sig%3DAOD64_39_YWknsO31eUWQCVK4TXrYTGSUw%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B8DGsg3Kp5gIswbSi5tlvNu4-Yyq_AxmqDlTBYk1qeFV2N2VPw8XYAQ0p-opztsOls0bcJlyCYgzmmuAEd2ko3SRmK20D_gQtEJqaQiwdjonQI2XC4wJsGHaGTp9md4Cx-6SWxJ9Ji0w2lt3waVgwc-4Eepw%26cry%3D1%26dbm_d%3DAKAmf-CE-0kNGJ_KzF9Od9nC1ceP5mtFDKTkahfsj6_epW_v_lAoCGe6UNWHIoPTS_Zg2Q5yMvM45CQsAX03k0WNeluRtBY--GD6XT6TXpkNuk-WxJ_ke8PWbx7NHMvIJhkOiv6tXzdEggzQbSfveAmoYd_cUKLXq-TM7nlxZz0lZ3zP1AuUgZzn1_uNUiKLDWYrLhYcm9N9WxNzpo89yuQMuhBVpOozGNvY85sV6dnne9D_ad4e9QO4oc-95VH7h4QZzG-8dakKVVJJwC9LTATGVqOD50mv20y-gJCDvVShzOCxokxsgUFrIl4dALz1pOvVgZjhK2s1dHY4379P1voRrfNhl6x5q_xOY3QbtVZXKxRm8vh2uEqvYppZTQVN70G51YjW4pmsjmIiz9LdU3K5cfJUEIVMXxvc8AhEUnO40hUiR-P3a0Wg-Xd6PQoSMreL8JN99sS-vtlep_mH-kHAlYa-VosGIuddHgZKwC1NPvXS_2uty7RiXm1APYWZmgaB10PdVQWTsn8qyafsExPrW7Gyg439Uw%26adurl%3D
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a66427f8bfa07e3346dc98a6e75aaec903f79449ecb641b32498214b87b53bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3989
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0016 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 17:49:55 GMT
expires: Thu, 17 Nov 2022 17:49:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 125660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A4F5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 17 Nov 2021 17:49:55 GMT
expires: Thu, 17 Nov 2022 17:49:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 125660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 39ms
39ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297055250&oz_l=10851&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 0D67 11 KB
4 KB 6ms
2ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUTZLniuXYe29NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIYCT9BgVB_EZEjD7WSeZYEHkoUQSasMGpFD6X3pjvKGB_BcnOaZp4S0US37AR2NzRWL4p35c3sLJJ8OEunQbm0b3N894RUaCFysBtVTjaa-7hF6aheY57qM7xtQqThYzcld_DimgCLR5uEcQblAU89n5-Uau_WPcjqGfg9_EKxeyslyt1s8GQv3m7OeUkwOM9_dGC9atNEL2mDOzln6cTh38XFuC9FfiFM30eT3sxjNaLOhgh8MYYrOIwGS3We4_NBAsFqicIMJd1FZTUTFneLbh0HPZMRZlQ1OfOVBvRG9isgPdI7h59oxNfWmQWo-lYIuiMvTGfrzNUaIuVw841qDzm-te1RlZsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0SfLK_rXMFgw5bqbcI3D1A%26sig%3DAOD64_0A_vPvNIZQdW9iFS3-00l2dLzGtA%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B3TTQ9ertDUA2g36PqJ691ryqg-JLkqrm4_HUQ871ZaG8arAkiwCT9g3jHL5eKvJBX9q6wI4vcoRJnGlLbrGyUyirqgnUB-8Y4nv6NAaq5ENivk1aF0T2aWC22uBSV4mQkDXgNTg_GEqe6jJZ0XLH088fhmg%26cry%3D1%26dbm_d%3DAKAmf-D718I8_VjUUaQbnEKTFfzaFRIYSzXhKZkJrSjUvG8aw4gt4OCXwvL3Z_mcpHhdx_au9tI6kqn-aTR2mpIQEAyJLj7ftKKW5_iSMURAoI95UDv32MRsp89IxA2Nh2ZZxUD2GbGO-admeAhvABa6fHW67e1PGucBhOTHPv8YLi021sUg08es7EspX5FgY0LweNdLO48ntVh12ig_o4luszytuYeGktoIodyEYfaQBxzMlgKx0xCrP59lgKOX4yUuGOW9ymxMjR911Ea38tRn_rf4cq9UOhcArS35GGwDmiVbznSinUUbiwt_RgBd8Ev6dkrj1dkRcXoa0I1bbegNhe0PxL0tE5sHxgpZHzdCJTYRLSqIJM82A0rFy28VUXFHnSd7sT849aEZnqV70q0lQWoce8_I8D9IOrhKc9h1ITTGFOmmt2KpkQboqMNczeoJeYgHU_2Hq_DmQLs6zkcFhGl5YWrvv5s_hJSVdl0VSKf66CUPgfTBJ_Q2wRTbyxsLszEvglxZ9FkuweNaTdXmKTtrq63h1A%26adurl%3D
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 499d4dc834b725dcb9f69862927509d66251873f4ceeff9a6e838bb2fa1c8a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3991
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2861483040748117&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055275&sw=1600&sh=1200&ud[external_id]=017dbab30c5c756d14649bd7588729e5e3075737a0a4b74ab2fb605f135d757d&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&eid=cba51732-2364-4795-a84e-7c90286aa73f_1637297054361&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 8FC1 5 KB
2 KB 4ms
2ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=32051cfe56&subid=&uid=9259b642394923c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdVsNniuXYeyNGtjz3wO1oxzdreioYKjct8e5CvAuEAEg7dCSNGCVmqCCsAfIAQmpAv35swczEbM-qAMBqgSIAk_QAly3Y46HfNC6ajW2ehaPnv4qaK4J-_VmIdnXcTh3v3I0Gn-roDx2WAI8CvIenMuR_cI0VYjz-liHxM2qk93rJZAFyHVljjEav5B_yKGZuam0uoNMkRPV1WWaCy08tFhfjHL9xXaDyr3KotKX6zvbfFcmnn0VAPUKV4BnmAxC2ByHXl4evJNmJeloxfD0BYolwBa4bYsceTlmziYqLBPmPM4-U3RocJ16dd_9uLKIcJt6AgzcQG50XHnu0sUOi8q922iASuPzzxeCqkdVibRXo1-MbSS3YLbtqXFACnV0hhAWUHKkN2iyCo1kx-RdEiT5sqnhZFlsl_QIX1hsilAiJPrI8_MqVMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOe5ewM0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoH4pNaBnWxd-oPgqSsou03JaFmg%26sig%3DAOD64_1QULGIfILaMOh6FGc7wdBBe-Pu9Q%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-CnYImErErP8Pe8vIlv57qGoC__blyM0s3bez9ktOIEyOhB3czpbLijjL2-KyhqL7m05fDdIdNxmPb4PVKSH9n0C3t7WgME4WXshRi8RQpU8Bz-zMbxbhf9b-Q2mO7qVZZoFyGlkvgTjgnwyQ3WDmXNUYr3sw%26cry%3D1%26dbm_d%3DAKAmf-BIxYquUdDoPtQDi1QfuV3ELz3RxLa8FcgpigXspl5uPHv4Y-B1NluS-07zr2Dsb3xcvjXvAL234Hc5PxHGGdYAI85eUrFVrEEXx6w38so8RPC49X0mHJ5W99_M82GVkcShUmCI76jUhxARyCZtJNkss4MzZ1GcyDr95x-2fZRGIiJK9nLa-Uw8enxNBBlU2xF_Wra40lfmh5PVNaaWqspcDagTOTu8NlxHnIhdYuglbK1JJoZt9mMRaJuF632rOJRfVmrABzLg1CwpXmZ9HD7LyIMIygThxkph_u8rRtf1HSiZNkmqEd6Ftbd_FE2NZeGKvLm4jYpkv4efFQsQ3d44Bk62cNxMuy9RXm8ESd2ziG-4t8dmyGfhTJ94loXTcaXteFlAWknLrLGOZnADiTv1pH1sjYznmPof0JJRbWXm-uVzLm2hAYLprXhMEBzAnoOssoLwRi2AoeWWZFJITgYQ0HfOKjAapIR_gkOVMKxvE-kborpflBASXEntPF3GurM1a6xW79q31mWhcb7BNMu7dXG-fg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=8961374121731&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6a37fddb53fcdb6821121bc679997e2e1025cbe45ff54aa7134eb1e780ca7c64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 19 Nov 2021 04:44:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1563
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame BECD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7388e6eb1497245d36f5d5e65fd0cb7d196201fd5f2bef2afab452dbca8b8c3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sp.pl
sp.analytics.yahoo.com/ 0
328 B 102ms
30ms Image
text/plain 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2019%20Nov%202021%2004%3A44%3A15%20GMT&n=0&b=The%20Stars%20Of%20Eight%20Is%20Enough%20%E2%80%93%20Then%20And%20Now%20-%20Post%20Fun&.yp=436263&f=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&enc=UTF-8&gdpr=1&gdpr_consent=BPP57Q0PP57Q0BQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&us_privacy=1---&yv=1.10.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
x-content-type-options: nosniff

GET
H2 204 sp.pl
sp.analytics.yahoo.com/ 0
19 B 92ms
31ms Image
text/plain 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Stars%20Of%20Eight%20Is%20Enough%20%E2%80%93%20Then%20And%20Now%20-%20Post%20Fun&.yp=10029575&f=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&enc=UTF-8&gdpr=1&gdpr_consent=BPP57Q0PP57Q0BQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&us_privacy=1---&yv=1.10.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
x-content-type-options: nosniff

GET
H2 204 sp.pl
sp.analytics.yahoo.com/ 0
19 B 83ms
31ms Image
text/plain 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Stars%20Of%20Eight%20Is%20Enough%20%E2%80%93%20Then%20And%20Now%20-%20Post%20Fun&.yp=10005184&f=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&enc=UTF-8&gdpr=1&gdpr_consent=BPP57Q0PP57Q0BQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&us_privacy=1---&yv=1.10.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
x-content-type-options: nosniff

GET
H2 204 sp.pl
sp.analytics.yahoo.com/ 0
19 B 84ms
32ms Image
text/plain 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Stars%20Of%20Eight%20Is%20Enough%20%E2%80%93%20Then%20And%20Now%20-%20Post%20Fun&.yp=10086309&f=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&enc=UTF-8&gdpr=1&gdpr_consent=BPP57Q0PP57Q0BQABBENDX-AAAAyh7_______9_-____9uz_Ov_v_f__33e8__9v_l_7_-___u_-23d4u_1vf99ycmx-5etr3tp_47ues2_Xurf_71__3z3_9pxP78E89r5335EQ_v-_t-b7BCHN_Y2v-8K96lPKACEI&us_privacy=1---&yv=1.10.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
x-content-type-options: nosniff

GET
H/1.1 200
OK request.php Show response
hal900021.redintelligence.net/ Frame F844 2 KB
1 KB 78ms
64ms Script
application/x-javascript 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7b88404960&subid=&uid=abc46e049d92d188&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j2mniuXYey9NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIMCT9BX2oQBVHPn6_s6AXb6kthAJ6rq6aPe0DNsrk4r28kmdb5Lbt0UUaRqvUcEzhN2PFjaPvHY21WttI39iIZKCeJ1zRpiO4Yc4PC8qqomVY1HHDYr0dTQTTEdfQ_pHcdmAjMNmEorli-1iZ_bVKZzvgrP5GPZD2vIULF-OHOHet68pDYKKN9B5D-r8ekj86YRMg2Xoab2DxJbN9ifPxXGfX0lAXKYxprk72s1jIXyngaZEhiqLCK4RaTJOecMOeTPG8WmRyTfApoCM2ZBWSCZMFq7s6vOJ0HGt98jcxRre6f-jLJUX44E8yl_Xi717LzJnAt4M8yo1G4yjjeQN5lQoodk1MAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo9L6fGRDZL6w7s2Qfp7poRw%26sig%3DAOD64_39_YWknsO31eUWQCVK4TXrYTGSUw%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B8DGsg3Kp5gIswbSi5tlvNu4-Yyq_AxmqDlTBYk1qeFV2N2VPw8XYAQ0p-opztsOls0bcJlyCYgzmmuAEd2ko3SRmK20D_gQtEJqaQiwdjonQI2XC4wJsGHaGTp9md4Cx-6SWxJ9Ji0w2lt3waVgwc-4Eepw%26cry%3D1%26dbm_d%3DAKAmf-CE-0kNGJ_KzF9Od9nC1ceP5mtFDKTkahfsj6_epW_v_lAoCGe6UNWHIoPTS_Zg2Q5yMvM45CQsAX03k0WNeluRtBY--GD6XT6TXpkNuk-WxJ_ke8PWbx7NHMvIJhkOiv6tXzdEggzQbSfveAmoYd_cUKLXq-TM7nlxZz0lZ3zP1AuUgZzn1_uNUiKLDWYrLhYcm9N9WxNzpo89yuQMuhBVpOozGNvY85sV6dnne9D_ad4e9QO4oc-95VH7h4QZzG-8dakKVVJJwC9LTATGVqOD50mv20y-gJCDvVShzOCxokxsgUFrIl4dALz1pOvVgZjhK2s1dHY4379P1voRrfNhl6x5q_xOY3QbtVZXKxRm8vh2uEqvYppZTQVN70G51YjW4pmsjmIiz9LdU3K5cfJUEIVMXxvc8AhEUnO40hUiR-P3a0Wg-Xd6PQoSMreL8JN99sS-vtlep_mH-kHAlYa-VosGIuddHgZKwC1NPvXS_2uty7RiXm1APYWZmgaB10PdVQWTsn8qyafsExPrW7Gyg439Uw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=7164547105014&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j2mniuXYey9NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIMCT9BX2oQBVHPn6_s6AXb6kthAJ6rq6aPe0DNsrk4r28kmdb5Lbt0UUaRqvUcEzhN2PFjaPvHY21WttI39iIZKCeJ1zRpiO4Yc4PC8qqomVY1HHDYr0dTQTTEdfQ_pHcdmAjMNmEorli-1iZ_bVKZzvgrP5GPZD2vIULF-OHOHet68pDYKKN9B5D-r8ekj86YRMg2Xoab2DxJbN9ifPxXGfX0lAXKYxprk72s1jIXyngaZEhiqLCK4RaTJOecMOeTPG8WmRyTfApoCM2ZBWSCZMFq7s6vOJ0HGt98jcxRre6f-jLJUX44E8yl_Xi717LzJnAt4M8yo1G4yjjeQN5lQoodk1MAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo9L6fGRDZL6w7s2Qfp7poRw%26sig%3DAOD64_39_YWknsO31eUWQCVK4TXrYTGSUw%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B8DGsg3Kp5gIswbSi5tlvNu4-Yyq_AxmqDlTBYk1qeFV2N2VPw8XYAQ0p-opztsOls0bcJlyCYgzmmuAEd2ko3SRmK20D_gQtEJqaQiwdjonQI2XC4wJsGHaGTp9md4Cx-6SWxJ9Ji0w2lt3waVgwc-4Eepw%26cry%3D1%26dbm_d%3DAKAmf-CE-0kNGJ_KzF9Od9nC1ceP5mtFDKTkahfsj6_epW_v_lAoCGe6UNWHIoPTS_Zg2Q5yMvM45CQsAX03k0WNeluRtBY--GD6XT6TXpkNuk-WxJ_ke8PWbx7NHMvIJhkOiv6tXzdEggzQbSfveAmoYd_cUKLXq-TM7nlxZz0lZ3zP1AuUgZzn1_uNUiKLDWYrLhYcm9N9WxNzpo89yuQMuhBVpOozGNvY85sV6dnne9D_ad4e9QO4oc-95VH7h4QZzG-8dakKVVJJwC9LTATGVqOD50mv20y-gJCDvVShzOCxokxsgUFrIl4dALz1pOvVgZjhK2s1dHY4379P1voRrfNhl6x5q_xOY3QbtVZXKxRm8vh2uEqvYppZTQVN70G51YjW4pmsjmIiz9LdU3K5cfJUEIVMXxvc8AhEUnO40hUiR-P3a0Wg-Xd6PQoSMreL8JN99sS-vtlep_mH-kHAlYa-VosGIuddHgZKwC1NPvXS_2uty7RiXm1APYWZmgaB10PdVQWTsn8qyafsExPrW7Gyg439Uw%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c832a94c2e2d17be7327b2c19ac71007833e1d236859f40561a313b1b2682093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 45600500013214900710612011783021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 896
Expires: Fri, 19 Nov 2021 04:44:15 +0100

GET
H/1.1 200
OK request.php Show response
hal900028.redintelligence.net/ Frame 0D67 2 KB
1 KB 93ms
77ms Script
application/x-javascript 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9ce4dac999&subid=&uid=74c9544872c6997d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUTZLniuXYe29NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIYCT9BgVB_EZEjD7WSeZYEHkoUQSasMGpFD6X3pjvKGB_BcnOaZp4S0US37AR2NzRWL4p35c3sLJJ8OEunQbm0b3N894RUaCFysBtVTjaa-7hF6aheY57qM7xtQqThYzcld_DimgCLR5uEcQblAU89n5-Uau_WPcjqGfg9_EKxeyslyt1s8GQv3m7OeUkwOM9_dGC9atNEL2mDOzln6cTh38XFuC9FfiFM30eT3sxjNaLOhgh8MYYrOIwGS3We4_NBAsFqicIMJd1FZTUTFneLbh0HPZMRZlQ1OfOVBvRG9isgPdI7h59oxNfWmQWo-lYIuiMvTGfrzNUaIuVw841qDzm-te1RlZsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0SfLK_rXMFgw5bqbcI3D1A%26sig%3DAOD64_0A_vPvNIZQdW9iFS3-00l2dLzGtA%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B3TTQ9ertDUA2g36PqJ691ryqg-JLkqrm4_HUQ871ZaG8arAkiwCT9g3jHL5eKvJBX9q6wI4vcoRJnGlLbrGyUyirqgnUB-8Y4nv6NAaq5ENivk1aF0T2aWC22uBSV4mQkDXgNTg_GEqe6jJZ0XLH088fhmg%26cry%3D1%26dbm_d%3DAKAmf-D718I8_VjUUaQbnEKTFfzaFRIYSzXhKZkJrSjUvG8aw4gt4OCXwvL3Z_mcpHhdx_au9tI6kqn-aTR2mpIQEAyJLj7ftKKW5_iSMURAoI95UDv32MRsp89IxA2Nh2ZZxUD2GbGO-admeAhvABa6fHW67e1PGucBhOTHPv8YLi021sUg08es7EspX5FgY0LweNdLO48ntVh12ig_o4luszytuYeGktoIodyEYfaQBxzMlgKx0xCrP59lgKOX4yUuGOW9ymxMjR911Ea38tRn_rf4cq9UOhcArS35GGwDmiVbznSinUUbiwt_RgBd8Ev6dkrj1dkRcXoa0I1bbegNhe0PxL0tE5sHxgpZHzdCJTYRLSqIJM82A0rFy28VUXFHnSd7sT849aEZnqV70q0lQWoce8_I8D9IOrhKc9h1ITTGFOmmt2KpkQboqMNczeoJeYgHU_2Hq_DmQLs6zkcFhGl5YWrvv5s_hJSVdl0VSKf66CUPgfTBJ_Q2wRTbyxsLszEvglxZ9FkuweNaTdXmKTtrq63h1A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=9941095496722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUTZLniuXYe29NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIYCT9BgVB_EZEjD7WSeZYEHkoUQSasMGpFD6X3pjvKGB_BcnOaZp4S0US37AR2NzRWL4p35c3sLJJ8OEunQbm0b3N894RUaCFysBtVTjaa-7hF6aheY57qM7xtQqThYzcld_DimgCLR5uEcQblAU89n5-Uau_WPcjqGfg9_EKxeyslyt1s8GQv3m7OeUkwOM9_dGC9atNEL2mDOzln6cTh38XFuC9FfiFM30eT3sxjNaLOhgh8MYYrOIwGS3We4_NBAsFqicIMJd1FZTUTFneLbh0HPZMRZlQ1OfOVBvRG9isgPdI7h59oxNfWmQWo-lYIuiMvTGfrzNUaIuVw841qDzm-te1RlZsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0SfLK_rXMFgw5bqbcI3D1A%26sig%3DAOD64_0A_vPvNIZQdW9iFS3-00l2dLzGtA%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B3TTQ9ertDUA2g36PqJ691ryqg-JLkqrm4_HUQ871ZaG8arAkiwCT9g3jHL5eKvJBX9q6wI4vcoRJnGlLbrGyUyirqgnUB-8Y4nv6NAaq5ENivk1aF0T2aWC22uBSV4mQkDXgNTg_GEqe6jJZ0XLH088fhmg%26cry%3D1%26dbm_d%3DAKAmf-D718I8_VjUUaQbnEKTFfzaFRIYSzXhKZkJrSjUvG8aw4gt4OCXwvL3Z_mcpHhdx_au9tI6kqn-aTR2mpIQEAyJLj7ftKKW5_iSMURAoI95UDv32MRsp89IxA2Nh2ZZxUD2GbGO-admeAhvABa6fHW67e1PGucBhOTHPv8YLi021sUg08es7EspX5FgY0LweNdLO48ntVh12ig_o4luszytuYeGktoIodyEYfaQBxzMlgKx0xCrP59lgKOX4yUuGOW9ymxMjR911Ea38tRn_rf4cq9UOhcArS35GGwDmiVbznSinUUbiwt_RgBd8Ev6dkrj1dkRcXoa0I1bbegNhe0PxL0tE5sHxgpZHzdCJTYRLSqIJM82A0rFy28VUXFHnSd7sT849aEZnqV70q0lQWoce8_I8D9IOrhKc9h1ITTGFOmmt2KpkQboqMNczeoJeYgHU_2Hq_DmQLs6zkcFhGl5YWrvv5s_hJSVdl0VSKf66CUPgfTBJ_Q2wRTbyxsLszEvglxZ9FkuweNaTdXmKTtrq63h1A%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 818f9c6e1d7e05a5f627bdae5cf975be252823161aa637095fd8fc0183dccef5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70395700012567000710612011783028
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 891
Expires: Fri, 19 Nov 2021 04:44:15 +0100

POST
H2 200 / Show response
www.facebook.com/tr/ Frame A67B 0
84 B 6ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 8FC1 0
150 B 10ms
6ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=98271100014332300757585011783015&a=05937b1c&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 8FC1 1 KB
2 KB 276ms
117ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2624675&wgcampaignid=99582&js=1&nw=1&clickref=98271100014332300757585011783015&viewref=98271100014332300757585011783015
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: cc5efb4471f24c3aa1c2ef6848bcc5e6f0d3927e49949b8d8b17d274c6c3a75d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Last-Modified: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: cache-not-used
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1271
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0016 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 12:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 12:28:30 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame A4F5 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 12:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 12:28:30 GMT

GET
H3

200

activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45 Show response
5994599.fls.doubleclick.net/ Frame 8635
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45?

390 B
345 B

39ms
25ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45?

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

94b97379f12d2447ebb089ec7d9141560303f5aa636750e82e4110d0fd9523e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 04:44:15 GMT
expires: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 04:44:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame C75C 4 KB
2 KB 7ms
2ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=45600500013214900710612011783021&a=909335eb
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7b88404960&subid=&uid=abc46e049d92d188&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j2mniuXYey9NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIMCT9BX2oQBVHPn6_s6AXb6kthAJ6rq6aPe0DNsrk4r28kmdb5Lbt0UUaRqvUcEzhN2PFjaPvHY21WttI39iIZKCeJ1zRpiO4Yc4PC8qqomVY1HHDYr0dTQTTEdfQ_pHcdmAjMNmEorli-1iZ_bVKZzvgrP5GPZD2vIULF-OHOHet68pDYKKN9B5D-r8ekj86YRMg2Xoab2DxJbN9ifPxXGfX0lAXKYxprk72s1jIXyngaZEhiqLCK4RaTJOecMOeTPG8WmRyTfApoCM2ZBWSCZMFq7s6vOJ0HGt98jcxRre6f-jLJUX44E8yl_Xi717LzJnAt4M8yo1G4yjjeQN5lQoodk1MAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo9L6fGRDZL6w7s2Qfp7poRw%26sig%3DAOD64_39_YWknsO31eUWQCVK4TXrYTGSUw%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B8DGsg3Kp5gIswbSi5tlvNu4-Yyq_AxmqDlTBYk1qeFV2N2VPw8XYAQ0p-opztsOls0bcJlyCYgzmmuAEd2ko3SRmK20D_gQtEJqaQiwdjonQI2XC4wJsGHaGTp9md4Cx-6SWxJ9Ji0w2lt3waVgwc-4Eepw%26cry%3D1%26dbm_d%3DAKAmf-CE-0kNGJ_KzF9Od9nC1ceP5mtFDKTkahfsj6_epW_v_lAoCGe6UNWHIoPTS_Zg2Q5yMvM45CQsAX03k0WNeluRtBY--GD6XT6TXpkNuk-WxJ_ke8PWbx7NHMvIJhkOiv6tXzdEggzQbSfveAmoYd_cUKLXq-TM7nlxZz0lZ3zP1AuUgZzn1_uNUiKLDWYrLhYcm9N9WxNzpo89yuQMuhBVpOozGNvY85sV6dnne9D_ad4e9QO4oc-95VH7h4QZzG-8dakKVVJJwC9LTATGVqOD50mv20y-gJCDvVShzOCxokxsgUFrIl4dALz1pOvVgZjhK2s1dHY4379P1voRrfNhl6x5q_xOY3QbtVZXKxRm8vh2uEqvYppZTQVN70G51YjW4pmsjmIiz9LdU3K5cfJUEIVMXxvc8AhEUnO40hUiR-P3a0Wg-Xd6PQoSMreL8JN99sS-vtlep_mH-kHAlYa-VosGIuddHgZKwC1NPvXS_2uty7RiXm1APYWZmgaB10PdVQWTsn8qyafsExPrW7Gyg439Uw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=7164547105014&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5fc5bab90dbb5772fd0cf6606aab15c997b7a073a776b6f6ac7b8a83e0dd2adf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 19 Nov 2021 04:44:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1527
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 33EC 1 KB
846 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Nov 2021 05:53:44 GMT
expires: Fri, 19 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 82231
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062 Show response
5994599.fls.doubleclick.net/ Frame E79E
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062?

391 B
345 B

39ms
39ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062?

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

8eca5f3fee1a7879e3bd5893c24f6c498238326c8a9bb823651b8c5437525acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 04:44:15 GMT
expires: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 04:44:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame A852 4 KB
2 KB 12ms
7ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=70395700012567000710612011783028&a=527fdb7a
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9ce4dac999&subid=&uid=74c9544872c6997d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUTZLniuXYe29NouQrASAyr2oAbXN-YNX_Ni5q-UM8C4QASDt0JI0YJWaoIKwB8gBCakC_fmzBzMRsz6oAwGqBIYCT9BgVB_EZEjD7WSeZYEHkoUQSasMGpFD6X3pjvKGB_BcnOaZp4S0US37AR2NzRWL4p35c3sLJJ8OEunQbm0b3N894RUaCFysBtVTjaa-7hF6aheY57qM7xtQqThYzcld_DimgCLR5uEcQblAU89n5-Uau_WPcjqGfg9_EKxeyslyt1s8GQv3m7OeUkwOM9_dGC9atNEL2mDOzln6cTh38XFuC9FfiFM30eT3sxjNaLOhgh8MYYrOIwGS3We4_NBAsFqicIMJd1FZTUTFneLbh0HPZMRZlQ1OfOVBvRG9isgPdI7h59oxNfWmQWo-lYIuiMvTGfrzNUaIuVw841qDzm-te1RlZsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0SfLK_rXMFgw5bqbcI3D1A%26sig%3DAOD64_0A_vPvNIZQdW9iFS3-00l2dLzGtA%26client%3Dca-pub-8950012917213574%26dbm_c%3DAKAmf-B3TTQ9ertDUA2g36PqJ691ryqg-JLkqrm4_HUQ871ZaG8arAkiwCT9g3jHL5eKvJBX9q6wI4vcoRJnGlLbrGyUyirqgnUB-8Y4nv6NAaq5ENivk1aF0T2aWC22uBSV4mQkDXgNTg_GEqe6jJZ0XLH088fhmg%26cry%3D1%26dbm_d%3DAKAmf-D718I8_VjUUaQbnEKTFfzaFRIYSzXhKZkJrSjUvG8aw4gt4OCXwvL3Z_mcpHhdx_au9tI6kqn-aTR2mpIQEAyJLj7ftKKW5_iSMURAoI95UDv32MRsp89IxA2Nh2ZZxUD2GbGO-admeAhvABa6fHW67e1PGucBhOTHPv8YLi021sUg08es7EspX5FgY0LweNdLO48ntVh12ig_o4luszytuYeGktoIodyEYfaQBxzMlgKx0xCrP59lgKOX4yUuGOW9ymxMjR911Ea38tRn_rf4cq9UOhcArS35GGwDmiVbznSinUUbiwt_RgBd8Ev6dkrj1dkRcXoa0I1bbegNhe0PxL0tE5sHxgpZHzdCJTYRLSqIJM82A0rFy28VUXFHnSd7sT849aEZnqV70q0lQWoce8_I8D9IOrhKc9h1ITTGFOmmt2KpkQboqMNczeoJeYgHU_2Hq_DmQLs6zkcFhGl5YWrvv5s_hJSVdl0VSKf66CUPgfTBJ_Q2wRTbyxsLszEvglxZ9FkuweNaTdXmKTtrq63h1A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.postfun.com%2F&ancestorOrigins=https%3A%2F%2Fwww.postfun.com&random=9941095496722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2cc023c3d14b0030ac7e1963e6e849c7a4c6e5501362826295d4164364fc5b82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 19 Nov 2021 04:44:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1524
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 633A 1 KB
784 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Nov 2021 05:53:44 GMT
expires: Fri, 19 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 82231
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 5BFF 0
31 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 545ms
186ms Script
text/plain 35.82.147.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=fd83dd6d93d703bc1099ab44aa5cf569&url=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/354
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.147.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-147-164.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Nov 2021 04:44:16 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 307 KB
89 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e9f898165ae32b9ed1ce407dd2fd20799ce67766f190d42e4f2396130d6b89b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90581
x-xss-protection: 0
pragma: public
x-fb-debug: 2v12Zwl4jCpN0VKbVX+hTwKoJ/2JDq1q1AX/s8Fxr+sxucBPRYXH9rtaEWyfu0J39IYIKJIznxSdvJRcTwrRSA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 19 Nov 2021 04:44:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
829 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 03:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Nov 2021 04:48:28 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Nov 2021 05:29:39 GMT

GET
DATA 200
OK truncated
/ Frame F844 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccb1752079cc96ad148b45ce1309bfc86ef39e7066ae2d43329621fef204799c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0D67 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46e558bbb5ed7f30fe605ac1d872ebe526056a6c7336a6737bb64bf07006a7b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297055529&oz_l=117&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E6BE 0
31 B 6ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame C75C 44 KB
44 KB 29ms
2ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=45600500013214900710612011783021&a=909335eb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame A852 44 KB
44 KB 16ms
2ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=70395700012567000710612011783028&a=527fdb7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://ids.ad.gt/api/v1/openx?openx_id=5187a315-8219-4f10-af4f-faa89b8ba835&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...

43 B
483 B

200ms
200ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=5187a315-8219-4f10-af4f-faa89b8ba835&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

Redirect headers

date: Fri, 19 Nov 2021 04:44:15 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=5187a315-8219-4f10-af4f-faa89b8ba835&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=b91bc153-2b31-49c8-a99c-f3803bf1a2f6
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
653 B 213ms
212ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=b91bc153-2b31-49c8-a99c-f3803bf1a2f6&halo_id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 19 Nov 2021 16:44:15 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame C75C 0
150 B 6ms
2ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=45600500013214900710612011783021&a=6507d813&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=45600500013214900710612011783021&a=909335eb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=45600500013214900710612011783021&a=909335eb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C75C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27B7 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiZ-6nyuXYcqMA86B9u8P0MaYoAwAAAAAOAHgBAI&bg=!_P-l_7vNAAZQLpa_UC47ACkAdvg8WvG7lf7RcaeJpsFBqcL1yejBb1_xLk7-lFDSitUK9I-Ql5w2JgIAAAEbUgAAAGxoAQeZAxgooYd4e0iN-xqNH1igG0g7iEJ44uCljiXq1izjVbWaM0jHj1t5XKP9w3OeZoVR9tRAS25U13EjuMModgVpuOIMaxpikjJFAH2LvG8MlxA38-RPYZXqU2pjLAU56A2u0VUK7mP4ShH-OF2KUhzkiYWZ9amBpHKUyhYcWCqBQ-ELacT7nAig48JHxcWNfj26YJrJ6vngKKseQPwfr2xvDX1U2AFah4xT7hscQUB9TBG5pdd0uYU-banPm8b-m3shDSPL1rpmuYRFXWTi8_tsPrBn3-QMq6eP_Q-GQEg9pcQniU8kBBY83hJU5qI-4rD3TkQ-J7QpTvITh5zrM9SBIykph4VugbYJ3Io9SOD7cZxtNtmd3ANfaq3twzuH9E3WMqLZGpJXsmMQKaKKSd81NWvjeXYkJKixbYexoPrp3iPU2ECCXDva7TMMLsvU8Y0ujloaTchdpM3SlsMnrvGA4Jv-pw2bnxKj0V0VATSmZgKol-RoSbLHDMorGWq9fayjeEc142GVY4esE31981LfwOPLN-eaB4mgPRiFtM49aWT4qHUulCIxBINsBubzwpA71CE9x-jRpB-yawNNo55MpoATDmRXsK5pZqO6p5pepO_O4zMkAt95AI8q7zccYSa2N4LaJbEnVy7zbzH89kQ028OE_ZTXcFJ8jhFazFMnB9-qOPOzQWHHv3d15mGmXkITivZ6ThXbDe9XLGs1ue0-tO-gvvGimmVKw6oQ_NZGqCINXn4M66kSXtpcJvWmLBAc9Q3iaXuXZ2NupuGTv9PyvI_YSfghmNXFeENDTbE3Irelpn8SMp3jhrflAwsO4s8-feQRZe1YeGY1N7kVz1_O-JTv81ZUlu1CJmZUT9C_UTRrjUlJrCoGSCtdoNlm1DKdZ_qUBfjbS5SparDN6o-QAw6P-frsC3yQCAIJpVg1Mvuh0hPQaUHdh_f2REnOZt9ohxzczH_DN2jJfIgamAYVNWHKvLn-XMJbzJnUy-W3RUIT57eGIO8vLsI0gbDPAOG-K3Vr-wHfZEEDBhCTrmgPHtvNWiZ9ZLFIRAU

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame A852 0
150 B 10ms
7ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=70395700012567000710612011783028&a=cccf015f&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=70395700012567000710612011783028&a=527fdb7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=70395700012567000710612011783028&a=527fdb7a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A852 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45
adservice.google.com/ddm/fls/z/ Frame 8635 42 B
262 B 43ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COfCi-vOo_QCFZWEUQodI4QGxg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8079583031725.45?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8FC1 51 KB
51 KB 46ms
8ms Script
application/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2624675&wgcampaignid=99582&js=1&nw=1&clickref=98271100014332300757585011783015&viewref=98271100014332300757585011783015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 84702
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 18 Nov 2021 05:12:46 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: fzsTfdapKukeJt-hsbZy1ZgZgNiOQdu7O_IcqCrs4U43c1_Cc8kwDg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 8FC1 54 KB
55 KB 222ms
148ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=98271100014332300757585011783015&wglinkid=2624675
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=98271100014332300757585011783015&a=44c6bb8b
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 467287f2d19d9e9c29a4151e5a8b3e4cf2257d11203a6c26a88a10fb90733192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:15 GMT
Last-Modified: Fri, 19 Nov 2021 04:44:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: cache-not-used
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8FC1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062
adservice.google.com/ddm/fls/z/ Frame E79E 42 B
107 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPijevOo_QCFeT21Qodk-sLSA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9060759274512.062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 33EC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&...

43 B
438 B

168ms
168ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b06c8476d52536a-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 51
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b06c8465c5f536a-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgYW_DFbKcnzOnFQTo-crF8h_iuslKXawh62vmur_dzxwc2w1OV_jXfSA-J76r_GWitb29nY74Bh8Felue6k0sgOm2DQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33EC
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPRdggvDjGWZAsr4YKAuOHs&google_cver=1&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_lSSsEZkxEpAs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F602BB114BEB4468A9E26135972AA611&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_...

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F602BB114BEB4468A9E26135972AA611&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_lSSsEZkxEpAs

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F602BB114BEB4468A9E26135972AA611&google_push=AYg5qPJqqv5_KcDfL9hObaAQTPbHj2kW5hq5a3pnNlQ9fX6CB72DTbqGagslaUFVoJHu9FlzZ48xfnvOAHpI5m_lSSsEZkxEpAs
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 18 Nov 2021 04:44:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33EC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBDhffgql9S1cSPuAzKnI2g&google_cver=1&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwy...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBDhffgql9S1cSPuAzKnI2g&google_cver=1&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ&google_hm=ylm9iMpUS5WppCUNgwl2OA==

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ&google_hm=ylm9iMpUS5WppCUNgwl2OA==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ&google_hm=ylm9iMpUS5WppCUNgwl2OA==
Date: Fri, 19 Nov 2021 04:44:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 33EC 43 B
577 B 76ms
14ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENXW8GgS_fi5eQ77XRPf3Y8&google_cver=1&google_push=AYg5qPKXuD8vk06BnCi1ZfVBzaCpfvwl96duvmxpnwARBI_eMIIvwyf2rfYysETZaxGqg0XraDFyBG7Uwl1bOO14BNvMDOR2pjk

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Nov 2021 04:44:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33EC
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEPrWlvc4RGnNHVhfUUF3ZpY&google_cver=1&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRv...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPrWlvc4RGnNHVhfUUF3ZpY&google_cver=1&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2y...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJXB8xKKgQrp-FPlhsHxCYz00swu1XRbMmWLIrH0q_-K8umGJ7qDpie2ZDTv25q7eSTMBfMg-ihAJ--tfuDeUu2yRvHTtE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

pixel
cm.g.doubleclick.net/ Frame 33EC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAK...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33EC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7T...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7T...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ&google_hm=6768f8c4a19365f6d2d3eac4

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ&google_hm=6768f8c4a19365f6d2d3eac4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLSqVJg-Y_3cGF2Qc9UomLxE1tMZjgrfga7rOZJmYKvBwb6kAKX0ncOx-LlE6ZoDeCOEXMPS1R8aX176kL7TXXlfXj7cQ&google_hm=6768f8c4a19365f6d2d3eac4
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 33EC 0
12 B 16ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-ZJ_odlIWGjCU5JyM-jbOL7_Wxmxav1qLJusbURCFz72mCMS600zEg40aTnmF3BYzQwOn

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 633A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xj...

43 B
394 B

170ms
170ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b06c8476d54536a-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b06c8465c61536a-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH13onaju7ElbaV0hGi6gVI&google_cver=1&google_push=AYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLUUJfZxQx5gb6R8nH3iRix5URpGlFpoSC3SZRzeJoEcpWlVWf_TnLfVvKBQJ5_8cfVvTc0mmgxypO1j968wyV2kPIR5xjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 633A 70 B
264 B 31ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAanWBhojFu8cWeQq7SMcKk&google_cver=1&google_push=AYg5qPJP0I7RL1nWs4I85M86zxVKr4IaaD8i6Vq9EC5AfaGxV3l65wE1er1uyHp_5LhwddKP7Dc3RlXqpjhU8rDlwQ7G1asVoCSz
Requested by: Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 633A
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEK9flv4AjeuHiLntSEW7ows&google_cver=1&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vM...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uab30GduR-yALZHPQwW2Dw2&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vMyT1nuQD9OHLo

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uab30GduR-yALZHPQwW2Dw2&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vMyT1nuQD9OHLo

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Nov 2021 04:44:15 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uab30GduR-yALZHPQwW2Dw2&google_push=AYg5qPK9wUTpCjc7Sj8jv28jaM0HaXzA8ZQfSrZOdo2QoE5ivv_bgwQdmoSwJyWwPOOtyPLqO_0oDKTSGfEdN1vMyT1nuQD9OHLo
x-host: tde-deliveryengine-production-666d84c44f-b5ml6
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 633A
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoum...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJTKpfS3r9qX8g8pCCCEnlY&google_cver=1&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoum...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG&google_hm=6768f8c4a19365f6d2d3eac4

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG&google_hm=6768f8c4a19365f6d2d3eac4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 04:44:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIyiDlFLEDI52BW4pNh9pBkgHPMbuoKAPXSzC6EYqSFQP0cnbXGrqSPNS_VjIxl2kqzoyq9hA3PoVzsLyoumthNX1ySBtiG&google_hm=6768f8c4a19365f6d2d3eac4
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 633A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPldcJk6ANLw_dTfhzluwpQ&google_cver=1&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9n...

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D&google_push=AYg5qPJx4lqhpq42PJ2B_2r0Ag3h8bdpHOI9tvCSq54bVaFEMx4JM3_QLV9nCzpij1yooWH_K2FdPKoB9cLsGafos3Aof3IXFxki
date: Fri, 19 Nov 2021 04:44:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 633A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEL6tT5XSoxw-ZxyIWtl0PIQ&google_cver=1&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8Rc5GqeDUOszGLubuO3...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VTWpnem5wRTJ1SEJYMXZEbHFOUXo5Z3FtOWF5WWN5WH5B&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8R...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VTWpnem5wRTJ1SEJYMXZEbHFOUXo5Z3FtOWF5WWN5WH5B&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8Rc5GqeDUOszGLubuO3wGaCb3jkjlAV5-wyLQRI60F4QaNA

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VTWpnem5wRTJ1SEJYMXZEbHFOUXo5Z3FtOWF5WWN5WH5B&google_push=AYg5qPKrxbYQRtqCdR6ORGzh5xI7NklfnH4BCH-k0kaX9GAs7cj0PHe8Rc5GqeDUOszGLubuO3wGaCb3jkjlAV5-wyLQRI60F4QaNA
date: Fri, 19 Nov 2021 04:44:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 633A 43 B
101 B 72ms
14ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENoeiZOrDkG94kZrcHaWANs&google_cver=1&google_push=AYg5qPKOw93bKcI454KEeI68Gu8K7K6YeuDUCq9LZw7RYYCm6vlRPcZXyvml9f6fq5o3MmvYljSxmEmmysQo1QTSCqUA2eAT6wDT

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Nov 2021 04:44:15 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 633A 0
12 B 14ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuNTZSkeQ7_wviPFTgwXuj12iNvlbDd0kvoRCLvHzGk-IXjoive33wmDDZQvWxGFw7qfLd82c

Requested by

Host: 9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
URL: https://9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297055684&oz_l=160&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Ftelevision%2Fthe-stars-of-eight-is-enough-then-and-now%2F%3Fchrome%3D1&rl=&if=false&ts=1637297055745&cd[partner_id]=354&cd[tagger_id]=fd83dd6d93d703bc1099ab44aa5cf569&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637297054822.992961466&it=1637297054394&coo=false&dpo=&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 04:44:15 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame BD6A 0
31 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 724F 0
31 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 9A89 0
31 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:15 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0016 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmg7nnyuXYZ-8C4-H7_UPgp-CkAUAAAAAOAHgBAI&bg=!tLelt_PNAAZQLpa_UC47ACkAdvg8Wj-9y2qy_5xN8vlV5BSany1Ti4HIBfsUd5xGo2UCIdpqCXpXjAIAAAF5UgAAACFoAQcKADVnq-TlYLpS8gaOGdbujUNlX7zCbfUbscljhezeMjJyCK_WVyY0HCFNC5IkKlrdp3tD3V2KE5kC_ALSEbuv9iiGOH4xXC9zqNRj4f91f1LbnUAjmO9wMZ8zTUT4NgTD7y5KmtsmgEz21VTK6gdcIUXtQ_T8qQAjV7Wd3XLT8--UmrcIuf9pGgxQ3NLigl6cKYvf7iDpqGt55RoDOQz_9W4Typ_Kx8yIA5QGfrWq1CywGb15Sd0IvIeWlZYNRrt47qrzOL_t0WM-7yXyswIB-GrqTn9LL8d2INQYtT_95l7gn59siNPHpJLfkpM7CHwX1OM1OUbXo5kb4Q5Z8xGcnv2n8vwQfuDPkMTQIgqeVOasNqBJQcLczZlxLJzZ6eE_UGY2YL9RQTSw44kcZ76c8VQHb-RgRwNatvRdiTgvSKS3pZZSectNgYtkAyBYklmdvKM-reTe8nLpYWuHWnnHZdbYQqczozXxSQ5vjqQ09rckWdTKh5ZyniBjeEMtSBcdnEPBI44StRAAEX0YnlF7qp4cJMOgiXNcUKbXQaD8oPOrknGNzBv_Q1Ai5PE6fhMvjCKsZXTSnGyIixsxtTo4AkDXwpGkrsmVwxX2P3yZ05tTCbWzQwwpuSh4IpcEGm7u8CuhqSnbxOfojtWAqmTNPd2dIZ8y7BSe9kQETiN1Zjwsc6rNKGnhfHOpZWFklPI5LdHfTg_F3x0U3o67Q58vm1l8IiXLBsxtOV_Esel8TgmcIeE3lIfCDA-zJevBs1o1XcjgvXkPHMyqubc_qVeuehHnP24Bgm-J1Xqe04cAtUclrJ5yQ6fGUaweRlIu25Xc7vN8KKqmuEf_3GNPw9wc5UxIkppc6Q87DASqFpH50UE6TAkALOU0VLPsXEa-BNfub5QGnkHwIjih6jbjBMVmnwTqThdEqgeqvskaRu8njHZxRszHwrfZaTxDdO-sRBk-SJ4KrtIbL3nzPoT1SjQprAZqEL7-JKecmZj1uPkxMDSAIXA80VY_pnC3vEUostZUIfGVpK-gA1DVpGvOgES2jJ3Is9Mp9HtrFiCnRcmJM5zCUc6iVfKNWYIF6cjiL1ApHQmRD6z-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4F5 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt6OWnyuXYaGUC4yM9u8P97qO8A8AAAAAOAHgBAI&bg=!Tk2lTQnNAAZQLpa_UC47ACkAdvg8WvOgCAIJ1u2xEuDHDcIAoqrHFO9BceCTLOQbe_FcC_ULgglDmwIAAAGXUgAAABNoAQcKACCtNjXOX90xI_EreQVzOZer0aJ-9ssbTGGuhLGg2dK6AJkC_WyV-eIfY1BAsB3hR6-cp-BmetwbsrvyYMJtQ2xPX0AeBCYqqkD9sDnArf63mheVcjriPS5O1A1orFQ70Cfno5WuTm139Ha8KmcTkiMcqJkzN97XtAyoOLdDbh47lpg9oIqSLtiy8HBhkNVazDAjTqOMCm_AWZttENzMTD4EOOME_34geJdhDBmdNtMQVgNy0WAOVr6NizvVhqGyu5PhFcalBDei20dArb-nWRIEjlxfmeGoeBLZL_HEkyRBSuOL1MY7TEUXyWt4v6rx8VefpAJS3WPKDhZ9M_qhsLFawjRkbARXGmMmv2liXQ6V7aGPkZ2qGkb1FabTqlrGjuQ4RLwyof8jiAwcOQpxF1o1WYIb-Jp3fdqbKUANsKH3q4qOk6Cz7tw2M-UtxnoYUb6bHEJj2dLh4z7N1RB5mnrAmZHkcAjRckfkg4rlc9w6kGgQsbKoFGUDnbO3ay5BWhp6_ooy1-tUBP47EDDkj_TLlXnRpYe53z7yJheOiRqtiNYd3LqVkGG4AFUHprO5gdj4an-wCv0bTuHZrEyI43K6FkoIA1WmSRvPDVdnonoRss9IYWxCife_JMmuiet3M_eFV0GL_5JK9LJG5ysT20wIrUqJs1IwbDOPocVUGLV-AsCCQhLcX7ib4XAWvXBCd24F86Vz8PkxNZ9QHxg7t2uQoxm7q99-e4sjpQ1zKm0exR9meUe6ia6MM5ofGDQag2ac_gzmrf5WYPGq57ZyyRwvIUVchDNF5uukf9ZI9jQAZprF4h4nKledEd0vujwhUb7pg3VrZy7c8vnJDbvFPfYOEXYBjWsgzLQxGF_bVRk3-_FL3ZorPTDvHqKO5Fy6veeZbUPy4UaQ1PeO0s55v-L74MFr3DZWIUPLN1ONPbwWZR3SDpNLPbsqUHulAsmyRexjYZaoP5UgmNVdvuO_2pkxYYlNS404Kh-7q7oxkogjlUluAI5hsMPf5yAR5jY7tQt_pjJXSMMVlvlwoVI2PtmTbhCAp1HC4fnCPPjaQL-pDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 32ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297055897&oz_l=810&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 02502f6b-ec6a-4f12-b484-c7c3907113d7
https://www.postfun.com/ 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.postfun.com/02502f6b-ec6a-4f12-b484-c7c3907113d7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 795

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D857 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRCJvGQOohFIBQT85GwRM7ZqlkGpXa6s-ua6uJATkP7lLofAiaYYFkyezXuOKmak3rLbPL-ot2SyfWUpUBEyGXNOkC43_V0E4vy8i-L7jYzzN3Gv5Vnw&sai=AMfl-YROKuLv_Ar1W7hWUY37PFo9p31okP4eAiPmQBg-fRAKFSpRR8dEBVDlPh0gE1smmu_4kBTz5jLDra8sQLd5aIYAuvV8SzGSrUaiSx9Wzd7W2ip9JFU0yESxVX1S0Ic&sig=Cg0ArKJSzDEJc2SW0BNYEAE&id=ampim&o=1122,99&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=134&tls=1138&g=100&h=100&tt=1138&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=659501193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 169ms
168ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:16 GMT

POST
H2 200 pbjs_impression_viewable Show response
www.postfun.com/events2/topic/ 0
177 B 150ms
149ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_impression_viewable
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:16 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 43ms
43ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297056048&oz_l=17579&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 / Show response
www.facebook.com/tr/ Frame D443 0
54 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 19 Nov 2021 04:44:16 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 40ms
40ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297056259&oz_l=13525&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297056512&oz_l=163&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8FC1 16 B
232 B 82ms
81ms Fetch
application/json 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-236-168.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal900015.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Nov 2021 04:44:16 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 104ms
29ms Preflight 54.77.236.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal900015.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Nov 2021 04:44:16 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 92F0 2 KB
1 KB 9ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: e01106c481aa457b0ace51a45bbbdfdaa23ac26125a985b0a6e85c943bc554f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
content-type: text/html; charset=utf-8
content-length: 578
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 7FA4 2 KB
838 B 24ms
23ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 2addfd5f15b8882e929e89c65bc487342bfb12be82589dc1a38a1549c5ae05e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Nov 2021 04:44:17 GMT
content-type: text/html
content-length: 538
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8163 2 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: e01106c481aa457b0ace51a45bbbdfdaa23ac26125a985b0a6e85c943bc554f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
content-type: text/html; charset=utf-8
content-length: 578
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 8EFC 2 KB
850 B 18ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 2addfd5f15b8882e929e89c65bc487342bfb12be82589dc1a38a1549c5ae05e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Nov 2021 04:44:17 GMT
content-type: text/html
content-length: 538
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

xuid
eb2.3lift.com/ Frame 92F0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_X...
https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd

37 B
353 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame 92F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_...
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr...

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92F0
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89...
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D
date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 92F0 0
597 B 398ms
141ms Image
text/plain 2620:119:50e8:101::9002:f05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3409472396413946947&dbredirect=true&gdpr=1&consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e8:101::9002:f05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: 32Mnzf/YuBaQJ4ZgGSsAAA==

GET
H2 200 3409472396413946947
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 92F0 43 B
299 B 106ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/triplelift/3409472396413946947?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

xuid
eb2.3lift.com/ Frame 92F0
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3409472396413946947&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
https://x.bidswitch.net/sync?dsp_id=59&user_id=6399ce8b-5afb-44c0-bd8c-b95aac37de45&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 19 Nov 2021 04:44:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 92F0 42 B
594 B 67ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3409472396413946947&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9CD47E5E8AE4D1DB5DC462E6AE9A54D Ref B: FRAEDGE1315 Ref C: 2021-11-19T04:44:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 92F0
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79_...

0
0

106ms
106ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: HTTP/1.1
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X2CRKY41FHKDHNFZMA1K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 92F0
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r...
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9ph...

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 255
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 92F0
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
https://eb2.3lift.com/xuid?mid=4771&xuid=8605249789374139112&dongle=d407

37 B
353 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=8605249789374139112&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=8605249789374139112&dongle=d407
pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 8163
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_X...
https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame 8163
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_...
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr...

37 B
353 B

12ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMnzGncrEBnLQG7lGV3GAdc&dongle=c627&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8163
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89...
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQwOTQ3MjM5NjQxMzk0Njk0Nw%3D%3D
date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 8163 0
284 B 394ms
146ms Image
text/plain 2620:119:50e8:101::9002:f05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3409472396413946947&dbredirect=true&gdpr=1&consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e8:101::9002:f05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: +qlAzf/YuBaAYs9nGSsAAA==

GET
H2 200 3409472396413946947
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 8163 43 B
81 B 98ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

xuid
eb2.3lift.com/ Frame 8163
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3409472396413946947&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ca59bd88-ca54-4b95-a9a4-250d83097638
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=ca59bd88-ca54-4b95-a9a4-250d83097638
https://x.bidswitch.net/sync?dsp_id=4&user_id=576e9250-27d9-4f9b-9d63-cca9f2b9e468&ssp=triplelift&expires=30&user_group=5&bsw_param=ca59bd88-ca54-4b95-a9a4-250d83097638
https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=ca59bd88-ca54-4b95-a9a4-250d83097638&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 19 Nov 2021 04:44:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 8163 42 B
258 B 59ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3409472396413946947&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 854955C11C294BAAA0207A2F73C899A6 Ref B: FRAEDGE1315 Ref C: 2021-11-19T04:44:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 8163
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP...
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79_...

0
0

106ms
106ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: HTTP/1.1
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 23BCMSPEW14BB90VH94X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&uid=3409472396413946947&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8163
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r...
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9ph...

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Pragma: no-cache
Date: Fri, 19 Nov 2021 04:44:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 255
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 8163
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
https://eb2.3lift.com/xuid?mid=4771&xuid=3417103018643327720&dongle=d407

37 B
353 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3417103018643327720&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:44:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3417103018643327720&dongle=d407
pragma: no-cache
date: Fri, 19 Nov 2021 04:44:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 8EFC 43 B
430 B 46ms
13ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:17 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 19 Nov 2021 04:44:16 GMT

GET
H2 200 p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 8EFC 35 B
371 B 17ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 8EFC 0
331 B 79ms
19ms Image
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8EFC
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=78c7ba70-0b95-70ec-fcb4-eef88cf46731&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7e...
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731

43 B
62 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8EFC 170 B
188 B 23ms
22ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRhODY5YmEtYzJlMi0yZTQ4LWU5NTQtYjQ0MTQ2MTZhOTUx&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8EFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues...
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf9...

43 B
61 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 7FA4 43 B
430 B 44ms
13ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 04:44:17 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 19 Nov 2021 04:44:16 GMT

GET
H2 200 p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 7FA4 35 B
371 B 14ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 7FA4 0
330 B 80ms
20ms Image
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7FA4
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=78c7ba70-0b95-70ec-fcb4-eef88cf46731&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7e...
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731

43 B
62 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ae3c68c7-67a1-4462-b7e6-6c94e19b2831&ttd_puid=78c7ba70-0b95-70ec-fcb4-eef88cf46731
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7FA4 170 B
188 B 23ms
21ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7FA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues...
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf9...

43 B
61 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHrYP2_u_LERIYsxatvpjUY&google_cver=1&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 overlay_status Show response
www.postfun.com/events2/topic/ 0
177 B 159ms
159ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/overlay_status
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:19 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:19 GMT

POST
H2 200 overlay_status Show response
www.postfun.com/events2/topic/ 0
177 B 153ms
153ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/overlay_status
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:19 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:19 GMT

POST
H2 200 overlay_status Show response
www.postfun.com/events2/topic/ 0
177 B 158ms
157ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/overlay_status
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:20 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:20 GMT

POST
H2 200 overlay_status Show response
www.postfun.com/events2/topic/ 0
177 B 150ms
150ms XHR
text/plain 104.111.244.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/overlay_status
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/header.b.js?ver=1637265765
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-200.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/television/the-stars-of-eight-is-enough-then-and-now/?chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 04:44:20 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 19 Nov 2021 04:44:20 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/ 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.40.0/486951/AOjf3ewHE-egmFEO/postback?ti=9a933e0c-b7b9-404c-b125-2eebb478c246&di=www.postfun.com&dm=1600x1200&ci=486951&gt=DE&dt=4869511559931891252000&ui=f371dbff-eaf8-452f-933a-cd81a5502292&c1=organic&c2=&c3=&de=2&sid=AOjf3ewHE-egmFEO&oz_sc=f1ab31c484343df55e674304&oz_df=1637297060159&oz_l=106&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Nov 2021 04:44:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 00:57:53	Name: sync Value: CgoIgQIQ3dyJtNMvCgoI4gEQ3dyJtNMvCgoI5gEQ3dyJtNMvCgoIhwIQ3dyJtNMvCgkICRDd3Im00y8KCQg6EN3cibTTLwoJCAsQ3dyJtNMvCgoIjAIQ3dyJtNMvCgoIzgEQ3dyJtNMvCgkIXxDd3Im00y8=
www.postfun.com/	1970-01-25 20:31:23	Name: akaas_csplit Value: 2147483647~rv=80~id=5fa0f125bc3ed3fe4a6e941f00cf4ad1
www.postfun.com/	1969-12-31 23:59:59	Name: akaclientip Value: 136.243.198.83
www.postfun.com/	1970-01-20 07:33:53	Name: usprivacy Value: 1---
.postfun.com/	1970-01-29 22:46:50	Name: _pnvl Value: false
.postfun.com/	1970-01-29 22:46:50	Name: pushly.user_puuid Value: kQ2Wo9bDjdfSwLFmftNPe10RUbJT9wAR
.postfun.com/	1970-01-29 22:46:50	Name: _pndnt Value:
.postfun.com/	1970-01-19 22:49:43	Name: _pnfcps Value: 86400
.postfun.com/	1970-01-19 22:49:43	Name: _pnpcs Value: 1\|Sat, 20 Nov 2021 04:44:14 GMT
.postfun.com/	1970-01-29 22:46:50	Name: _pnlspid Value: 11752
.postfun.com/	1970-01-20 16:19:29	Name: _ga Value: GA1.2.1727820622.1637297054
.postfun.com/	1970-01-19 22:49:43	Name: _gid Value: GA1.2.1486916002.1637297054
.postfun.com/	1970-01-29 22:46:50	Name: _pnss Value: dismissed
.postfun.com/	1970-01-19 22:58:21	Name: _pnpdm Value: true
.openx.net/	1970-01-20 07:33:53	Name: i Value: ab6b8529-a212-4f1b-a662-2610e8d354cc\|1637297054
.go.sonobi.com/	1970-01-19 23:31:29	Name: __uis Value: 32db32f7-2360-46b7-a44a-5e3289b18383
.go.sonobi.com/	1970-01-19 22:49:43	Name: _usd_postfun.com Value: 7ea4ca47-04ac-498b-ad8d-f9ce82fab28c
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56129\|YZcro
.postfun.com/	1970-01-19 22:48:17	Name: _gat Value: 1
www.postfun.com/	1969-12-31 23:59:59	Name: cityCode Value: FALKENSTEIN
www.postfun.com/	1969-12-31 23:59:59	Name: zipCode Value: 00000
www.postfun.com/	1969-12-31 23:59:59	Name: metroCode Value: 00
www.postfun.com/	1969-12-31 23:59:59	Name: regionCode Value: SN
www.postfun.com/	1969-12-31 23:59:59	Name: countryCode Value: DE
.doubleclick.net/	1970-01-20 08:09:53	Name: IDE Value: AHWqTUkHlgrA01r_1VuN-yTYk5vnPUmDDzeK3ThX6Ri2TKWpHEqiHD7Z-Nmp0Efo5ZQ
.postfun.com/	1970-01-20 00:57:53	Name: _fbp Value: fb.1.1637297054822.992961466
.ad.gt/	1970-01-20 16:19:29	Name: au_id Value: b91bc153-2b31-49c8-a99c-f3803bf1a2f6
.ad.gt/	1970-01-19 22:49:43	Name: au_idmatch Value: {"apn": "2021-11-19", "ttd": "2021-11-19", "pub": "2021-11-19", "adx": "2021-11-19", "halo": "2021-11-19", "goo": "2021-11-19", "rub": "2021-11-19", "smart": "2021-11-19", "ado": "2021-11-19"}
.adnxs.com/	1970-01-20 00:57:53	Name: uuid2 Value: 1055242745125871768
.doubleclick.net/	1970-01-19 22:48:20	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 00:57:53	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 00:57:53	Name: KADUSERCOOKIE Value: 0F19AA5A-ED49-44AC-9CC3-5552D33B2E72
.adsrvr.org/	1970-01-20 07:33:53	Name: TDID Value: ae3c68c7-67a1-4462-b7e6-6c94e19b2831
.casalemedia.com/	1970-01-20 00:57:53	Name: CMPS Value: 5235
.adnxs.com/	1970-01-20 00:57:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU)m=QIR!]tbPl1M>e)ZlrFUfJ+tGXxomAMJ(4UCUd2V]'Q'CFOw9F@i24YvqttKG'rjbpRzqF1`b^yj!0JY
.postfun.com/	1970-01-20 08:09:53	Name: __gads Value: ID=0fa0b5bc501d19bb:T=1637297054:S=ALNI_MZgxNnN3mmEYD9FjzROThIjWoO86A
.casalemedia.com/	1970-01-20 07:33:53	Name: CMID Value: YZcrn8FCv.KTfEfJXf4n9wAA
.casalemedia.com/	1970-01-20 00:57:53	Name: CMPRO Value: 1166
.casalemedia.com/	1970-01-19 22:49:43	Name: CMST Value: YZcrn2GXK58A
.casalemedia.com/	1970-01-20 07:33:53	Name: CMRUM3 Value: 2d61972b9f2760CAESEMW0fHb4Ibp5LJ1ydABSCeM
.redintelligence.net/	1970-01-20 00:57:53	Name: 8lcfmzhxc8d6_uid Value: df499fc71eefb49e
www.postfun.com/	1970-01-19 22:48:17	Name: outbrain_cid_fetch Value: true
.yahoo.com/	1970-01-20 07:34:14	Name: A3 Value: d=AQABBJ8rl2ECEL-B17SBB-3G7Vr4ePy-onoFEgEBAQF9mGGhYQAAAAAA_eMAAA&S=AQAAAohwRup-gueLhqdAIjK9uPk
.spotxchange.com/	1970-01-20 07:33:57	Name: audience Value: 59418ebf-48f3-11ec-9099-14f0ef8b0106
.demdex.net/	1970-01-20 03:07:29	Name: demdex Value: 85776120983510224494138976578972411684
.dpm.demdex.net/	1970-01-20 03:07:29	Name: dpm Value: 85776120983510224494138976578972411684
.ad.gt/	1970-01-20 16:19:29	Name: last_seeng_hosted Value: 1637297055387
.ad.gt/	1970-01-20 16:19:29	Name: g_hosted Value:
.ad.gt/	1970-01-20 16:19:29	Name: last_seenrub Value: 1637297055390
.ad.gt/	1970-01-20 16:19:29	Name: rub Value:
.ad.gt/	1970-01-20 16:19:29	Name: last_seenadnxs Value: 1637297055399
.ad.gt/	1970-01-20 16:19:29	Name: adnxs_id Value: 1055242745125871768
.ad.gt/	1970-01-20 16:19:29	Name: first_seenadnxs Value: 1637297055399
.ad.gt/	1970-01-20 16:19:29	Name: last_seenadx Value: 1637297055400
.ad.gt/	1970-01-20 16:19:29	Name: google_gid Value: CAESEOzLnCKi-cOcu1TRVUGRXnM
.ad.gt/	1970-01-20 16:19:29	Name: first_seenadx Value: 1637297055400
.ad.gt/	1970-01-20 16:19:29	Name: last_seenpbm Value: 1637297055402
.ad.gt/	1970-01-20 16:19:29	Name: pbm Value: 0F19AA5A-ED49-44AC-9CC3-5552D33B2E72
.ad.gt/	1970-01-20 16:19:29	Name: first_seenpbm Value: 1637297055402
.ad.gt/	1970-01-20 16:19:29	Name: last_seentd Value: 1637297055403
.ad.gt/	1970-01-20 16:19:29	Name: tdid Value: ae3c68c7-67a1-4462-b7e6-6c94e19b2831
.ad.gt/	1970-01-20 16:19:29	Name: first_seentd Value: 1637297055403
.ad.gt/	1970-01-20 16:19:29	Name: last_seenadb Value: 1637297055555
.ad.gt/	1970-01-20 16:19:29	Name: adb Value: 85776120983510224494138976578972411684
.smartadserver.com/	1970-01-20 08:17:05	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:17:05	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.travelaudience.com/	1970-01-20 08:17:05	Name: _tracker Value: %7B%22UUID%22%3A%2251A6F7D0-676E-47EC-802D-91CF4305B60F%22%7D
.simpli.fi/	1970-01-20 07:35:19	Name: suid Value: F602BB114BEB4468A9E26135972AA611
.bidswitch.net/	1970-01-20 07:33:53	Name: tuuid Value: ca59bd88-ca54-4b95-a9a4-250d83097638
.bidswitch.net/	1970-01-20 07:33:53	Name: c Value: 1637297055
.bidswitch.net/	1970-01-20 07:33:53	Name: tuuid_lu Value: 1637297055
.analytics.yahoo.com/	1970-01-20 07:35:19	Name: IDSYNC Value: 18yx~21m4
.lijit.com/	1970-01-20 07:33:53	Name: ljt_reader Value: 6768f8c4a19365f6d2d3eac4
.bidswitch.net/	1970-01-19 22:48:17	Name: google_push Value: AYg5qPJKAaanAL92_l7CVtmVRRfJak_NcnkWCKqClginfM-v0SvEabG5k-docJRxgZLiDGn2dXcMBUSMW0a2i3HBJpwySYTktQ
.smartadserver.com/	1970-01-20 08:17:05	Name: pid Value: 5194041544878791809
.smartadserver.com/	1970-01-20 08:17:05	Name: pdomid Value: 20
.de17a.com/	1970-01-20 07:26:41	Name: guid2 Value: 1.6570047483825993447
.ad.gt/	1970-01-20 16:19:29	Name: last_seenhaloid Value: 1637297055779
.ad.gt/	1970-01-20 16:19:29	Name: halo_id Value: 0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:19:29	Name: first_seenhaloid Value: 1637297055781
.ad.gt/	1970-01-20 16:19:29	Name: last_seenopenx Value: 1637297055811
.ad.gt/	1970-01-20 16:19:29	Name: openx_id Value: 5187a315-8219-4f10-af4f-faa89b8ba835
.3lift.com/	1970-01-20 00:57:53	Name: tluid Value: 3409472396413946947
.tribalfusion.com/	1970-01-20 00:57:53	Name: ANON_ID Value: aMns6ER3YWi7UXuRvsbgN3coYUg2CKOoJBTa2FTeZbdeHXZaRUONXhX1DZadDZdFP1W5pAZac7HDfBWwdMfQwILmF
.openx.net/	1970-01-19 23:09:53	Name: pd Value: v2\|1637297057\|gekin0vNiygu
.quantserve.com/	1970-01-20 08:18:31	Name: mc Value: 61972ba1-66385-451b4-d7ee5
.adsrvr.org/	1970-01-20 07:33:53	Name: TDCPM Value: CAESFAoFb3BlbngSCwic5dvvqMiVOhAFGAUgAigCMgsIprj7hb_IlToQBTgB
.openx.net/	1970-01-19 23:09:53	Name: univ_id Value: 537072971\|ae3c68c7-67a1-4462-b7e6-6c94e19b2831\|1637297057450905
.bing.com/	1970-01-20 08:09:53	Name: MUID Value: 16653D13EBF762490C692DE7EA25631F
.turn.com/	1970-01-20 03:07:29	Name: uid Value: 3417103018643327720
ads.avct.cloud/	1970-01-20 07:33:53	Name: uuid Value: 6399ce8b-5afb-44c0-bd8c-b95aac37de45
.creative-serving.com/	1970-01-20 08:09:53	Name: tuuid Value: 576e9250-27d9-4f9b-9d63-cca9f2b9e468
.creative-serving.com/	1970-01-20 08:09:53	Name: c Value: 1637297057
.creative-serving.com/	1970-01-20 08:09:53	Name: tuuid_lu Value: 1637297057
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 22:49:43	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2615:u=1:x=1:i=1637297057:t=1637383457:v=2:sig=AQEfE9daZupUmz2Tz_BSvLAxzKuveOsg"
.linkedin.com/	1970-01-20 16:20:10	Name: bcookie Value: "v=2&80f2db18-4ac3-42cf-8fb3-21bc9a18f859"
.linkedin.com/	1970-01-20 16:19:16	Name: li_gc Value: MTswOzE2MzcyOTcwNTc7MjswMjEkEBtE3Rm3F89A03o9BzsOsf0FqZlgUvpS2eCrWJyZ1g==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
worker	error	URL: blob:https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe Message: Mixed Content: The page at 'blob:https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe Message: Mixed Content: The page at 'blob:https://www.postfun.com/fd219772-b148-42ac-ba4a-fbbfb7bfdfbe' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZcrn8FCv-KTfEfJXf4n9wAABI4AAAAB&google_push=AYg5qPJfzIS1ZFD9j31_b3JmzRQ791cdtyVRvHENhYs5Tl89w7fZ3Fw5_2jmeLfRBAy5B8XY-AvCE-FbCgBId-3NAKH2tgIndbw&google_gid=CAESEJPfu-sgAQl34ZtPnnrBbSU&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=BOmByF2OmByF2BQABBENCi-AAAAp57v______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v83oA Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
9e19ad1654c09e19467567c4a7040c3f.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
ad.turn.com
ads.avct.cloud
ads.creative-serving.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics.webgains.io
ap.lijit.com
apex.go.sonobi.com
api.webgains.io
aufp.io
b1sync.zemanta.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.p-n.io
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
exchange.postrelease.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
hal900021.redintelligence.net
hal900028.redintelligence.net
hive-d.openx.net
htlb.casalemedia.com
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
k.p-n.io
match.adsrvr.org
p.ad.gt
pagead2.googlesyndication.com
pixel.quantserve.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.tribalfusion.com
s.update.hmstats.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
stats.g.doubleclick.net
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.postfun.com
x.bidswitch.net
cm.g.doubleclick.net
104.111.242.245
104.111.244.200
13.224.198.4
13.225.78.129
13.225.78.42
13.225.78.56
13.248.245.213
138.201.135.164
138.201.220.30
142.250.184.230
142.250.185.130
142.250.186.66
144.76.238.55
15.197.193.217
151.101.193.44
169.50.137.184
178.162.133.150
18.156.0.31
18.184.28.154
18.184.69.62
185.29.134.244
185.64.189.110
185.94.180.125
199.187.193.185
2.18.234.190
2.18.234.21
2001:678:cb4:bbbb::11
209.54.177.54
212.82.100.181
213.155.156.181
23.37.38.181
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:119:50e8:101::9002:f05
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:400c:c03::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.120.83.159
34.197.208.127
34.223.151.79
34.251.154.165
34.98.64.218
35.156.217.149
35.190.0.66
35.82.147.164
37.157.6.242
37.252.172.250
37.252.173.22
44.238.136.108
46.236.13.147
52.17.151.21
52.35.10.191
54.195.238.9
54.201.251.82
54.77.236.168
64.202.112.31
69.173.144.138
70.42.32.159
72.251.249.13
88.99.165.19
88.99.65.215
03ce3e84f58bbcbb24406b7a2574c441ebc869b4499af24af97bfc0bab66e2c2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05f4371705a7e002bdcecdef61f65b6fc02b57e61cd22a9313e25d9e834d728e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e8b527d838f03f5a56110cbbdace950c3ed3fa2705c229c7f972dcadc070b9
084f6476011a1c250d41279bc05a27a78c804a91bd11610eb2be4bb1b5a73c18
0924e6ae85bbf093056ea4960d428569c4228385e29cb0bbda7028439050561e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140810da82657235666370c8221e22d87f07ca4d6c3f2eb3331aeb8f30847f83
1a02ea9953641842f5c3cc8ba419a87418212286f77d00dd7901a3c78687bec5
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22ade17b678031d1dd0343b775c37d5d4ac8773c209732c8aed802e0656ecdd2
23a624358b3b67586dc0d1db7c833d6165f11c375364ae9269c9878caac553a3
2765298a0185a7c06cdbe23473c03404c0b2a04828234451d2118c1092924add
2addfd5f15b8882e929e89c65bc487342bfb12be82589dc1a38a1549c5ae05e0
2cc023c3d14b0030ac7e1963e6e849c7a4c6e5501362826295d4164364fc5b82
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36035b0d334c5daf4d6a3c95897e407764a025fb993085f8f305f497c7dafd9e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3cdc0c925eff3ae4dc79f0754869dcba8a4028456d941b7d265e8e0bab410c10
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
41e365250a82e0e0ee15c8661ca0efb65228a061f31c8ae3884127d0efa0d369
42985129d6dc0ac588c8b065d5ea472051c3734eabcba6ebb9129f931d4b96b0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467287f2d19d9e9c29a4151e5a8b3e4cf2257d11203a6c26a88a10fb90733192
46e558bbb5ed7f30fe605ac1d872ebe526056a6c7336a6737bb64bf07006a7b5
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
499d4dc834b725dcb9f69862927509d66251873f4ceeff9a6e838bb2fa1c8a85
4af4ee9f85e6d52bce2d968fe4f1aa46c0ee4c96f82392dd024bf331dc305f85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9f898165ae32b9ed1ce407dd2fd20799ce67766f190d42e4f2396130d6b89b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53aeeda58535862cc388c417d279dd056d8d2fb121cd4a7fc0ca2da0f5a805ec
57eef13e61abf71758d257faf8de5a20d315723f4c11d86e07e35b44aa09af1e
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d8d13c958e7f08ce7c2be4315fe352515b00c28047ff52c5205199a9a37581e
5fc5bab90dbb5772fd0cf6606aab15c997b7a073a776b6f6ac7b8a83e0dd2adf
612e0335f89be39f8de262510c628bf80ff424f679be8838caa3e3291e4573c3
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6a37fddb53fcdb6821121bc679997e2e1025cbe45ff54aa7134eb1e780ca7c64
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f71cd1f5ea28a2df59457535f645bad132abfb3d6d08b5286a2da6323f05734
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
7388e6eb1497245d36f5d5e65fd0cb7d196201fd5f2bef2afab452dbca8b8c3a
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
75ad566950298a23b6ce73ed61b4597ae66a72daf102daa806efd58c18fa7c3d
7743f7d6055e07f63440ca00b5a10f3c7a000f7644ffc75dceb2f2972a6a409f
7c7d0ee409907357cd1e30296f611efd59f5336358bf6da8a05793503123d099
7f59166cede1b29d613c38e7da6dcd9227fdb898893f6508356e2ca5ad7b7293
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
818f9c6e1d7e05a5f627bdae5cf975be252823161aa637095fd8fc0183dccef5
8352a0484081022114518db98c4f7bd828fff01a3bba53b1e9fe55e31602413e
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
869234019eb34d15b2dbb218719491fefae65f17cf1103eb6355da24783f6dc7
879fb23aea1cddd0f42db4b0314c031ecc7bfaa3c8781c2a9834ab32cb33055f
89082227eb43e2295815f3f62d29cdc5f806cfef98416d0b88539131f79b5af5
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d095e3911caba5e9479d91938bc8ed48d6918ade73e14101addaf599664c3e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eca5f3fee1a7879e3bd5893c24f6c498238326c8a9bb823651b8c5437525acd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94995fcea46f2c65fa54a0ea1742cbc58f97493b9cf09eb481c1fbc358754a99
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
94b97379f12d2447ebb089ec7d9141560303f5aa636750e82e4110d0fd9523e7
9537144bb39250368e21895ffb3a0e5c0f976a68b191729a73f247bb0608f2a3
963ad6c4331cb856f6b28c21aef39251cf60fe5b11b518fc70dad63d3f09ba97
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2234e62f9f4f714bd6e6fc3e8b65aaeac70fa57b670274528e472c3f2dd35dc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66427f8bfa07e3346dc98a6e75aaec903f79449ecb641b32498214b87b53bfc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cee29393aa4024d5f5412cfa2cfbab6bf6abcf6dc062113eac7181b6d0ba8c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aec9c483cb02e3e6cddf26308cb045a248b55f469f6bc46213c4b6f2b5984f16
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3ed9c9bc861fa868a53b26af8333f99a2e88080796109b11da39496c43d58bd
b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b985af57dc59fdf0a9743d410836168fdbceaa641b51d4e427f9edff6cc62625
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6d1fca9040272fd9341da48df6827bbea229b08574eadc105dc55fb5c2fc9f
bbf748d46da3706e8135544fa8c79ac18c3fcbef17563ec3c0329af90c5d57b7
bcc8d528699bc55e67d2175d9c589d74f268d97f27f6d0ee215513c91ce4e783
bd8e84c3b38f7911a6baf46e67659b5e59883028d7bba2ab35a13efd28ea218c
c2cb0a17b56bb861fba9a7f5a641323dd8058907799f33f2c4c06dcc9b0ba772
c32b66dae6aaac220d224bd147ce2e70a205a34bc53b62ca4f9eb0d7754ccfa4
c4ac4f93796434d67b6d3ba26ece7a57044825e4aa12808e9949820399a62e12
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c832a94c2e2d17be7327b2c19ac71007833e1d236859f40561a313b1b2682093
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc5efb4471f24c3aa1c2ef6848bcc5e6f0d3927e49949b8d8b17d274c6c3a75d
ccb1752079cc96ad148b45ce1309bfc86ef39e7066ae2d43329621fef204799c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4f8eab17b6146313f119019ab9abbb92035774d9580bea8615288eebf61acc1
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e01106c481aa457b0ace51a45bbbdfdaa23ac26125a985b0a6e85c943bc554f1
e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e9bbac6ecbcbd46820ae9165f18bb5ad8e58a243850e838d0680bb50e0b7b229
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f95c6a1faaed9c1a86fd709d76ae5b651cd4903f81f4141ae6c65f5891333f
f4d78eaddad6ec90355156468264d74aabc8949e2ec9f025bc3b81f569772de4
f6deec3cd80a67fa1a6ae65c4eedd6ba9b7deb7e6b07c9f5200c031cb3b8d5cc
f8ee0d666b3091eb93def38dd12b8f2a7009d640e6b0cf389cc35a2c4a425b09
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fcf506c590f36c891765335fbacfedd56ce42559204d869441d0e8ab6ecf93aa
fdedb81073048e6d4c3bf9fd35141ef6a8e5c965c29532f9ae2f5c09d82a83fc

www.postfun.com Open in urlscan Pro 104.111.244.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

353 Requests

85 %HTTPS

28 %IPv6

53 Domains

81 Subdomains

65 IPs

9 Countries

2702 kBTransfer

7490 kBSize

98 Cookies

9 Outgoing links

Page URL History

Redirected requests

353 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.postfun.com Open in urlscan Pro
104.111.244.200 Public Scan

Screenshot
Live screenshot

Full Image

353
Requests

85 %
HTTPS

28 %
IPv6

53
Domains

81
Subdomains

65
IPs

9
Countries

2702 kB
Transfer

7490 kB
Size

98
Cookies

353 HTTP transactions
8 data transactions